Tips for Finding Qualified Penetration Testers for Your Website

It’s a nightmare that has been faced by many business owners.  They spend an exorbitant amount of time and money putting together a specialized webpage to showcase their product, only to have that page ruined by a hacker who gets kicks from ruining other people’s hard work.  Many websites out there offer “automated penetration tests” which will see if your website is “hacker-proof.”  But the reality is that none of these can compare to hiring a good, qualified penetration tester to check over your website and see if it can be hacked and, if so, where the problems lie.  Here are some tips for finding this type of white hat hacker.

As with any skilled job, one of the first things you would want to look at is recommendations.  Check local colleges or computer companies to see if they offer certification classes for penetration testers.  Many groups offer regular, very popular courses in this subject and would be happy to either refer some of their experienced instructors or some of their more promising certification graduates.  Be sure to look for these type of credentials when hiring a penetration tester.

Another thing to look for with a white hat hacker is the ability to think creatively.  Too often, many people in the computer industry follow the step-by-step guidelines that they have always followed in their job.  This linear thinking is not going to be helpful with penetration testing.  Today’s hackers are creative, looking at your website as a potential puzzle the way some people approach a crossword or a Rubik’s Cube.  You need someone who can think just as creatively, looking not just at the likely avenues of attack but also at all of the potential areas that a hacker might try to compromise in taking down your website.

Unfortunately, perhaps one of the hardest areas to find with a good penetration tester is the ability to communicate the situation as simply as possible.  Many hackers have great skills when it comes to penetration testing, but when it comes time to explain what needs to be done they can’t communicate this to you or your website designer.  Asking them to sit down and explain a complex problem in the interview process will tell you if they can communicate this type of information.

Regardless of who you choose as your tester for your website, it is a very wise choice to find someone before you go live.  Taking the time to look over the site from top to bottom before putting it out there will prevent embarrassing situations from arising when you want your customers to be able to access your site.  Just remember what to look for in finding your white hat hacker.

This entry was posted in Cyber security, Ethical Hacking, Hacking, IT and Computer Security, Security Certification, Uncategorized and tagged , , . Bookmark the permalink.

Comments are closed.