Ethical hacking

Updated: 05/06/2024 by Computer Hope
White hat

Ethical hacking describes hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and locate weak points that malicious users or software could exploit. An organization then uses this information to improve system security and minimize or eliminate potential breaches.

What constitutes ethical hacking?

For hacking to be deemed ethical, the hacker must obey the following guidelines:

  • Expressed (often written) permission to probe a network and attempt to identify and exploit potential security vulnerabilities.
  • Let the software developer or hardware manufacturer know of all the vulnerabilities you detected during your investigation.
  • Respect the individual's or company's privacy.
  • Close out your work. Don't leave anything open for you or someone else to use later.
Note

To protect yourself legally in a court of law, you must have a written and signed permission/contract for the assets you are probing, testing, or hacking.

The term "ethical hacker" has received criticism at times from people who say that there is no such thing as an "ethical" hacker. Hacking is hacking, no matter how you look at it, and those who engage in this activity are commonly called computer or cyber criminals. However, ethical hackers' have successfully worked with organizations to improve their systems' security.

How do I become an ethical hacker?

Interested individuals can work towards becoming a CEH (Certified Ethical Hacker). This certification is provided by the International Council of EC-Council (E-Commerce Consultants). The exam costs about $500 and consists of 125 multiple-choice questions. Before taking a CEH class or exam, you'll need to know computer security issues and terms. To get started, visit the links in the related information section on this web page.

BackBox, Bug bounty, Certifications, Computer abbreviations, Cyberwar, Ethics, Hacker, Hacktivism, Security terms, White hat