What Is Ethical Hacking and How Does It Work?

Sorry, not available in this language yet

English
日本語
简体中文

Polaris Platform | Integrated, cloud-based AST solution optimized for development and DevSecOps teams
fAST Static | Easy-to-use, cloud-based static application security testing (SAST)
fAST SCA | Automated, cloud-based software composition analys (SCA)
fAST Dynamic | Streamline dynamic application security testing

Coverity SAST | Address security and quality defects in code as it's being developed
Black Duck SCA | Secure and manage open source risks in applications and containers
WhiteHat Dynamic | Continuous web application security testing in production
Seeker IAST | Automate web security testing within your DevOps pipelines
Software Risk Manager ASPM | Manage application security programs at enterprise scale
Defensics Protocol Fuzzing | Identify defects and zero-day vulnerabilities in services and protocols

Code Sight IDE Plugin | Secure code as you write it in your IDE
DevSecOps Integrations | Integrate AppSec tools into DevOps workflows

Program Strategy & Planning | Measure, scale, and optimize your AppSec program
Threat & Risk Assessments | Understand and address internal and external security risks
Security Training | Equip development teams with the skills they need to produce more secure software
Implementation & Deployment | Optimize utilization, management and deployment of AppSec tools
Security Testing Services | On-demand AppSec testing resources and expertise
Penetration Testing | Identify business-critical vulnerabilities with on-demand testing expertise
Mobile Application Security Testing (MAST) | Security testing, optimized for the unique risks of mobile applications
Open Source & Security Audits | Comprehensive technical due diligence services for M&A

AI-generated code | Harness the power of AI coding assistants while managing the risks
API Security Testing | Manage software risks with a holistic API security testing program
AppSec Consolidation | Simplify your application security program
Application Security Testing | Solutions to address security risks at all stages of the application life cycle
DevSecOps | Solutions to help shift security left without slowing down your development teams
Software Supply Chain Security | Solutions to identify and manage software supply chain risks end-to-end
Manage AppSec Risk | Scale your application security program without increasing complexity or adding friction
Cloud & Container Security | Optimize your applications for secure deployment and operation in the cloud
Open Source License Compliance | Effective solutions for ensuring open source license compliance
M&A Due Diligence | Identify software risks that could negatively impact the value of acquired IP
Quality & Security Standards Compliance | Ensure your software complies with the standards critical to customers and regulators

Static Analysis (SAST) | Address security and quality defects in code as it's being developed
Software Composition Analysis (SCA) | Secure and manage open source risks in applications and containers
Dynamic Analysis (DAST) | Continuous web application security testing in production
Interactive Analysis (IAST) | Automate web security testing within your DevOps pipelines
Penetration Testing | Identify business-critical vulnerabilities with on-demand testing expertise
Mobile Application Security Testing (MAST) | On-demand security testing, optimized for the unique risks of mobile applications
Application Security Posture Mangagement (ASPM) | Manage application security programs at enterprise scale
Fuzz Testing | Identify defects and zero-day vulnerabilities in services and protocols

Financial Services | Protect sensitive customer and financial data from rapidly evolving security threats
IoT & Embedded | Ensure your embedded and IoT devices are safe, secure, and reliable
Automotive | Build software security & reliability into the modern connected car
Telecommunications | Create seamless and safe mobile experiences, from silicon to software
Aerospace & Defense | Solutions for automating mission-critical development
Public Sector | Application security for government agencies and their suppliers
Medical Device | Safeguard medical devices and applications

Dev and DevOps Teams | Build secure software while maintaining developer productivity and pipeline velocity.
Security Teams | Align people, processes, and technology to minimize software risk and transform your business.
Legal Teams | Solutions to protect your IP and manage risk.

Table of Contents

What are the key concepts of ethical hacking?
How are ethical hackers different from malicious hackers?
What are the skills and certifications for ethical hacking?
What problems does ethical hacking identify?
What are some limitations of ethical hacking?
How does Synopsys manage ethical hacking?

Definition

Ethical hacking is an authorized attempt to gain unauthorized access to a computer system, application, or data using the strategies and actions of malicious attackers. This practice helps identify security vulnerabilities that can then be resolved before a malicious attacker has the opportunity to exploit them.

Ethical hackers are security experts who perform these proactive security assessments to help improve an organization’s security posture. With prior approval from the organization or owner of an IT asset, the mission of an ethical hacker is the opposite of malicious hacking.

Penetration Testing: A Buyer's Guide

This guide details the benefits of pen testing, what to look for in a pen testing solution, and questions to ask potential vendors.

Download the guide

What are the key concepts of ethical hacking?

Hacking experts follow four key protocol concepts.

Stay legal. Obtain proper approval before accessing and performing a security assessment.
Define the scope. Determine the scope of the assessment so that the ethical hacker’s work remains legal and within the organization’s approved boundaries.
Disclose the findings. Notify the organization of all vulnerabilities discovered during the assessment, and provide remediation advice for resolving these vulnerabilities.
Respect data sensitivity. Depending on the data sensitivity, ethical hackers may have to agree to a nondisclosure agreement, in addition to other terms and conditions required by the assessed organization.

How are ethical hackers different than malicious hackers?

Ethical hackers use their knowledge and skills to secure and improve the technology of organizations. They provide an essential service by looking for vulnerabilities that can lead to a security breach, and they report the identified vulnerabilities to the organization. Additionally, they provide remediation advice. In many cases, ethical hackers also perform a retest to ensure the vulnerabilities are fully resolved.

The goal of malicious hackers is to gain unauthorized access to a resource (the more sensitive the better) for financial gain or personal recognition. Some malicious hackers deface websites or crash back-end servers for fun, reputation damage, or to cause financial loss. The methods used and vulnerabilities found remain unreported. They aren’t concerned with improving the organizations security posture.

What are the skills and certifications for ethical hacking?

An ethical hacker should have a wide range of computer skills. They often specialize, becoming subject matter experts on a particular area within the ethical hacking domain.

All ethical hackers should have

Expertise in scripting languages
Proficiency in operating systems
A thorough knowledge of networking
A solid foundation in the principles of information security

Some of the most well-known and acquired certifications include

What problems does ethical hacking identify?

Ethical hacking aims to mimic an actual attack to look for attack vectors against the target. The initial goal is to perform reconnaissance, gaining as much information as possible.

Once an ethical hacker gathers enough information, they use it to look for vulnerabilities. They perform this assessment using a combination of automated and manual testing. Even sophisticated systems can have complex countermeasure technologies that may be vulnerable.

In addition to uncovering vulnerabilities, ethical hackers use exploits against the vulnerabilities to prove how a malicious attacker could exploit it.

Some of the most common vulnerabilities discovered by ethical hackers include

Injection attacks
Broken authentication and authorization
Security misconfigurations
Business logic vulnerabilities
Use of components with known vulnerabilities
Sensitive data exposure
Vulnerability chaining

After the testing period, ethical hackers prepare a detailed report that includes additional details on the discovered vulnerabilities along with steps to patch or mitigate them.

What are some limitations of ethical hacking?

Scope. Ethical hackers cannot progress beyond a defined scope to make an attack successful. However, it’s not unreasonable to discuss out-of-scope attack potential with the organization.
Resources. Malicious hackers don’t have time constraints that ethical hackers often face. Computing power and budget are additional constraints of ethical hackers.
Methods. Some organizations ask experts to avoid test cases that lead the servers to crash (e.g., denial-of-service attacks).

How does Synopsys manage ethical hacking?

Synopsys offers managed penetration testing, also known as pen tests, for web applications and services. This security testing technique simulates a real-world attack on a system to identify vulnerabilities and weaknesses in systems and code. Using a blend of manual and tool-based testing, Synopsys managed penetration testing services provides a comprehensive assessment of a runtime environment with accurate results and actionable remediation guidance.

By opting for a managed penetration testing service provider, companies get access to security testing experts who can help them understand their security risks, meet compliance requirements, and enable in-house security teams to focus on other objectives.

- This glossary was verified by Chai Bhat.