Ethical hacking is the process of attempting to bypass an organizations security system in order to find any weaknesses or vulnerabilities that could be exploited by a real malicious hacker. The information discovered and gathered during ethical hacking can help an organization improve it’s security posture by highlighting security holes that need to be patched.
In order for ethical hacking to be ethical the ethical hacker must have explicit written permission to attempt to exploit the security system. The ethical hacker must also agree to disclose to the organization all vulnerabilities found so that the organization may fix them. Without permission from the organization and this agreement any hacking activity would definitely be considered unethical and possibly criminal.