![Rechtssicherheit Cybersecurity Blog Fraunhofer AISEC](https://www.cybersecurity.blog.aisec.fraunhofer.de/wp-content/uploads/2022/05/Rechtssicherheit_Cybersec_Ausschnitt_ps2-768x446.gif)
![Marc Schink](https://www.cybersecurity.blog.aisec.fraunhofer.de/wp-content/uploads/2022/05/Grau_Logo_Blog_Author-150x150.png)
Increased legal certainty for ‘white hat hackers’
Despite taking every precaution, IT-based systems and products are rarely completely free of security vulnerabilities. In order to detect and fix vulnerabilities and attack areas early on, software and hard-ware must endure rigorous security testing. However, cybersecurity researchers who report vulnerabili-ties responsibly and in the interest of common good (so-called “white hat hackers”) are currently at risk of criminal prosecution. The Fraunhofer Institute for Applied and Integrated Security AISEC has responded by developing an internal procedure based on best-practice processes for dealing with vul-nerabilities discovered by its researchers. Fraunhofer AISEC has also collaborated with the Sec4Research interdisciplinary research team to produce a white paper suggesting ways to improve the legal situation of “white hat hackers” from within the research community.