Ethical Hacking is = Permission, Authorization
Ethical Hacking is testing or hacking the system with permission and authorization.
Ethical Hacking is:
Think like an attacker
Act like an Security Professional
Protect like a Guard
Ethical Hacking is not:
Hacking for fun
Using tools without understanding
Finding Vulnerability and go to hide.
Its about permission and authorization not by illegal and unauthorized way.
Ethical boundaries & laws (CFAA/GDPR overview)
Ethical Boundaries is about hacking under the permission not go out the boundary.
“CFAA” computer fraud and abuse act is an american law that describe the authorization.
“GDPR” is general data protection and regulation laws in europe that describes the authorization of data. That the data is belong to the people not to an organization.
Also describe protect the people not the server.
Responsible disclosure lifecycle
The responsible disclosure lifcycle describes the way to disclose the vulnerability. Means that if anyone found an vulnerability then don’t use it for personal use or hacking or damaging the system. Don’t public until the teams fix it.
There are steps involved to describe this lifecycle:
Discovery
Verify
Report Privately
Wait
Assist
Disclose
Top comments (0)