Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners

TL;DR

This paper provides a data-driven qualitative analysis of offensive security practitioners, revealing insights into their work processes, challenges, and thought patterns to inform automation and future research.

Contribution

It offers the first detailed exploratory study of white-hat hackers' work, informing automation efforts and identifying new research directions.

Findings

Insights into hackers' work processes and challenges

Recommendations for improving security testing automation

Identification of novel research areas in offensive security

Abstract

Offensive security-tests are a common way to pro-actively discover potential vulnerabilities. They are performed by specialists, often called penetration-testers or white-hat hackers. The chronic lack of available white-hat hackers prevents sufficient security test coverage of software. Research into automation tries to alleviate this problem by improving the efficiency of security testing. To achieve this, researchers and tool builders need a solid understanding of how hackers work, their assumptions, and pain points. In this paper, we present a first data-driven exploratory qualitative study of twelve security professionals, their work and problems occurring therein. We perform a thematic analysis to gain insights into the execution of security assignments, hackers' thought processes and encountered challenges. This analysis allows us to conclude with recommendations for researchers and tool builders to increase the efficiency of their automation and identify novel areas for research.