13 Feb
2024
8
min read

How to draw the line between Automation and Manual?

Drawing the line between automation and manual testing is a complex but important task in order to be able to leverage and optimise your testing by using both people and tools.

Thomas Ballin
Founder

If you look back 10-15 years ago, you basically needed a manual tester for everything. Manual testing was essential, there were very few automations that you could leverage. These days, that's not the case.

Automation can do about 80% of what a manual tester could do. However, in order to draw the line and understand where you're making the best use of tools and where you're making the best use of manual testing, you first have to look at what it is that you're testing.

So, if you look at a change and understand whether that change is going to introduce a business logic flaw or whether that change is going to introduce an SQL injection vulnerability, then you can make the determination about whether it's appropriate to be able to bring in a person and bring in a tool. There are things that only a person can do, but there are things that a tool can do better than a person.

You need to look change by change, this is something that can absolutely be solved with technology. You can look at these changes using technical solutions that are able to interpret and compartmentalise those changes to say "This one needs a person" or "this one needs a particular scanner" or even "this one needs a combination of both, but the person and the scanner need to focus on separate areas".

This has become even more true in the last year or two when LLM's have become more prevalent. The fact that you are able to interpet things like tickets and pull requests to be able to classify them at scale, understand those changes, and then determine what kinds of tools can be used to execute the changes is a massive opportunity to improve a security testing programme.

bug report

Get a Free Trial  From Cytix

Haven’t tried Cytix yet? Try our free trial to see how it works.

Get a Free Trial

Start Detecting Vulnerabilities Others Miss Today

  • Detect Vulnerabilities Faster
  • Patch Vulnerabilities Faster
  • Be more compliant
Learn More
business
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.