Using ethical hacking to ensure security

Wednesday, 9 July 2003, 2:51 PM EST

Ethical hacking, also known as internal security auditing, is an effective method to determine security vulnerabilities within IT architectures.

It is usually described as a controlled simulation of an attack against network resources in order to achieve a predetermined goal. That goal might be to find specific information on a server, determine if an outsider could disrupt operations for a significant period of time, or to modify Web content.

Ethical hacking is used to determine the reliability and strength of a firm's Internet security measures. Ethical hackers employ attacks, exploits and other techniques to audit and assess networks, servers and applications.

The practice first emerged within the U.S. intelligence community and military, when "tiger teams" or ethical hackers would simulate attacks against government IT assets to determine vulnerabilities. The teams would employ the same tools and techniques as malevolent intruders, but they would not cause any harm. Instead, they would evaluate the target systems' security and report back to the various departments with the vulnerabilities they found and instructions for how to remedy them.

[ Read more ]




Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //