There is a constant argument over the question of who's more capable – the Black Hat Hacker or the White Hat hacker. The hope is that once a vulnerability or exploit is discovered by a White Hat, the company will mitigate the risk. They work with companies to improve their client's security posture at either the system or the network level, or finding vulnerabilities and exploits that could be used by a malicious or unauthorized user. Just like in the movies of the Wild West, White Hat hackers are considered the good guys. However, this is the definition that most people think of when they talk about White Hats and will work for our discussion. When compared to the definition of Black Hat, this omission becomes glaringly obvious. Although this definition works in most cases, there is no legal or ethical component associated with it. One definition of White Hat hackers includes those individuals who perform security assessments within a contractual agreement.
Thomas Wilhelm, in Professional Penetration Testing, 2010 White Hat Hackers
