--Originally published at Ce qui est chouette
Everyone’s on the payroll nowadays, even hackers. Like legit payroll, no more 1337 money for hackers. Ethical Hacking consists in exploiting any existing vulnerability in a system—usually that in some way accesses the network—through intrusion to verify and evaluate their physical and logical security. The idea is to prove that a system is vulnerable and where they are, so the organization that owns the system can take the appropriate preventive measures against attacks exploiting them.
Now don’t panic, ethical hackers or white hat hackers perform this penetration or intrusion tests in a controlled environment, trying to think as the attackers in order to find exploits in security, kind of undercover geeks . . . please don’t hack me.
How Can I Become One of These White Knights?!
Since, as an official ethical hacker, you’d be finding confidential information hanging around the exploits, your employers will be asking to see some kind of credentials before allowing you to poke around their systems without restriction. The response to who do you think you are? when making this type of proposition is to flaunt around some information security certifications.
To officially get the Ethical Hacker title, I suggest the Certified Ethical Hacking Certification from the EC-Council (International Council of Electronic Commerce Consultants)—primarily a professional certification body, also the orchestrator of a series of information security conferences and EC-University.
The purpose of this certification is detailed in their page:
- Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
- Inform the public that credentialed individuals meet or exceed the minimum standards.
- Reinforce ethical hacking as a unique and self-regulating profession.
Certifications are a nice way of going pro, as they help regulate professionals by providing employers with a base-knowledge that someone with that certificate has, these Certified Ethical Hackers should, in-theory, come with this basis out-of-the-box; for the certificated it serves as credentials, to back up the claims of granditude that tend to run amok in people’s CVs.
– Not a hacker, white nor black.
