Yes / Web platform security has become a significant concern in the current cyber world. Adversaries constantly advance their skills and technologies to bypass modern cyber defence techniques to lure website vulnerabilities. In the cyber world, finding and mitigating vulnerabilities on the website is essential to avoid any damage to the organization. Two key techniques - vulnerability assessment and penetration testing - play a crucial role in identifying and mitigating these weaknesses. While vulnerability assessment scans the platform, revealing potential flaws, penetration testing goes a step further, simulating real-world attack scenarios to assess their true exploitability and possible damage. This paper compares automated scanning and manual penetration testing to evaluate the effectiveness of these techniques in uncovering vulnerabilities. The experimental results confirm that manual penetration testing is more effective than automated testing in terms of accuracy. Additionally, practical studies highlight the importance of a penetration tester's skills and experience in identifying and exploiting security weaknesses. Automated tools may also generate false positive results.
| Identifer | oai:union.ndltd.org:BRADFORD/oai:bradscholars.brad.ac.uk:10454/19971 |
| Date | 16 August 2024 |
| Creators | Rane, Nikhil, Qureshi, Amna |
| Publisher | IEEE |
| Source Sets | Bradford Scholars |
| Language | English, English |
| Detected Language | English |
| Type | Article, Accepted manuscript |
| Rights | © 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works., CC-BY |
Page generated in 0.0024 seconds