What is ethical hacking?
Ethical hacking or penetration testing refers to the exploitation of an IT system with the permission of its owner in order to determine its vulnerabilities and weaknesses. It is an essential process of testing and validating an organization’s information security measures and maturity. The results of ethical hacking are typically used to recommend preventive and corrective countermeasures that mitigate the risk of a cyber attack.
An ethical hacker is an individual who is trusted to attempt to penetrate an organization’s networks and/or computer systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.
Attacking and defending
Protecting current systems and networks requires a broad understanding of attack strategies, and in-depth knowledge of the hacker’s tactics, tools, and motivations. Effective ethical hacking is based on knowledge of the system network, equipment, user interaction, policies, procedures, physical security, and business culture. The increasing use of social engineering attack methodologies demands that every tester is also aware of the organization and habits of its IT users (staff).
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and information security skills. It is the owner and creator of the renowned Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/Licensed Penetration Tester (LPT) certification, as well as many other certification schemes, that are offered in more than 87 countries globally.
Certified Ethical Hacker (CEH) qualification
Launched in 2003 by the EC-Council, the Certified Ethical Hacker (CEH) qualification is globally recognized as the vendor-neutral credential of choice for developing a senior career as an ethical hacker or penetration tester.
The purpose of the CEH credential is to:
- Establish and govern minimum standards for qualifying professional information security specialists in ethical hacking measures
- Inform the public that credentialed individuals meet or exceed the minimum standards
- Reinforce ethical hacking as a unique and self-regulating profession
Speak to an expert
For more information and guidance on penetration testing or packages IT Governance offers, please contact our experts who will be able to discuss your organizations needs further.