What is a 'White Hat'

A white hat is an ethical, noncriminal practice used to improve computer and internet systems such as security and search engine optimization. White hat hackers are a valuable resource for organizations who want to identify their security weaknesses in an attempt to prevent criminal attacks.


White hats can be dubbed the "good guys" of hacking. They can research and find any lapses of security in software and then notify the owner of the system to fix it. Companies can gain a false sense of security after employing white hat hackers to identify security vulnerabilities. Since companies can change their systems and hackers can develop new techniques, the security threat is ongoing; and penetration testing should be ongoing as well. For example, white hats can identify a vulnerability that could cause invalid death certificates to be issued which criminals could take advantage of to claim fraudulent life insurance payouts or a vulnerability that could allow a power grid to be shut off remotely.

Famous white-hat hackers include Tim Berners-Lee — inventor of the World Wide Web, Apple’s Steve Wozniak and Jeff Moss — founder of the annual hacker conference Defcon.

White Hats, Gray Hats, Black Hats

There are three different types of hackers out there. White hats, gray hats and black hats. Black hats are the criminals of the group. They will scour for holes or backdoors in order to gain access to systems and use malicious software to steal data. They will typically sell this information to other black hats as well. Gray hats fall into the middle of the group, but instead of selling the information they access to a malevolent party, they will sell it to governments and other agencies, who, in turn, will use that for the good of the public. Some of these hackers can be contracted or they may act as their own independent agents.

Consider the case of the FBI, who took Apple to court over the iPhone of one of the San Bernardino shooters. The agency requested Apple unlock the iPhone in order to gain access to the shooter's personal information. Apple refused, citing privacy issues, and the case was then taken to court. The FBI later withdrew its case, saying a third-party managed to unlock the phone. Although the FBI never confirmed who gained access to the iPhone, it is likely that it was a gray hat hacker. 

White hat practices can be contrasted with black hat practices, which use unethical and even criminal methods for activities such as breaking into computer systems to steal information or cause damage, and misleading search engines into thinking a webpage’s content is more valuable than it is in order to increase traffic to that page and generate ad revenue or sales. Because cyber attacks from black hat hackers are such a significant threat, white hat hackers are a major asset to businesses, governments and the individuals those organizations serve, helping to protect profits, tax dollars, and reputations. White hat hackers even help technology companies, which could be surprisingly vulnerable, to protect their systems.

The catch-22 of teaching white hat practices to more individuals in an attempt to better protect computer-based systems is that white hat hackers use the same skills as black hat hackers. Penetration testing by white-hat hackers to look for weaknesses in a company’s software systems uses the same skills as criminal efforts to attack software systems.

White Hat Strategies

In terms of search engine optimization (SEO) practices, white hat strategies are those that completely follow the search engine’s rules. Websites that use these practices are less likely to be negatively affected by search engine algorithm updates, which are often aimed at making sure sites that use black hat practices don’t rise to the top of the search results. A gray hat strategy employs both white and black techniques to take some risk of increasing search engine traffic at the expense of bending the rules and potentially getting caught and penalized, but the risk is lower than that associated with a purely black hat strategy. Black hat strategies completely violate the search engine’s rules.

  1. Search Engine

    A search engine uses algorithms to filter indexed content, and ...
  2. Zero Day Attack

    Zero Day Attack is an attack that exploits a potentially serious ...
  3. SEO (Search Engine Optimization)

    SEO (Search Engine Optimization) aims to draw the greatest amount ...
  4. Black

    The term 'black' is used to refer to a company's profitability. ...
  5. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
  6. Black Box Model

    A black box model is a system using inputs and outputs to create ...
Related Articles
  1. Investing

    Red Hat: Why This Stock Is The Comeback Kid

    Red Hat was buoyed by a first-quarter earnings beat and an upgrade of its stock.
  2. Investing

    Red Hat Stock Jumps on Strong Earnings, Outlook

    Talk about ending a year with a bang: Open-source software leader Red Hat (NYSE: RHT) absolutely nailed its fourth quarter and fiscal 2016, which it reported Monday after the close, and its ...
  3. Tech

    The Top 5 Large-Cap Software Stocks for 2016

    Discover the top five large-cap software stocks for 2016, with a summary of each company and what will make the stock appreciate in the upcoming year.
  4. Investing

    WannaCry Hackers Threaten Another Microsoft Data Dump

    The hacking group behind the WannaCry attack are threatening another data dump.
  5. Tech

    Second Major Ethereum Hack In a Week Leads to $34 Million Theft

    Ethereum suffered two high-profile hacks in a span of just a few days.
  6. Investing

    12 Stocks That Will Push the S&P 500 Higher

    Goldman Sachs says sales growth will be the key ingredient driving stocks higher
  7. Investing

    3 Reasons These Five Stocks Will Outperform the S&P

    Through extensive screening, Barron's concludes that 3 major attributes boost stocks outperforming.
  8. Tech

    HBO Asks Hackers for Deadline Extension As It Scrambles to Acquire Bitcoin

    An email released by the hackers reveals HBO has asked for a deadline extension while it acquires bitcoin.
  9. Insights

    Hackers Demand Bitcoin Ransom for Stolen Disney Movie

    Disney’s upcoming Pirates of the Caribbean film is reportedly in the hands of ransom-seeking hackers.
  10. Personal Finance

    The Highest-Paying Engineering Careers

    Learn more about some of the highest-paying jobs in field of engineering. With just a bachelor's degree, most engineers in these jobs make well over $100,000.
  1. How do I calculate cost of goods sold (COGS) using the first in, first out (FIFO) ...

    Learn how to use the first in, first out, or FIFO, method of cost flow assumption to calculate the cost of goods sold, or ... Read Answer >>
  2. What is the difference between gross margin and contribution margin?

    Understand the difference between the gross margin and the contribution margin, including how they differ in calculation ... Read Answer >>
  3. How is the stock market affected by Thanksgiving and Black Friday?

    Thanksgiving and Black Friday sales numbers are considered to be important indicators for stock market activity throughout ... Read Answer >>
  4. Who are Microsoft's (MSFT) main competitors?

    Are you investing in Microsoft? Learn the main competitors of technology giant Microsoft and the stiff competition facing ... Read Answer >>
  5. What is the difference between revenue and sales?

    Revenue is the income a company generates before any expenses are taken out. Sales are the proceeds from the selling of goods ... Read Answer >>
Hot Definitions
  1. Net Present Value - NPV

    Net Present Value (NPV) is the difference between the present value of cash inflows and the present value of cash outflows ...
  2. Price-Earnings Ratio - P/E Ratio

    The Price-to-Earnings Ratio or P/E ratio is a ratio for valuing a company that measures its current share price relative ...
  3. Internal Rate of Return - IRR

    Internal Rate of Return (IRR) is a metric used in capital budgeting to estimate the profitability of potential investments.
  4. Limit Order

    An order placed with a brokerage to buy or sell a set number of shares at a specified price or better.
  5. Current Ratio

    The current ratio is a liquidity ratio that measures a company's ability to pay short-term and long-term obligations.
  6. Return on Investment (ROI)

    Return on Investment (ROI) is a performance measure used to evaluate the efficiency of an investment or compare the efficiency ...
Trading Center