What is an Ethical Hacker?

Ethical hacking (also known as penetration testing) is a proactive form of information security. Businesses and organizations hire ethical hackers to help improve their networks, applications, and other computer systems in order to prevent data theft and fraud. One of the first examples of ethical hacking occurred in the 1970s when the US government used "red teams" to hack its own computer systems.

An ethical hacker uses the same techniques to bypass a system's defences as a malicious hacker, but rather than take advantage of any vulnerabilities they find, they provide advice on how to fix them so a company can improve its overall security. In order for hacking to be ethical, the hacker must have permission from the owner to probe their network and identify security risks.

What does an Ethical Hacker do?

Businesses and organizations hire ethical hackers to help improve their networks, applications, and other computer systems in order to prevent data theft and fraud.

The purpose of ethical hacking is to look at the security of a system or network's infrastructure. An ethical hacker will attempt to bypass system security, and find and expose any weak points that could be taken advantage of by a malicious hacker. Vulnerabilities are typically found in improper system configuration and in hardware or software flaws.

An ethical hacker is required to research, document and discuss their methods and security findings with management and IT teams. This intelligence is then used by businesses and organizations to improve their system security so as to minimize or eliminate any potential attacks. Ethical hackers will also provide feedback and verification as an organization fixes security issues.

Ethical hacking has grown within the information security market. Any business or organization that either provides an online service, or has a network connected to the Internet should think about subjecting it to a penetration test. Successful testing doesn't always mean a system is 100% secure, but it should be able to thwart unskilled hackers and automated attacks. The Payment Card Industry Data Security Standard require companies to conduct annual penetration tests, particularly if any major changes are made in their applications or infrastructure.

Many large companies maintain employee teams of ethical hackers, while there are plenty of firms that offer ethical hacking as a service.

Are you suited to be an ethical hacker?

Ethical hackers have distinct personalities. They tend to be enterprising individuals, which means they’re adventurous, ambitious, assertive, extroverted, energetic, enthusiastic, confident, and optimistic. They are dominant, persuasive, and motivational. Some of them are also investigative, meaning they’re intellectual, introspective, and inquisitive.

Does this sound like you? Take our free career test to find out if becoming an ethical hacker is right for you.

Take the free test now Learn more

What is the workplace of an Ethical Hacker like?

Ethical hackers work with organizations, businesses, the military, and the government to probe their networks for security holes and vulnerabilities while considering the mindset of someone who might have criminal motivations.

Ethical Hackers are also known as:
Penetration Tester Intrusion Tester Legal Hacker White Hat Hacker Certified Ethical Hacker CEH