BYOPT (Bring Your Own Pen Tester) A CyCognito Use Case for Pen Testing

By Phillip Wylie | June 2, 2022
Some Attack Surface Management (ASM) platform vendors provide an ASM solution that intends to fully replace pen testing, but at CyCognito we think a little differently. While some organizations may be fine with an ASM solution that automatically bundles in pen testing, for more companies I think CyCognito, supplemented with a dedicated pen testing team, is a better solution.

Pen Testing Challenges 

Pen testing and vulnerability management are important and necessary parts of a cybersecurity program, but that doesn’t mean that they don’t have their own complexity and issues. I’ve already gone in-depth about some of the gaps and challenges when performing pen tests in my blog post How To Get The Most Out Of Pen Tests, but, in short, they’re limited in time, resources, and scope. Depending on the scope of assets being tested, a pen testing team may be limited in the testing methods they can use, or they may miss some high-value assets that are outside their specific list. This can lead to inadequate reconnaissance and skipping open-source intelligence, which can limit asset discovery. Time limitations affect reconnaissance and inadequate discovery affects results: after all, you can’t test what you don’t know about.

Pen Testing Tools Evolution

Pen testing tools have evolved over the years. Prior to vulnerability scanners, pen testers were required to perform more in-depth reconnaissance and used more manual pen testing techniques. Before exploitation frameworks such as the Metasploit Framework, pen testers had to rely more heavily on manual testing techniques and individual exploits. These tools have made it easier, faster, and more efficient for pen testers to perform security assessments and are useful for new pen testers to get up to speed more quickly. For example, before the web application pen testing tool Burp Suite, pen testers would have to cobble together multiple tools to achieve the same functionality. 

Instead of replacing pen testing, CyCognito’s reconnaissance and vulnerability discovery tools can be used as part of the pen tester toolkit. CyCognito’s prioritization features, including the Remediation Planner, help pen testers focus on the critical assets that need the most attention instead of relying on scoped lists that may miss important assets or vulnerabilities. The vulnerabilities, stats, and other information CyCognito delivers can be used in pen test reports. The information from the Remediation Planner can provide information for the remediation guidance in the pen test report and the Exploit Intelligence in CyCognito gives pen testers guidance on how to exploit vulnerabilities by providing the exploit details and the steps to execute the exploit against vulnerable assets. This feature is especially useful for junior pen testers or vulnerability management team members. Leveraging CyCognito, pen testers can spend more time on the highest value work: exploiting vulnerabilities.

Using an EASM solution that enhances pen testers’ work instead of replacing pen testing with an ASM platform with a bundled pen testing service frees organizations to find the best pen testing solution for their own attack surface. You may have a vendor that is great at web application testing, and others that are great with infrastructure pen testing or cloud pen testing! You can also diversify the way you have your testing done by including bug bounties alongside your pen testing resources. 

When you leverage CyCognito as an extension of your evolved toolset, the insights and information generated by CyCognito are shared with your pen testers much like you might share the results of a vulnerability scan. The insights from CyCognito, however, are more like a full vulnerability assessment. CyCognito also tracks the results of your pen testers’ insights; once pen tests are completed and vulnerabilities are remediated, the status in the dashboard will be updated to show your organization’s improved security posture. 

Addressing Pen Testing Gaps

CyCognito extends the pen tester’s toolset and addresses the challenges that pen test teams face - such as time limitations, and inadequate reconnaissance including OSINT - and helps address gaps. By automating the tedious work of defining the attack surface and finding unknown assets for a complete asset inventory, CyCognito gives your organization the flexibility to customize your pen testing strategy. 

To learn more about the challenges and gaps of pen testing read my blog post How To Get The Most Out Of Pen Tests or reach out to me through email.

To learn more about CyCognito’s approach to attack surface management please watch our demo video or request a demo here. 


About Phillip Wylie

Offensive Security Evangelist, CyCognito | Phillip Wylie is a cybersecurity professional and offensive security SME with over 18 years of experience, over half of his career in offensive security. Wylie is the Tech Evangelism & Enablement Manager at CyCognito. He is a former college adjunct instructor and published author. He is the concept creator and co-author of The Pentester Blueprint: Starting a Career as an Ethical Hacker and was featured in the Tribe of Hackers: Red Team.


Start Eliminating Your Shadow Risk

Demo Request