Despite taking every precaution, IT-based systems and products are rarely completely free of security vulnerabilities. In order to detect and fix vulnerabilities and attack areas early on, software and hard-ware must endure rigorous security testing. However, cybersecurity researchers who report vulnerabili-ties responsibly and in the interest of common good (so-called “white hat hackers”) are currently at risk of criminal prosecution. The Fraunhofer Institute for Applied and Integrated Security AISEC has responded by developing an internal procedure based on best-practice processes for dealing with vul-nerabilities discovered by its researchers. Fraunhofer AISEC has also collaborated with the Sec4Research interdisciplinary research team to produce a white paper suggesting ways to improve the legal situation of “white hat hackers” from within the research community.
White Hat Hacking
Researchers at Fraunhofer AISEC develop high-quality security technologies to increase the reliability, trustworthiness and tamper-resistance of IT-based systems. The White Hat Hacking section is dedicated to the work of researchers who use hacking to make IT systems more secure.