Using ethical hacking to ensure security
Ethical hacking, also known as internal security auditing, is an effective method to determine security vulnerabilities within IT architectures.
It is usually described as a controlled simulation of an attack against network resources in order to achieve a predetermined goal. That goal might be to find specific information on a server, determine if an outsider could disrupt operations for a significant period of time, or to modify Web content.
Ethical hacking is used to determine the reliability and strength of a firm's Internet security measures. Ethical hackers employ attacks, exploits and other techniques to audit and assess networks, servers and applications.
The practice first emerged within the U.S. intelligence community and military, when "tiger teams" or ethical hackers would simulate attacks against government IT assets to determine vulnerabilities. The teams would employ the same tools and techniques as malevolent intruders, but they would not cause any harm. Instead, they would evaluate the target systems' security and report back to the various departments with the vulnerabilities they found and instructions for how to remedy them.
[ Read more ]