"The team I work in uses both automated scanners, along with a few humans testing (minimum of 2)…   A good tester should know the weaknesses of the automated testers..

The problem with automated testers, is, simply put, they are not human.   That is they will not have intuition that a given function in a website is vulnerable.   When testing manually I find I get a feeling a function is vulnerable and then I concentrate on this perceived weakness..

Automated testers also only typically test some predefined vulnerabilities and although constantly being improved, they are far from perfect..

Automated testers do have their place however in greatly reducing the workload when security testing, allowing a lot of the tests which would usually take weeks to complete manually to be completed with a degree of confidence automatically.

My personal experience is they have a 25-30% valid findings rate of the vulnerabilities that we report in our assessments when setup correctly (less if not)."

Read more: http://www.itpro.co.uk/blogs/danj/2008/11/14/automated-security-testing-its-limitations/