Cybersecurity Terms Glossary: Cybersecurity Terms in 2024
A
Access Control
Access control is a security mechanism that restricts or manages authorized access to resources or systems based on user identities and set policies.
Antivirus
Antivirus software is a program designed to detect, prevent, and remove malware infections from computer systems.
Application Security
Application Security, also known as AppSec, refers to the practices, techniques, and technologies used to secure software applications throughout their lifecycle, from development to deployment and maintenance.
Artificial Intelligence (Ai)
Artificial Intelligence (AI) refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as learning, problem-solving, and decision-making.
Authentication
Authentication is the process of verifying the identity of an individual, device, or entity seeking access to a system or resource.
B
Backup And Recovery
Backup and recovery refers to the process of creating copies of data and systems to protect against data loss or system failures and being able to restore them when needed.
Biometric Authentication
Biometric Authentication involves verifying the identity of an individual based on unique biological or behavioral characteristics, such as fingerprints, retina scans, or voice recognition.
Blockchain Security
Blockchain Security focuses on securing the decentralized and distributed ledger technology (DLT) known as blockchain, ensuring the integrity, confidentiality, and availability of data and transactions.
Brute Force Attack
A Brute Force Attack is a trial-and-error-based method used by attackers to guess passwords or encryption keys, systematically trying all possible combinations until the correct one is found.
Bug Bounty Program
A Bug Bounty Program is a crowdsourced initiative where organizations offer rewards or incentives to ethical hackers or researchers who responsibly disclose vulnerabilities or bugs in their systems.
C
Cloud Security
Cloud Security refers to the set of policies, controls, technologies, and best practices designed to protect data, applications, and infrastructure within cloud environments, ensuring confidentiality, integrity, and availability.
Containerization
Containerization is a lightweight virtualization technology that allows applications to run in isolated environments called containers, providing improved security, scalability, and portability.
Cyber Insurance
Cyber Insurance is a form of insurance coverage that protects individuals or organizations against financial losses or liabilities resulting from cyber attacks, data breaches, or other IT-related incidents.
Cyber Threat Hunting
Cyber Threat Hunting is a proactive and iterative process of searching for, identifying, and mitigating advanced threats or malicious activities that may have evaded existing security defenses or measures.
Cyber Threat Intelligence
Cyber Threat Intelligence (CTI) is information about potential cyber threats, including their capabilities, intentions, and indicators of compromise, used to inform and strengthen defense mechanisms.
Cybersecurity
Cybersecurity refers to the practice of protecting computer systems, servers, networks, and data from digital attacks.
Cybersecurity Framework
A cybersecurity framework provides a structured approach to managing cybersecurity risks by outlining policies, processes, and controls.
Cybersecurity Governance
Cybersecurity governance involves establishing and implementing a framework of policies, procedures, and controls to manage and mitigate cybersecurity risks within an organization.
Cybersecurity Incident Response Plan
A cybersecurity incident response plan is a document that outlines the steps and procedures to be followed in the event of a security incident to mitigate damage and restore normal operations.
D
Data Backup And Recovery
Data Backup and Recovery is the process of creating duplicate copies of data, files, or systems and implementing procedures to restore them in the event of data loss or a disaster.
Data Breach
A data breach occurs when an unauthorized party gains access to sensitive or confidential data, potentially leading to its disclosure or misuse.
Data Center Security
Data Center Security focuses on the physical and logical security measures adopted to protect data centers, including access controls, environmental monitoring, fire suppression, and redundancy.
Data Classification
Data classification is the process of categorizing data based on its sensitivity level to ensure appropriate security controls and protection measures are in place.
Data Encryption
Data Encryption is the process of converting plain text or data into ciphertext, using mathematical algorithms and encryption keys, to protect it from unauthorized access or interception.
Data Encryption Standard
Data Encryption Standard (DES) is a symmetric encryption algorithm used to secure sensitive data by converting it into an unreadable format.
Data Leakage
Data Leakage, also known as Data Loss or Data Exfiltration, refers to the unauthorized transfer or exposure of sensitive or confidential information, either intentionally or unintentionally.
Data Loss
Data loss refers to the unintentional or accidental loss of data, resulting from human errors, hardware failures, software bugs, or malware infections.
Data Loss Prevention
Data Loss Prevention (DLP) refers to a set of technologies and strategies designed to prevent the accidental or intentional exposure of sensitive data.
Data Loss Prevention (Dlp)
Data Loss Prevention (DLP) refers to a set of processes, tools, and techniques deployed to prevent sensitive or confidential data from being lost, stolen, or leaked.
Data Privacy
Data privacy refers to the protection of personal or sensitive information from unauthorized access, use, disclosure, or destruction.
Data Retention
Data Retention refers to the policies and practices for determining how long data should be stored and retained based on legal, regulatory, contractual, or business requirements.
Deep Learning
Deep Learning is a subset of machine learning that involves training artificial neural networks with multiple interconnected layers to make more complex and sophisticated predictions or decisions.
Denial Of Service
A Denial of Service (DoS) attack is an attempt to make a computer resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests or traffic.
Denial Of Service (Dos)
A Denial of Service (DoS) attack is a malicious attempt to disrupt the availability of a computer system or network by overwhelming it with a flood of illegitimate requests or traffic.
Digital Forensics
Digital Forensics is the process of collecting, analyzing, and preserving digital evidence from computers, networks, or digital devices to investigate and prevent cybercrime or resolve legal disputes.
E
Encryption
Encryption is a process of converting data into a format that can only be read or understood by authorized parties.
End-To-End Encryption
End-to-End Encryption is a secure communication method that encrypts data on the sender's device and decrypts it only on the recipient's device, ensuring confidentiality throughout the transmission.
Endpoint Protection
Endpoint Protection, also known as Endpoint Security, refers to the security controls and measures implemented to protect individual end-user devices, such as laptops, smartphones, or tablets, from various threats.
F
Firewall
A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predefined security rules.
Firewall Rule
A firewall rule is a predefined policy or set of configured instructions that determines what network traffic should be allowed or blocked by a firewall.
H
Hacker
A hacker is an individual skilled in computer programming and computer security, using their knowledge to find and exploit vulnerabilities in computer systems or networks.
Hardening
Hardening is the process of securing a computer system or network by applying a variety of security measures, configurations, and best practices to minimize vulnerabilities and reduce attack surface.
Honeypot
A honeypot is a decoy system or network that is intentionally vulnerable to attacks and used to lure attackers, gather information, and gain insights into their methods and tactics.
I
Identity And Access Management (Iam)
Identity and Access Management (IAM) is a framework of policies, technologies, and processes that manages and governs user access to resources, ensuring appropriate authentication, authorization, and accountability.
Ids
Intrusion Detection System (IDS) is a security device or software application that monitors network or system activities and detects potential malicious behavior.
Incident Response
Incident response is the process of identifying, responding to, and managing security incidents and breaches to minimize damage and restore normal operations.
Insider Threat
An Insider Threat refers to the risk posed by individuals within an organization who have authorized access to systems or data, but intentionally or unintentionally misuse or compromise them.
Internet Of Things (Iot) Security
Internet of Things (IoT) Security encompasses the measures and safeguards implemented to protect IoT devices, networks, and data from unauthorized access, exploitation, or tampering.
Internet Security
Internet Security refers to the practices, measures, and technologies implemented to protect computer systems, networks, and data from threats or attacks occurring over the internet.
Intrusion Detection
Intrusion detection is the process of monitoring network or system activities to identify signs of unauthorized access, misuse, or other malicious activities.
Intrusion Detection System (Ids)
An Intrusion Detection System (IDS) is a security tool that monitors network traffic or system logs to detect and alert on unauthorized or malicious activities.
Intrusion Prevention
Intrusion prevention is the process of identifying and blocking or mitigating potential security threats or attacks in real-time to prevent them from compromising systems or networks.
Intrusion Prevention System
An Intrusion Prevention System (IPS) is a network security device that monitors network traffic in real-time and actively blocks or prevents unauthorized access or malicious activities.
Intrusion Prevention System (Ips)
An Intrusion Prevention System (IPS) is a network security tool that monitors network traffic and actively blocks or prevents suspected malicious activities or attacks.
M
Machine Learning (Ml)
Machine Learning (ML) is a subset of AI that focuses on getting machines to learn from data, allowing them to improve their performance or make predictions without being explicitly programmed.
Malware
Malware, short for malicious software, is any software intentionally designed to cause damage to a computer, server, or network.
Mobile Device Management (Mdm)
Mobile Device Management (MDM) is a set of technologies, processes, and policies used to secure, monitor, manage, and support mobile devices, such as smartphones and tablets, within an organization.
Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a security method that requires users to provide multiple authentication factors, typically a combination of passwords, tokens, and biometrics.
Multi-Factor Authentication (Mfa)
Multi-factor Authentication (MFA) is a security mechanism that requires users to provide multiple forms of identification, such as a password, fingerprint, or security token, to authenticate and access a system or account.
N
Network Security
Network security refers to the policies, protocols, and technologies implemented to protect computer networks from unauthorized access, misuse, or disruption.
Network Segmentation
Network segmentation is the practice of dividing a computer network into smaller subnetworks, known as segments, to limit the spread of attacks and improve overall network security.
P
Password Policy
A password policy is a set of rules and requirements established by an organization to ensure that users create and use strong passwords and protect them from unauthorized access.
Patch
A patch is a piece of software designed to update or fix a computer program or its supporting data to address vulnerabilities or improve functionality.
Patch Management
Patch management is the process of acquiring, testing, and deploying patches or updates to software systems to address security vulnerabilities and keep them up to date.
Penetration Testing
Penetration testing, also known as ethical hacking, is a simulated cyber attack on a computer system to identify vulnerabilities and assess the potential impact of an exploit.
Phishing
Phishing is a cyber attack that uses disguised emails, websites, or other communication methods to trick individuals into revealing sensitive information.
Phishing Awareness Training
Phishing awareness training is an educational program designed to teach individuals how to recognize and avoid phishing attempts.
R
Ransomware
Ransomware is a type of malware that encrypts files on a victim's device and demands a ransom payment in exchange for restoring access.
Red Team/Blue Team
Red Team/Blue Team is a collaborative approach where one team (Red Team) acts as an attacker, simulating real-world threats, while another team (Blue Team) defends the system and evaluates its security.
Risk Assessment
Risk Assessment is the process of identifying, analyzing, and evaluating potential risks and vulnerabilities to determine the level of threat posed to an organization's assets or information.
S
Secure Coding
Secure coding is the practice of writing software code in a way that mitigates potential security vulnerabilities and reduces the overall risk of exploitation.
Secure Development Lifecycle
Secure Development Lifecycle (SDL) is a set of industry best practices and processes designed to integrate security into every phase of the software development life cycle.
Secure Socket Layer
Secure Socket Layer (SSL) is a cryptographic protocol that provides secure communications over a computer network and is commonly used for securing website transactions.
Secure Software Development Lifecycle (Ssdlc)
Secure Software Development Lifecycle (SSDLC) is a set of practices, policies, and procedures embedded within the software development process to ensure the delivery of secure and resilient software applications.
Security Architecture
Security architecture refers to the design and structure of a system or network that incorporates security controls and measures to protect against threats and meet security objectives.
Security Assessment
A security assessment is a systematic evaluation of an organization's security posture, identifying vulnerabilities and assessing the effectiveness of existing security controls.
Security Audit
A security audit is a systematic evaluation of the security of a company's information systems or infrastructure to identify vulnerabilities and ensure compliance with security policies.
Security Awareness Program
A security awareness program is an ongoing initiative aimed at educating and empowering individuals within an organization to recognize and mitigate potential security risks.
Security Awareness Training
Security awareness training is an educational program designed to educate individuals about potential security threats, best practices, and their role in maintaining good security hygiene.
Security Incident
A security incident refers to an adverse event or occurrence that violates an organization's security policies, resulting in a breach or unauthorized access to systems or data.
Security Incident Management
Security incident management involves the processes and procedures for handling and responding to security incidents, including reporting, analysis, containment, and recovery.
Security Incident Response Plan
A Security Incident Response Plan (SIRP) is a documented and structured approach that outlines the necessary steps and procedures to be followed when responding to and managing security incidents.
Security Information And Event Management
Security Information and Event Management (SIEM) is a technology that combines log management and security event management to provide real-time analysis of security alerts and events.
Security Information And Event Management (Siem)
Security Information and Event Management (SIEM) is a solution that combines security information management (SIM) and security event management (SEM) functionalities to provide comprehensive visibility and analysis of security events and logs.
Security Operations Center
A Security Operations Center (SOC) is a centralized unit within an organization that monitors, detects, analyzes, and responds to security incidents on an ongoing basis.
Security Operations Center (Soc)
A Security Operations Center (SOC) is a centralized facility or team responsible for continuous monitoring, analysis, and response to security events or incidents across an organization's systems and networks.
Security Policy
A security policy is a set of guidelines, rules, and procedures established by an organization to define and enforce its security objectives and protect its assets.
Security Risk Assessment
A security risk assessment is a process of identifying and evaluating potential security risks to an organization's assets, including information systems, data, and physical infrastructure.
Social Engineering
Social engineering is a method used by attackers to manipulate individuals into revealing confidential information or performing specific actions.
Social Media Engineering
Social Media Engineering is a technique used by attackers to manipulate and exploit individuals' trust or relationships on social media platforms, seeking to gather information or perform malicious activities.
Social Media Security
Social Media Security focuses on the protection of individuals and organizations from threats or risks associated with the use of social media platforms, such as privacy breaches, account hijacking, or reputational damage.
Software Security
Software security refers to the practice of implementing security measures and controls throughout the software development lifecycle to identify and mitigate potential vulnerabilities.
Spyware
Spyware is a type of malicious software that covertly gathers information about a computer user or system without their knowledge or consent.
T
Threat Hunting
Threat hunting is a proactive cybersecurity activity that involves actively searching for and identifying potential threats or indicators of compromise within a network or system.
Two-Factor Authentication
Two-Factor Authentication (2FA) is a security process that requires users to provide two different authentication factors, such as a password and a unique code sent to their mobile device, to gain access.
Two-Factor Authentication (2Fa)
Two-factor Authentication (2FA) is a security protocol that requires users to provide two different forms of identification, typically a password and a unique code or token, to authenticate and access a system or account.
U
Url Filtering
URL filtering is a security measure that blocks or allows access to websites based on defined criteria to prevent users from accessing malicious or inappropriate content.
V
Virtual Private Network (Vpn)
A Virtual Private Network (VPN) creates a secure, encrypted connection between a user's device and a private network, thus ensuring privacy and data protection.
Vpn
A Virtual Private Network (VPN) extends a private network across a public network, allowing users to send and receive data as if their devices were directly connected to the private network.
Vulnerability
A vulnerability is a weakness or flaw in a computer system, software, or network that could be exploited by attackers.
W
Web Application Firewall
A web application firewall (WAF) is a security device or software that filters, monitors, and blocks malicious web traffic to protect web applications from common cyber attacks.
Web Application Firewall (Waf)
A Web Application Firewall (WAF) is a security tool or service that filters and monitors HTTP/S traffic between web applications and the internet, protecting against various types of web-based attacks.
Z
Zero Trust
Zero Trust is a security concept and framework that assumes no trust, requiring all users, devices, and transactions to be validated and authenticated before granting access to resources.
Zero-Day Exploit
A zero-day exploit is an undisclosed vulnerability in software, hardware, or firmware that hackers can exploit before the vendor becomes aware and releases a patch.
Zero-Day Vulnerability
A Zero-day Vulnerability refers to a software vulnerability that is unknown to the software vendor or developers, leaving users at risk as there may be no patches or defenses available to mitigate the vulnerability.