// THREAT DETECTION AND DATA PRIVACY TERM
Ethical Hacking
Ethical hacking involves authorized attempts to identify vulnerabilities in computer systems, applications, or data, mimicking the tactics of malicious hackers but with explicit permission. Its purpose is to improve an organization's security posture by finding weaknesses before they can be exploited by actual attackers.
TECHNICAL DEFINITION
Ethical hacking, often executed by certified ethical hackers (CEH), is an authorized cybersecurity practice involving simulated cyberattacks against systems, networks, or web applications to uncover exploitable vulnerabilities and security flaws, thereby enhancing an organization's defensive mechanisms and overall security posture against malicious actors and cyber threats through controlled penetration testing and vulnerability assessments.
BACKGROUND
Certified Ethical Hacker (CEH) is a qualification given by EC-Council and obtained by demonstrating knowledge of assessing the security of computer systems by looking for vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system. This knowledge is assessed by answering multiple choice questions regarding various ethical hacking techniques and tools. The code for the CEH exam is 312–50. This certification has now been made a baseline with a progression to the CEH (Practical), launched in March 2018, a test of penetration testing skills in a lab environment where the candidate must demonstrate the ability to apply techniques and use penetration testing tools to compromise various simulated systems within a virtual environment.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- White-hat hacking
- Penetration testing
- Security testing
- Vulnerability assessment
- Offensive security
- Red teaming
USAGE NOTE
Ethical hacking is a crucial component of a comprehensive cybersecurity strategy, helping organizations proactively identify and remediate security gaps.
DEVELOPERS
Organizations developing technology related to Ethical Hacking.
Develops Kali Linux, a popular open-source operating system for penetration testing and ethical hacking, and provides advanced ethical hacking training and certifications.
Offers various cybersecurity solutions, including the widely used Metasploit Framework for penetration testing and InsightVM for vulnerability management, essential tools for ethical hackers.
Known for Nessus, a comprehensive vulnerability scanner used by ethical hackers and security professionals to identify security weaknesses in systems and networks.
Creator of Burp Suite, the industry-standard toolset for web application security testing and ethical hacking, used for finding vulnerabilities in web applications.
Develops advanced penetration testing software such as Core Impact and Cobalt Strike, used by ethical hackers for simulating real-world attacks and assessing security posture.
A global cybersecurity firm providing ethical hacking, penetration testing, and red teaming services to assess and improve an organization's security defenses.
Provides extensive cybersecurity training and certifications, including specialized courses and research in ethical hacking, penetration testing, and incident response techniques.
Operates a leading bug bounty platform that connects ethical hackers (security researchers) with organizations to discover and report security vulnerabilities.