Ethical hacking, also known as penetration testing or "pen testing" happens when in a legal way it is sought to find a vulnerability in computers and devices so that a company's defenses are evaluated. Described as one of the activities of the cybersecurity area where you literally get paid to keep up with the latest technology and test systems without the threat of incurring a fault.
Every day, large companies involve ethical hackers to identify vulnerabilities within their systems and infrastructure. From the point of view of the tester (hacker), this practice puts the companies that practice it to a certain advantage, since by conducting a test of their defense systems, they are placing themselves one step ahead of a real attack.
This means that in the face of a real event, it would be complex and almost impossible for a hacker to access the systems, since previously these were tested and the problems found were corrected
No company really wants its business to be compromised, for this reason, firms incorporated into Fortune 500, pay companies that offer the ethical hacking service to have their servers and infrastructure evaluated before a possible real event in the future.
Among the companies that provide these services is CYE, based in Herzliya, the same one that developed the center for encryption and cybersecurity for the Israel Defense Forces.
No one wants their company's business to be hacked. And yet hundreds of Fortune 500 firms pay Reuven Aronashvili and his Herzliya-based CIE to break into their presumably secure servers.
CYE is based on the experience of "red team", Aronashvili developed in the Israel Defense Forces, where he established the Army center for encryption and cybersecurity. Vulnerabilities usually occur when an erroneous concentration of software opens an accidental door or where someone simply omitted something putting any company at risk.
In this case, the CYE team works closely with its clients to build defenses that the organization can use to ensure that the same attack does not happen with real hackers. On the other hand, it is estimated that only between 20% and 50% of vulnerabilities are repaired by companies.
Finally this is a valid practice and that undoubtedly the main advantage is to anticipate problems before they happen and even more so when cyber attacks have been on the rise during the COVID-19 crisis.