Looking to boost their IT security support or just find vulnerabilities and potential attack vectors they may have missed, some companies are choosing to pull from the pool of former black- or gray-hat hackers to fill out their own cybersecurity ranks, or to handle one-off projects or conduct penetration testing on a contracted basis.