Student: Ed Skoudis's opening his factory. He's gonna let people in!
Teacher: You sure?
Student: It's all over the net, and he's giving truckloads of ethical hacking secrets away.
Teacher: Class dismissed.
Student: No, no. The first one's only for 25 people.
Teacher: Class undismissed.
Student: He's making available 25 golden tickets, and the people who buy them will win the big prize.
Teacher: Where's he hidden the tickets?
Student: They’re not really hidden. They’re inside SANS Events. You have to buy SANS courses to get them.
Teacher: Class re-dismissed.


The terms “Ethical Hacking” and “Ethical Hacker” have now become accepted industry terms. But many companies and government agencies were hesitant to support a credential with the word “hacker” in it. There have been many factors leading to the acceptance of ethical hacking such as:

* Regulations such as HIPAA, SOX, GLBA and numerous others.
* PCI DSS Section 11 and its clarification differentiating penetration testing from vulnerability assessment.
* Many courses and certifications using the term in their titles and official descriptions.
* Cisco Press, the Dummies Series and a plethora of book titles are beginning to use the positive connotation of the word hacking. Even Webster’s New World Dictionary has an edition specifically dedicated to hacking.
* A groundswell of professionals using the phrase and showing great interest in this new and maturing field.

Now add to this grass roots movement, a push by one of the most respected names in security training, SANS. The SANS Institute has long been known as a big player in the government sector. And one of its heavy hitters, who has even testified in front of Congress, Ed Skoudis, is the author of a new course with the exact phrase in its title. All of this validates what many of us had hoped for years. Hacking for a living is now a respected profession.