Ethical hacking is the legitimate investigation of system security flaws using tools and techniques known to be employed by hostile attackers. It is also known as penetration testing.
The main purpose of ethical hacking is to discover the risks which you may be exposed to. The main drawbacks are that
- It is at a single point in time.
- The hackers resources are constrained by time and money which may not be the case with an actual hacker.
- The ethical hacker may not have the requisite expertise.
As result ethical hacking should not be seen as a panacea. It should be complemented by other IT controls aimed at preventing or detecting unauthorised remote access including patch control management, strong access controls and monitoring use of systems.
