{"id":23816,"date":"2021-09-15T15:00:56","date_gmt":"2021-09-15T14:00:56","guid":{"rendered":"https:\/\/www.n-able.com\/?p=23816"},"modified":"2023-06-15T18:43:00","modified_gmt":"2023-06-15T17:43:00","slug":"how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","title":{"rendered":"How to better prioritize vulnerability remediation through automated penetration testing"},"content":{"rendered":"<p class=\"p5\">As most MSPs know, small- and medium-sized businesses are the most likely targets for cyberattacks. They lack many of the resources and infrastructure of their larger counterparts and a single cyberattack can be devastating.<\/p>\n<p class=\"p5\">Analyzing and remediating vulnerabilities is an essential part of any security program. But current vulnerability management processes spit out long lists of instances that may or may not need remediation. Without knowing which can be exploited and which can lead to a data breach, the MSP is left with a firehose of information that can be overwhelming.<\/p>\n<p class=\"p5\">Penetration testing replicates a hacker\u2019s techniques to identify the exploitable vulnerabilities and provide details on what information the hacker can access. This provides a much better way to determine what needs to be fixed to prevent a breach.<span class=\"Apple-converted-space\">\u00a0 <\/span>Unfortunately, penetration testing is primarily performed manually\u2014and by expensive, outscored, cybersecurity experts. The high cost limits the ability for MSPs to offer penetration testing as an ongoing service, which is why vulnerability scanning is still the primary method of analysis.<\/p>\n<p class=\"p5\">However, the advancement of artificial intelligence and machine learning has made true, automated penetration testing possible. Through automation, penetration testing should become the go-to strategy for vulnerability identification and remediation.<\/p>\n<h2 class=\"p8\">Preemptive testing is the best strategy<\/h2>\n<p class=\"p5\">Just as an intelligent automobile owner takes their vehicle for multiple checkups and oil changes throughout the year, a neglectful car owner only goes in when a problem occurs. Preemptive maintenance is an essential part of responsible ownership and worth the investment. In cybersecurity, an ounce of prevention is worth a pound of cure. Cyberattacks have skyrocketed in frequency since the pandemic and <a href=\"https:\/\/www.cpomagazine.com\/cyber-security\/average-cost-of-data-breach-hits-record-high-costs-multiply-\" target=\"_blank\" rel=\"noopener\"><span class=\"s1\">according to CPO Magazine<\/span><\/a>, the US bears the highest cost in the world for an average breach at just over $9 million.<\/p>\n<h2 class=\"p8\">Manual testing tactics are limited<\/h2>\n<p class=\"p5\">Penetration testing, and the subsequent remediation of vulnerabilities uncovered, is an excellent technique for preventing breaches and mitigating security threats<b>.<span class=\"Apple-converted-space\">\u00a0 <\/span><\/b>Unfortunately, there are many barriers to enjoying the full benefits it can offer.<\/p>\n<p class=\"p5\">It can take more than a month to get the results from a traditional, outsourced penetration test. Plus, there\u2019s the cost to consider. Depending on the size of the organization, the tests can cost $5k, $10k, or more for a one-time deal. And, most MSPs don\u2019t have the resources on staff to provide penetration testing, so they rely on partners to deliver these tests to their clients. This leaves very little margin for the MSP, and often means it doesn\u2019t make business sense for the MSP to offer it at all.<\/p>\n<h2 class=\"p8\">Automation changes the game<\/h2>\n<p class=\"p5\">Typically, penetration testing is performed manually by a cybersecurity expert.<span class=\"Apple-converted-space\">\u00a0 <\/span>Pentesters think like attackers, and good attackers have a routine which generally consists of:<\/p>\n<ol>\n<li class=\"p8\">Intelligence gathering<\/li>\n<li class=\"p8\">Scanning<\/li>\n<li class=\"p8\">Foothold access<\/li>\n<li class=\"p8\">Establish persistence<\/li>\n<li class=\"p8\">Exploitation<\/li>\n<li class=\"p8\">Post-exploitation and lateral movement<\/li>\n<\/ol>\n<p class=\"p5\">While it used to be necessary for these attacks to be performed manually, artificial intelligence and machine learning have made automating these processes a reality.<span class=\"Apple-converted-space\">\u00a0 <\/span>Automation allows the MSP to deploy the same tools, tactics, and decisions that a cyber expert would use in the manual test. Many organizations already <a href=\"https:\/\/www.n-able.com\/features\/automation?promo=blog\" target=\"_blank\" rel=\"noopener\"><span class=\"s1\">use automation to bolster their security<\/span><\/a>, so using it for penetration testing should be a natural transition.<\/p>\n<p class=\"p5\">Automation also drastically lowers the cost to deliver a test, meaning it can be offered monthly, quarterly, or any other schedule. This makes it possible to perform testing on the same frequency as vulnerability scanning, allowing for a continuous testing and remediation cycle. Automated tests also allow the MSP to use spare resources to better manage clients\u2019 cyber assets in other, more urgent ways.<\/p>\n<h2 class=\"p8\">Conclusion<\/h2>\n<p class=\"p5\">Automated penetration testing is the future of vulnerability analysis and remediation, allowing MSPs to provide testing on a scheduled frequency to regularly identify and prioritize true risk. This reduces costs and the time spent on remediation, and increases overall security for MSP clients.<\/p>\n<p>&nbsp;<\/p>\n<p class=\"p8\"><b><i>Alton Johnson<\/i><\/b><i>, founder &amp; principal security consultant, <\/i><a href=\"https:\/\/www.vonahi.io\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\"><i>Vonahi Security<\/i><\/span><\/a><span class=\"s3\"><i>,<\/i><\/span><i> <\/i><a href=\"https:\/\/www.vonahi.io\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\"><i>Automated Pentesting<\/i><\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<p class=\"p5\"><i>Vonahi Security is a member of the N&#8209;able MSP <\/i><a href=\"\/partnerships\/technology-alliance-program\" target=\"_blank\" rel=\"noopener\"><span class=\"s2\"><i>Technology Alliance Program (TAP)<\/i><\/span><\/a><i>. TAP is a growing group of trusted vendors we\u2019ve teamed up with to offer a variety of third-party integrations and services to help MSPs better serve their customers. This blog is part of the TAP blog series through which we will provide you with relevant and interesting guest blog contributions from our TAP members. <\/i><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Alton Johnson, founder &amp; principal security consultant, Vonahi Security, looks at how automated pen testing could be a game changer for MSPs.<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-23816","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How to better prioritize vulnerability remediation | N-able<\/title>\n<meta name=\"description\" content=\"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to better prioritize vulnerability remediation | N-able\" \/>\n<meta property=\"og:description\" content=\"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-15T14:00:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-15T17:43:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Guest\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guest\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\"},\"author\":{\"name\":\"Guest\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\"},\"headline\":\"How to better prioritize vulnerability remediation through automated penetration testing\",\"datePublished\":\"2021-09-15T15:00:56+01:00\",\"dateModified\":\"2023-06-15T17:43:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\"},\"wordCount\":729,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"articleSection\":[\"Security\",\"Technology Alliance Program\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\",\"url\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\",\"name\":\"How to better prioritize vulnerability remediation | N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\"},\"datePublished\":\"2021-09-15T15:00:56+01:00\",\"dateModified\":\"2023-06-15T17:43:00+00:00\",\"description\":\"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/pt-br\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to better prioritize vulnerability remediation through automated penetration testing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/pt-br?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\",\"name\":\"Guest\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"caption\":\"Guest\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to better prioritize vulnerability remediation | N-able","description":"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","og_locale":"pt_BR","og_type":"article","og_title":"How to better prioritize vulnerability remediation | N-able","og_description":"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.","og_url":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2021-09-15T14:00:56+00:00","article_modified_time":"2023-06-15T17:43:00+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Guest","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Guest","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing"},"author":{"name":"Guest","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7"},"headline":"How to better prioritize vulnerability remediation through automated penetration testing","datePublished":"2021-09-15T15:00:56+01:00","dateModified":"2023-06-15T17:43:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing"},"wordCount":729,"publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"articleSection":["Security","Technology Alliance Program"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","url":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing","name":"How to better prioritize vulnerability remediation | N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br#website"},"datePublished":"2021-09-15T15:00:56+01:00","dateModified":"2023-06-15T17:43:00+00:00","description":"Analyzing and remediating vulnerabilities is an essential part of any security program. Find out how automated penetration testing can help.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/how-to-better-prioritize-vulnerability-remediation-through-automated-penetration-testing#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/pt-br\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"How to better prioritize vulnerability remediation through automated penetration testing"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/pt-br#website","url":"https:\/\/www.n-able.com\/pt-br","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/pt-br?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/pt-br#organization","name":"N-able","url":"https:\/\/www.n-able.com\/pt-br","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7","name":"Guest","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","caption":"Guest"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/23816","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/comments?post=23816"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/23816\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/media?parent=23816"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}