The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all are while staying within legal limits. This philosophy stems from the proven practice of trying to catch a thief, by thinking like a thief. As technology advances and organization depend on technology increasingly, information assets have evolved into critical components of survival.

An Ethical hacker is one name given to a penetration tester. An ethical hacker is usually employed by an organization who trusts him to attempt to penetrate networks or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer security vulnerabilities. Illegal hacking (i.e.; gaining unauthorized access to computer systems) is a crime in most countries, but penetration testing done by request of the owner of the targeted system(s) or network(s) is not, except in Germany.