Ethical Hacking Series: Who Performs the Test?

Ethical hacking is an integral part of Info Sec, but it is often misunderstood and overlooked. It’s the process of hacking for good, a testing process for a business’ new product or feature to ensure the code is secure and stable. But if this process isn’t taught to many programmers or info sec folks, how can a business owner know what to look for in an ethical hacker? How can they determine the right person for the job? Once you know what to look for in an ethical hacker, contracting the right person or team for the job won’t seem quite so ominous, so here’s what to look for in an ethical hacker.

Mindset

The elite of this world have security teams. The people hired for those positions are selected because they can put themselves in the shoes of an attacker, an adversary who has ill intentions for their target. Often because they have been in those shoes in the past, for instance, raiding a building, so they know what an attacker is likely to have planned and what methods they would have used. This is how your ethical hacker must think, they must know how to build a bomb and how to dismantle a bomb.

***Click here for full text***

Originally published at https://www.pwvconsultants.com on September 8, 2020.