A certified ethical hacker
is a computer programmer hired by a business to attempt to break into a computer system with the purpose of discovering vulnerabilities and other things a malicious hacker could potentially exploit, resulting in significant damage.Ethical hackers use the same methods and programs as their harmful counterparts but instead of using them to cause problems, ethical hackers take copious notes and document everything. This information is then used to evaluate the security of a network and/or system infrastructure and then give advice on how to repair it, increasing the security and making it less vulnerable to attacks.The roots of ethical hacking go back to the 1970s when the US government employed ‘red teams’ to hack their own computer systems and has grown into a sizeable industry of its own ever since.What do ethical hackers do?
As the term hacking has negative connotations, these security professionals prefer to be called penetration testers
or in more casual terms, a white hat or legal hacker. Some ethical hackers
are employed full time by a business (e.g., IBM) to provide constant penetration testing and feedback, while others are commissioned on an as-needed basis by a business. A penetration testers job
is using the same technique as a malicious hacker, they use the vulnerabilities they discover to advise an organization on how to make their network and infrastructure more secure and less vulnerable to damage from malicious hackers with a desire to cause damage. Finally, in order to be a professional penetration tester and for this activity to be considered legal, it is imperative to have the express permission of the company to probe and test their network.How are ethical hackers perceived?
As the term ‘hacker’ is considered negative, in order to be seen in a more positive light, they prefer to be known as ‘penetration testers,’ as these security professionals consider themselves the ‘good guys’ who want to help safeguard a business and not the ‘bad guys’ whose goal is to cause damage.Information obtained and adapted