An individual, highly trained skilled, that employs hacking know-how and skills to spot security flaws in software and hardware, or networks. White hat hackers are generally beneficial for a society and follow and adhere to applicable rules and systems in their work, particularly for improvement of cybersecurity, unlike black hat hackers (or hostile hackers). Only applicable laws permit, white hat hackers do their job looking for flaws or shortcut ways to exploit a system or a network.

This category of benevolent hackers consists of trained IT professionals with prior experience in in-house cyberdefense teams (known as blue teams). However, a large number of white hat hackers started as black hats. In recent years, self-taught ex-black-hat hackers have increased in numbers as more hackers tend to direct their efforts to assisting organizations and government entities secure their information and systems better.

In addition to white hat hackers, there are other differently motivated groups of hackers including black hat hackers and grey hat hackers.

The ‘white hat’ term is derived from classic Western movies, where stars wear white hats while villains don black hats.

A white hat hacker is also known as an ethical hacker, a penetration testers, or a red team.