An ethical hacker is a cyber security professional authorised by a client to attack their systems in a controlled way so that real-world weaknesses can be identified and fixed before a malicious actor finds them. The term is often used interchangeably with penetration tester, although ethical hacking can also cover red team work, security research, and bug bounty participation.
A duplicate page note
This article duplicates the main “What is an ethical hacker” entry. Use the canonical version above for the full explanation, including scope, certifications, and the UK Computer Misuse Act 1990 legal framework that defines lawful ethical hacking. The two pages will be consolidated.
Quick reference
An ethical hacker (1) operates only with written authorisation from the target; (2) follows a defined scope and rules of engagement; (3) reports findings in plain English with clear remediation guidance; (4) holds recognised certifications such as OSCP or CREST CRT for credibility and (in regulated UK industries) for eligibility.
Related terms
See also: ethical hacker (main entry), penetration tester, penetration testing, and OSCP certification.
Leave a Reply