ethical hacker
Home > Security Definitions - Ethical hacker
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

ethical hacker

Show me everything on Security Testing and Ethical Hacking

DEFINITION - An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.

One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.

In a similar but distinct category, a hacktivist is more of a vigilante: detecting, sometimes reporting (and sometimes exploiting) security vulnerabilities as a form of social activism.

Learn more about Security Testing and Ethical Hacking
How security audits, vulnerability assessments and penetration tests differ: A lot of people use the words security audit, vulnerability assessment and penetration test interchangeably. Can you explain the differences between them so I'll know which term to use at the right ...
Ethical hacking techniques for standard penetration testing: I recently did a penetration test for one of our company's partners, only to find out that management had not obtained written permission from the partner for the test to be performed. The partner ...
Information security book excerpts and reviews: Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Screencast: Google hacking, infosec style: In this exclusive screencast step-by-step demo, Tom Bowers explains how to ensure an organization's intellectual property doesn't fall into the wrong hands.
Quiz: What's your infosec IQ?: Test your information security IQ with this short quiz.
The Controversy of Hacking Books and Classes: Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' Gray Hat Hacking.
Crash course: Vulnerability management: Is vulnerability management a measurable and proactive process in your organization? Attend our on-demand webcast, and learn new tactics for managing the vulnerability lifecycle.

LAST UPDATED: 09 Jun 2009

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- Risk Management's July 2003 cover story was "It takes a thief: Ethical hackers test your defenses."
- Sanctum offers a white paper called Ethical Hacking Techniques to Audit and Secure Web-enabled Applications.
- The Wall Street Journal Online has an article called "It Takes a Hacker."
- GoCertify explains Certification for Ethical Hackers.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Attackers zero in on Web application vulnerabilities
Secure coding and vulnerability scanning could mitigate many Web application attacks
What to do with network penetration test results
It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there.
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads.

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Cyber Storm  (SearchSecurity.com)
Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) February 6-10, 2006 to evaluate...
ethical worm  (SearchSecurity.com)




Get More ethical hacker Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts