Abstract
With rising concerns about security on the Internet, a field emerged to overcome those concerns, which is called Cyber Security. Cyber security is composed of many sections, where ethical hacking is an important part of it. Ethical hacking, also known as penetration testing is to ensure a system is secure by hacking it without inflicting any harm to the system or its data. Ethical hackers are assigned with the responsibility to test vulnerabilities in the system by gaining access to customer's security, confidential information and data. It is important that those systems are not compromised or taken advantage of by service providers. With technology evolving rapidly it is hard for the average consumer to keep up to date with the latest technology and could easily fall victim to security companies. However, there is a lack of study of the metric that ethical hackers should follow in order to achieve trust and integrity for both sides i.e. the security provider and the consumer. The purpose of this research is to identify the metric ethical hackers should follow, as not to misguide their customers. In order to recognize these metrics, system security and cyber security metrics were evaluated to get the most suitable ethical hacking metrics.