In all of my years in the software industry I have never heard of a Certified Ethical Hacker. Today I got an email message inviting me to attend a class and become one. Got me to wondering and googling. Here is what Wikipedia said about it:
The Certified Ethical Hacker (C|EH) is a professional certification provided by the International Council of E-Commerce Consultants (EC-Council.) An Ethical Hacker is one name given to a Penetration Tester. An ethical hacker is usually employed by an organization who trusts him or her to attempt to penetrate networks and/or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer security vulnerabilities. Illegal hacking (i.e.; gaining unauthorized access to computer systems) is a crime in most countries, but penetration testing done by request of the owner of the targeted system(s) or network(s) is not.
Wonder what kind of deviousness would be required for such a position? It makes sense that large corporations need folks like this but it does surprise me that there are classes and certifications for them. I guess it is like other things in the software world - there is money to be made in training and certification.
I have a number of friends who (certified or not, I'm not sure) are ethical hackers/white hats. The service they provide is invaluable. And yes a fair amount of deviousness is required. ;-)
ReplyDelete