Pentesting Success: How Automation Boosted Efficiency
Learn how a top European pentesting company revolutionized its operations with Keepnet’s social engineering simulation platform. By automating manual tasks, they reduced campaign time from 3 days to 20 minutes, saved $2,366 per test, and boosted revenue by 30%
Introduction
In Europe, a leading pentesting company gained prominence in online safety, serving over 2000 clients globally. Known for their high-quality work, accuracy, and reliability, they excelled in finding and fixing vulnerabilities in complex systems.
However, their pentesting operations, especially in social engineering simulations, were heavily manual. Each simulation required careful planning, from purchasing domains to creating phishing templates and generating detailed reports. This time-consuming process was becoming a significant resource issue.
Recognizing the need to evolve, the company looked for a solution to automate these tasks without compromising quality. Their goal was to improve efficiency, reduce turnaround time, and continue delivering top-tier services to their clients.
Successful Outcomes
Achieved significant annual cost savings of $2,366 per phishing campaign.
Reduced time spent on campaigns from 3 days to 20 minutes.
Reduced the false positives by up to 100%.
Boosted sales by up to 30%.
Gained unique capabilities like SMS, MFA, and Voice phishing simulations and differentiated its business.
Challenges Faced by the Pentester
1. Manual Overhead:
Delivery Issues: Ensuring test emails reach recipients' inboxes is difficult. Servers often block them due to suspicious links and attachments, requiring pentesters to find ways around these barriers.
Domain Management: Buying and managing domains for each simulation was slow and added complexity. Each domain needed to be credible and properly set up, involving extensive manual verification and configuration.
Custom Templates: Creating convincing phishing templates required technical skills and creativity. Each template needed to be unique and relevant, demanding significant effort.
Report Generation: After each simulation, pentesters manually compiled detailed reports, filtering out false positives and analyzing results, which extended the project duration.
Overall Time Consumption: The manual nature of operations meant a single social engineering test could take up to 3 days, consuming valuable time and adding stress, especially with multiple clients.
2. Financial Challenges:
Operational Costs: The manual processes were costly, averaging $100 per hour. A single test, taking three days, cost $2,400. This was a significant expense when scaled to multiple clients and projects.
Opportunity Costs: Time spent on manual tasks meant missed opportunities. The pentester could have taken on more projects or invested time in research and development to enhance their services.
3. Lack of Automation:
Repetitive Tasks: Many tasks, like sending phishing emails or collecting data, were repetitive. Without automation, each task required individual attention, making it difficult to scale operations.
Inconsistencies: Manual processes are prone to inconsistencies. Ensuring uniformity in simulations, especially for a global clientele, was challenging without automation.
Total Cost Saved Per Test
Avg. time to conduct a social engineering test | from 3 days to 20 minutes |
The average cost of one staff | $100 per hour |
The cost of a single social engineering test reduced | from $2,400 to $33,3 |
The total estimated cost savings are $2,366 per test. |
How the Pentester Company Enhanced Operations:
Gained new technologies like SMS, MFA, and Voice phishing simulations.
Decreased false positives by up to 100%, ensuring accurate and reliable simulation results.
Increased revenue by up to 30% due to enhanced efficiency and accuracy.
Provided customized training materials, equipping clients to handle real-world threats.
Reduced campaign time from 3 days to 20 minutes with automated phishing simulations.
Saved $2,366 per simulation, enhancing profitability and allowing resource reallocation.
Minimized manual labor by automating repetitive tasks, ensuring consistency in simulations.
Handled multiple projects simultaneously, meeting the growing demands of a global clientele.
Ensured secure communication and on-the-fly data verification, keeping sensitive information safe.
Robust security measures provided clients with peace of mind, adhering to the highest privacy and compliance standards.
Tailored materials to the diverse geographical locations of the customers, ensuring relevance and effectiveness.
Maintained access to the latest phishing tools and techniques, reflecting the ever-evolving landscape of phishing tactics.
Operational Results
Reduced time spent on campaigns from 3 days to 20 minutes.
Reduced false positives by up to 100%
Consistent quality of service for all clients, using advanced simulation tools.
Improved reputation in the industry with faster delivery and high-quality service.
Strategic Results
Saved $2,366 per phishing test.
Boosted revenue by up to 30%.
Gained more clients by delivering faster and better simulations.
Became a market leader in automated pentesting.
Added unique features like SMS, MFA, and Voice phishing simulations, making the business stand out.
"As a senior pentester, I pride myself and my team as unique, valuable, creative, and competitive professionals. With Keepnet, we have freed up more time, increased our efficiency, and reduced up to 95% of our social engineering working time, enabling us to focus on more important tasks. Keepnet's automation capabilities have also significantly reduced costs for our employers and clients. This leads to greater satisfaction and loyalty, making our team stand out from the rest."