The Evolution of Threat Detection: From Pentesting to PtaaS

Cybersecurity has come a long way since the computer was first invented. With the innovation of technology also comes the increased sophistication of cyberthreats. According to Cybersecurity Ventures, global cybercrime costs are expected to grow by 15% per year over the course of the next five years, reaching a staggering $10.5 trillion annually by 2025. As a result, security methodologies and efforts are evolving to meet the needs of a growing threat landscape. To understand how we got to where we are today, let’s take a look at where it all began. Here’s an overview of the evolution of cyberthreat detection, from pentesting to pentesting-as-a-service (PtaaS).

When Pentesting Started

James P. Anderson was one of the early pioneers and innovators of penetration testing back in the 1970s. James created an outline of steps needed to test security systems and how to identify vulnerabilities and then enlisted “Tiger Teams” to authorize attacks and exploit weaknesses. The Tiger Teams were security professionals named after specialized military groups and were the origin of pentesters and ethical hacking. The most notable project the Tiger Teams worked on with Anderson was helping to identify weaknesses and insufficiencies in the U.S. Air Force’s computer systems.

According to the Computer Security Technology Planning study, Anderson concluded that “The significant aspect of open use multilevel systems is that control over the user population implied by the homogeneous clearances required in closed systems no longer exists. Without such controls, there exists a threat that penetration of the system will be attempted by a malicious user.”

His discovery and penetration methods set the bar for what we know as pentesting today. With multiple access points into the system, he noted there is an increased risk of vulnerabilities and an increase in cyberattacks. Today, we see the same parallel with the massive shift to cloud adoption and the onset of distributed workforces. There are now many more multiple entry points to an organization’s information and security systems and those vulnerabilities have the potential to be exploited by bad actors. The fundamentals of what Anderson did in the 1970s to monitor for unusual activity across a multitude of systems to identify threats are still used today in modern pentesting.

Because computers were slower 50 years ago, planning and sharing results from pentesting took much longer compared to today’s ability to instantaneously share results and offer solutions. Back then, reports were often shared in a written report weeks after the pentest rather than shared immediately in a SaaS platform.

Sponsorships Available

Sponsorships Available

Sponsorships Available

As the world entered the new millennium, Agile and DevOps methodologies ruled the software development scene, increasing the need for more rapid feedback and the need for security to be embedded into the software development process from day one. This included leveraging automation to share information faster and enabled teams with specific tasks to start remediation right away.

The Rise of Software-as-a-Service

The tech boom of the 2000s put software-as-a-service at the forefront of enterprise technology. As the cloud became the primary delivery mechanism to delivery software, services and to enable on-demand resources that didn’t reside in the typical data center, the term “XaaS” caught on. Afterward, Silicon Valley startups popped up that used the cloud to deliver their service products, including, eventually,  pentesting-as-a-service (PtaaS).

Most cybersecurity professionals perform pentesting at least once a year. It can take several months to prepare, test and launch. This extended and lengthy timeline doesn’t include the remediation cycle. Waiting to get results and then making the recommended fixes is a very vulnerable time for organizations with regard to compliance and security. In today’s intense cyberthreat threatscape, once a year is just not frequent enough for most organizations.

It’s important to test on a regular basis; when organizations embrace the modern approach via PtaaS they are able to use tools like GitHub and Jira to remediate vulnerabilities right away. With PtaaS, organizations can proactively, quickly and affordably strengthen their security protocols and advance compliance.

The 2020s

It goes without saying that the pandemic accelerated every aspect of life including digital transformation. The pandemic also highlighted cybersecurity flaws as organizations shifted to remote work and sophisticated phishing and ransomware attacks preyed on susceptible individuals working from home.

It’s 2022, and the case for PtaaS is crystal clear. With PtaaS, there is a 48-hour ramp-up time and a two-week testing window that allows organizations to integrate testing throughout the software development life cycle. This is light years ahead of what pentesting looked like in the day of James P. Anderson which relied on a slower manual process rather than automation for administrative tasks.

The long wait times associated with traditional pentesting are now practically obsolete. And, according to Cobalt’s ROI of Modern Pentesting report:

• 88% of cybersecurity professionals surveyed noted pentesting helps their organizations build better processes and said they should allocate even more resources to preventative testing.
• 97% of cybersecurity professionals surveyed agreed that pentesting saves their company money in the long run by preventing security breaches and their associated penalties.
• 79% of cybersecurity professionals said that their department loses valuable time due to inefficiencies involved in the traditional pentesting format.