IT Security FAQ 5: What is ethical hacking vs malicious hacking? And what is a bug bounty hunter/program?

Ethical hacking is distinguished from malicious hacking by its positive intent, focusing on identifying and reporting vulnerabilities to enhance security rather than exploiting them for harmful purposes. While malicious hackers are often portrayed as criminals in popular media, ethical hackers, such as those at Detectify, act as security consultants committed to safeguarding systems by uncovering weaknesses. Companies often incentivize these ethical hackers through Bug Bounty Programs, offering financial rewards for discovering significant security breaches. As explained by Johan Edholm at Detectify, those engaged in such activities are known as Bug Bounty Hunters, as they seek vulnerabilities to earn these awards.