In the world of enterprise IT, the term “ethical hacker” is quickly gaining ground. But what do these professionals do? What does a day in the life of an ethical hacker look like?

On a very basic level, ethical hackers are professionals who break into corporate systems in order to spot weaknesses and vulnerabilities.

“Ethical hackers are essentially IT security experts, who use their knowledge to hack into systems, such as servers and employee computers to find any weaknesses in the security their employer has in place,” says Ryan Jones, digital marketing executive at Imaginaire Digital. “They will then create a report on the weaknesses they found and advise the best course of action.”

“An ethical hacker or penetration tester is a person who tests computer devices and networks looking for vulnerabilities,” adds Nathan House, CEO and founder of cybersecurity company StationX. “Rather than doing this with malicious or criminal intent they are doing it to report the vulnerabilities so they might be fixed.” (To learn more about what ethical hackers can do for organizations, see How Your Organization Can Benefit From Ethical Hacking.)

White Hat Professionals

Another term for ethical hackers is “white hats.” In contrast to black hat hackers, white hat hackers are like the internet’s polite burglars – they’re doing some of the same things that black hat hackers are doing, but not for destructive reasons.

“In order to be truly sure of one being protected, real attacks should happen on a system from the outside to simulate a real threat, and therefore be able to recognize it and fix it as soon as possible,” says Kaiss Bouali, managing partner and CTO at Iodeed. “There are firms that specialize in White Hat Hacking, where they have teams of special hackers who (work on pen testing) and present you with the security leaks, the steps needed to fix them, and the fees that they will charge you to fix them for you.”

The word “simulate” is important here.

To go back to the burglar analogy, if you have a lot of expensive and fancy things in your home, you can invest in locks, or, to get an additional level of security, you could hire someone to simulate a burglary. They might find an open window in the basement or some crawlspace that will allow them to get into the home and steal what you have. But when you invest in a simulated burglary beforehand, you know what to fix to make it even harder for unauthorized parties to gain access.

That’s what ethical hacking is, in a nutshell. It’s fooling around with systems in order to figure out where the weak points are – so that the client can fix them and prevent real hacking from ever occurring or damaging systems.

Ethical Hackers and Penetration Testing

One of the main jobs of an ethical hacker is to perform what’s called a “penetration test” or “pen test.”

“(Ethical hackers) use penetration testing as part of their arsenal in protecting their clients’ systems from cybercrime,” says Karen Franse of Communication Strategy Group, talking about how a company called SRC Technologies uses a firm called Synack to outsource ethical hacking.

Think about this — companies have a wide spectrum of automation tools to help them to catch vulnerabilities in a system. Digital tools might scan for open network access points, issues with an API, weak password systems, or any number of other potential problems. But they do this on an automated basis. Without an ethical hacker in the captain’s chair, there’s no human oversight.

The ethical hacker adds that human element. He or she sits at the decision point, and the neat new security tools that software vendors offer act as decision-support software. You can think about the ethical hacker as the orchestrator of all of these automated tools, spotting their successes and failures with a keen eye.

However, one of the most foundational parts of penetration testing is the reporting that happens afterward.

Ethical hackers will go back to clients and show them exactly what happened during the penetration test. If there was a breach or penetration, that vulnerability is fixed. This really tightens the perimeter, thins the attack surface, and protects companies from harm.

Ethical Hackers, Social Engineering and User Awareness

Here’s another big part of what ethical hackers do.

The term “social engineering” has been used to refer to all of those hacking efforts that try to get access by tricking an end user.

Those email spoofing attacks? Social engineering.

Spear-phishing is another common form of social engineering where malicious parties impersonate insiders or use other means to try to lure end users to give up valuable data or network access credentials. In some cases, they simply spoof a payroll window and get employees to give up their financial information.

All of this is usually pretty destructive — so companies hire ethical hackers to simulate these types of attacks, and then find weak points and report back. But the next and final step is user awareness training. The company invests in showing every employee what to look out for, and they grow a savvier employee base, a workforce that is not a mark for all of these unscrupulous black hat hackers. (Can ethical hackers to get into legal trouble while doing their jobs? Learn more in Do Ethical Hackers Need Legal Protection?)

Qualifications for Ethical Hackers

In fact, qualifications abound in the world of ethical hacking. Companies want to know that professionals are well experienced and licensed to perform penetration tests and do other kinds of white hat security work.

One thing that companies often request is that ethical hackers be skilled in the three critical parts of the internet: surface web, deep web and dark web. This Medium piece shows how these three sections of the web differ and what that means for security professionals.

There’s also Tactics Techniques and Procedures or TTP, a protocol for credentialing ethical hacking, as well as Open Source Intelligence (OSINT) certification.

Other qualifications include:

Ethical hackers work on the vanguard of security conditioning for companies, and in the grand scheme of things they can be vital in protecting an organization from threats.