One of the first instances of an ethical hack being used was a "security evaluation" conducted by the United States Air Force, in which the Multics operating systems was tested for "potential use as a two-level (secret/top secret) system." The evaluation determined that while Multics was "significantly better than other conventional systems," it also had "... vulnerabilities in hardware security, software security and procedural security" that could be uncovered with "a relatively low level of effort."[7] The authors performed their tests under a guideline of realism, so their results would accurately represent the kinds of access an intruder could potentially achieve. They performed tests involving simple information-gathering exercises, as well as outright attacks upon the system that might damage its integrity; both results were of interest to the target audience. There are several other now unclassified reports describing ethical hacking activities within the US Military.
A white hat (or a white hat hacker) is an ethical computer hacker,or a computer security expert, who specializes in penetration testing and other testing methodologies that ensure the security of an organization's information system.Ethical Hacking is a term meant to imply a broader category than just penetration testing.[2][3] Contrasted with the black hat, a malicious hacker, the name comes from Western films.There is a third kind hacker known as a grey hat who hacks with good intentions but at times without permission.White hackers may also work in teams called tiger teams.
A good "White Hat" is a competitive skillful employee for an enterprise since they can be a counter measure to find the bugs to protect the enterprise network environment. Therefore, a good "White Hat" could bring unexpected benefits in reducing the risk across systems, applications, and endpoints for an enterprise.