DEV Community

Intesar Shannan Mohammed
Intesar Shannan Mohammed

Posted on

Bug Bounty vs. Security Scanner

A lot of folks don't know the difference between a bug bounty program and automated security scans. Here is a cheat sheet to quickly learn the major differences.

Synonyms

Security scanner is also known as a web application scanner or DAST. DAST stands for Dynamic Application Security Testing.

DAST is the process of testing web, mobile, and API applications to find vulnerabilities and security bugs through simulated testing.

Ethical hacking is interchangeably used with these synonyms i.e. Penetration Testing or Pen Testing or Ethical Hacking or Security Testing or Bug Bounty Programs.

Definition

DAST stands for Dynamic Application Security Testing. It is the process of testing web, mobile, and API applications to find vulnerabilities and security bugs through an automated approach.

Ethical hacking Is the process of finding security bugs through human intelligence.
Most security testers might use and modify automated tools to find hard-to-find vulnerabilities.

Code Access

DAST: No code access is required. Most of the tools are language and technology agnostic
Ethical Hacking: No code access is required. Internal technology stack knowledge helps create tailored tests

Live Traffic Access:

No access to live traffic is required by both

Support Technology Stacks:

DAST requires different tools for Web, Mobile, REST API, GraphQL, etc.

Ethical Hacking deploys all kinds of techniques including, manual web/mobile UI fuzzing, Burp tests for web/APIs, shell scripts, etc.

Common Vulnerabilities Found

With DAST we can usually find SQLi, XSS, Server Configuration, etc.

Ethical Hacking is commonly used to find Zero-day, logic flaws, unauthorized data access, account takeovers, access to PII/financial data, etc.
Pros

DAST can run continuously against the dev environment

Ethical Hacking find hard-to-find vulnerabilities
Cons

DAST has limited coverage and finds less-frequently found issues

Ethical Hacking is done less frequently, most companies perform penetration testing once every 3/6/12 months.

Cost

DAST needs Low-cost whereas Ethical Hacking is always high in cost.

Developer Friendly

Scanner findings are spread across production setup and code. Not all findings require developers to fix them. E.g. server configurations, SSL, etc, require the DevOps or the production support team to fix it.
The developers hate or don’t get a lot of the suggestions. Working with developers is a major pain point.

When it comes to Ethical Hacking, most findings require developers to fix the issues and are code-related problems which are regular bugs. Developers get most of the issues and they will happily add them to their bug list.

Popular Tools

Free API Scanner
https://apisec-inc.github.io/pentest/

Qualys Web app Scanner
https://www.qualys.com/apps/web-app-scanning/

Mobile App Scanner
https://www.ostorlab.co/

Bug Bounty Program
https://www.hackerone.com/

Web app testing
https://portswigger.net/burp/communitydownload

Discussion (0)