What is ethical hacking and how is it different from hacking as we know it?

Pick up any security research report and India will be among toppers as far as data breaches and cyberattacks are concerned. While individuals are also at risk of being targeted by hackers, companies find themselves especially vulnerable as they have reams of confidential information, such as customer data or trade secrets, to secure.
 
This is where an independent ethical hacker — also known as a bug bounty hunter — can help companies. 
 
Many of them are drawn from the ranks of security researchers and certified cybersecurity professionals. 
 
They patrol the web and scan systems for gaps through which malicious hackers can sneak in, and then alert the companies about these gaps. 
 
In return, these companies reward them with cash or kind.
 
But, what is ethical hacking?
 
Ethical hacking refers to attempting to gain unauthorised access to a computer system, application, or data with prior approval from the owner of the asset.
 
Also known as white hats, ethical hackers duplicate the strategies and actions of bad actors who are called black-hat hackers. 
 
White hats help identify vulnerabilities that can then be resolved before a black hat has the opportunity to exploit them.
Being aware that the discovery of such gaps cannot be left to chance, some companies have started actively employing the services of these bug bounty hunters.
 
Zerodha, an online brokerage firm, is one of them. Its Chief Technical Officer, Kailash Nadh, says that in-house teams cannot ensure that the system is fully secure by themselves. 
 
Nadh says that having ethical hackers or security engineers is essential. He adds that though the company has an internal security team, it also has a bug bounty programme and employs external white-hat hackers to regularly test its systems from the outside.
 
However, the problem is that even today, only a handful of companies understand or acknowledge the work done by ethical hackers. 

Watch video