What Does a “white hat hacker” Do? Questions About Vulnerability Hunters

Surveys show that hackers most often do not look for profit or easy money, but want to test their strength, to solve a puzzle in the form of protecting a company. At the same time, not everyone wants to break the law and take risks. Fortunately, in recent years a community of white hackers has been actively forming, and the demand for their services is growing, especially among large companies. In this article, with the help of experts, we will look into who white hackers are, what they have to do with hats, how to become a white hat hacker and why it might be necessary.

What does a white hacker do?

White hackers, or ethical hackers, help companies find and fix security breaches. Such hackers act on requests from companies, which can be found on various sites, and hire a hacker. It’s important to remember that hacking into companies that didn’t ask for it can get you sued, even if you didn’t use their information in any way. The same goes for Wi-Fi hacking.

White hat hackers try not to disrupt company operations with their activities – for example, they will not test resistance to DDoS attacks in the middle of the workday.

Who are “white hats” and “black hats”?

White hackers are often called white hats and evil hackers are often called black hats. These names came about because of westerns, where the good guys wore white hats and the bad guys wore black hats.

The main motivation for white hats is to develop their skills and use them for the benefit of the companies they work for. The primary motivation of black hats is to benefit no matter what.

In addition to white and black hats, gray hats are common. These hackers usually have no criminal intent in hacking, but may hack the products of companies that have not published a request for verification, and if they get their hands on data that can be sold, may take advantage of the opportunity.

Who are the “blue hat,” “green hat,” and “red hat”?

While black, white, and gray hats are generally understandable, colored hats are much less common. Nevertheless, they are sometimes used.

The blue hat is essentially the same as the white hat but in Microsoft terminology. This company actively promotes the audit of the product by hackers before releasing it to the market. They also founded the Microsoft BlueHat Conference, which is dedicated to white hat hacking and information security. You can only get in by invitation.

Interestingly, in some circles, blue hats are people who decided to hack someone out of revenge because of some event in their life. At the same time in the rest of the hackers, art does not interest them. A striking example is the main character of the game Watchdogs.

Green hat – new hackers, who have not yet enough experience and skills, but who are actively learning and practicing hacking with the help of special resources.

Red hat – a hacker whose main goal is to fight against black hats. But while white hackers try to prevent attacks and strengthen their defenses, red hats want to punish malicious hackers, and having found one of them, they can launch a full-scale attack against him.

How much does a white hat hacker earn?

The earnings of white hat hackers depend on many factors, ranging from their skills to simple luck. For many, ethical hacking is a hobby or occasional occupation rather than a full-time job. But in a 2019 survey, the HackerOne platform found that already 7 people, mostly hacking, have earned more than $1,000,000, another 13 have earned $500,000, and another 146 have earned $100,000. The BBC writes in its article that the most successful white hats are hackers who can make more than $350,000 a year, and bug bounty programs pay companies up to $50,000 a month.