Ataque a un
sistema autorizado y controlado por el propietario del sistema. Tiene como
objeto adelantarse a ataques reales para descubrir vulnerabilidades antes de
que sean explotadas.
Se denomina a
la realización de un análisis de seguridad de una infraestructura TIC
ayudándose de técnicas de hacking, su finalidad es la realización de ataque
controlados cuyo fin es conocer la seguridad de los sistemas y aplicaciones,
así como los fallos o brechas de seguridad para que puedan ser corregidas.
http://www.inteco.es/glossary/Formacion/Glosario/
White hat describes a hacker
(or, if you prefer, cracker) who identifies a security weakness in a computer
system or network but, instead of taking malicious advantage of it, exposes the
weakness in a way that will allow the system's owners to fix the breach before
it can be taken advantage by others (such as black hat hackers.) Methods of
telling the owners about it range from a simple phone call through sending an
e-mail note to a Webmaster or administrator all the way to leaving an
electronic "calling card" in the system that makes it obvious that
security has been breached.
http://searchsecurity.techtarget.com/
An ethical hacker is a
computer and network expert who attacks a security system on behalf of its
owners, seeking vulnerabilities that a malicious hacker could exploit. To test
a security system, ethical hackers use the same methods as their less
principled counterparts, but report problems instead of taking advantage of
them. Ethical hacking is also known as penetration testing, intrusion testing,
and red teaming. An ethical hacker is sometimes called a white hat, a term that
comes from old Western movies, where the "good guy" wore a white hat
and the "bad guy" wore a black hat.
http://searchsoftwarequality.techtarget.com/glossary/
A white hat is a computer
hacker who works to find and fix computer security risks. White hat consultants
are often hired to attempt to break into their client's network to see if all
security holes have been addressed.
http://cyber.law.harvard.edu/cybersecurity/Keyword_Index_and_Glossary_of_Core_Ideas