Security testing with or without prior knowledge?

Security tests are executed either with (white-box/grey-box) or without (black-box) foreknowledge. Web Security Scan advises its customers to conduct security tests with prior knowledge (white-box/grey-box), such as login accounts or access to the database. The advantage is that security researchers have a more complete picture of the web application and its underlying infrastructure, and are able to zoom-in on specific matters deeper and quicker, resulting in more complete and accurate findings within the available time.

Security tests without foreknowledge (black-box) simulates a real life hacking situation. However, it will take up more time to scrutinize the application, at the expense of available time for investigating other parts of the application.