Certified Ethical Hacking: Staying Ahead of Vulnerabilities

Updated: June 24, 2009

It's certainly a dark and dangerous cyberworld out there. What's a company to do? SECNAP Network Security Corporation suggests employing Certified Ethical Hackers (or outsourcing to a company like SECNAP) to help flesh out vulnerabilities using the tactics of criminal hackers, before they can be found and exploited. According to SECNAP, Certified Ethical Hackers are given permission by the client to poke around systems and websites, staying within the confines of the law. Basically, these security experts are trained to look at the systems in a new way - not with the company's internal workings in mind, but with how other, more sinister minds would think about them.

SECNAP got into the Certified Ethical Hacking aspect of security a few years ago, recognizing that security risks are constantly evolving, and thus the techniques to mitigate them need to evolve as well.

"We began encouraging our audit staff to obtain ethical hacker certification a couple of years ago. Being well-equipped to recognize new threats and utilize new techniques against those threats enables them to stay ahead of criminal hackers," says Amy Hancock, marketing communications specialist for SECNAP Network Security Corporation. "Our key auditors are also Certified Information Systems Security Professionals (CISSP), Certified Information Security Managers (CISM), and Certified Information Systems Auditors (CISA). They keep their credentials current by undergoing periodic professional training and reading professional journals and security news."

SECNAP Network Security offers ethical hacking as part of its overall security solution for clients. It combines it with IT security audits, external penetration testing, wireless audits and more. So, how does this added element really help keep a company's systems and website more secure? "CEH training teaches how to think creatively, as a hacker would, and how to spot tell-tale signs. Often, knowing the characteristics of certain malware or cybercrime tools aids in identifying the specific crime and in selecting the appropriate counter-measure," says Hancock. "For example, a key feature of a worm is that it can replicate itself without user intervention. CEH training covers the key features of worms versus viruses, as well as a wider range of knowledge, from footprinting and firewalking, to the types of scans most effective against particular hacking methodologies."

Related Categories
Featured Research
  • Baselining Best Practices

    IT must ensure new applications are rolled out quickly, reliably, and without risk, while at the same time guaranteeing performance and availability. Read this VirtualWisdom white paper to find out how to achieve application-aligned infrastructure performance, and more. more

  • Next Generation End User Experience Management: APM

    In an era of new technologies and cloud-based application delivery models, your business success depends on your ability to ensure optimal application performance and quality user experiences at all times. This complimentary white paper from AppNeta will enlighten you to the new frontiers in end user experience management and much more. more

  • Video: Create an Integrated, Collaborative Microsoft Lync Environment

    Consider HP as your Microsoft Lync Solutions provider! more

  • Optimizing Application Delivery to the Network Edge

    Increasingly, the success of business is being tied to the network. The transformation of the network and IT can help organizations deliver and support highly available applications and services while reacting more quickly to changes in the business environment. In this complimentary white paper from IDC, learn how HP can help its customers and partners improve the overall application experience. more

  • Networking Routers Buyer's Guide for SMB & Enterprise

    This buyer's guide presents an overview of leading products on the market today and aims to improve research for companies needing to purchase or upgrade their equipment. more