A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks. However, unlike black hat hackers, white hat hackers respect the rule of law as it applies to hacking.
White hat hackers, also called ethical hackers, only seek vulnerabilities or exploits when they are legally permitted to do so. White hats may do their research on open source software, as well as on software or systems that they own or that they have been authorized to investigate, including products and services that operate bug bounty programs. Unlike black or gray hat hackers, white hats disclose all the vulnerabilities they find to the company or owner who is responsible for fixing the flaws so the issues can be fixed before they are exploited by malicious actors.Often, white hat hackers are security researchers who work independently or with other researchers, but some white hats are full-time employees with the company for which they research vulnerabilities and exploits. Independent researchers or contractors may disclose vulnerabilities separately, but some companies also have bug bounty programs through which security flaws can be disclosed for reward money.