Glossary of Security Terms!

The logical word behind security term.

AJAX progress indicator
Search: (clear)
  • Access Control List
    Access Control List or ACL filter network traffic by controlling whether it's allowed or blocked.
  • ACL
    Access Control List or ACL filter network traffic by controlling whether it's allowed or blocked.
  • Address Resolution Protocol
    Address Resolution Protocol (ARP) is used for discovering a physical machine (MAC) address and associating it to the Internet Protocol (IP) address.
  • Advanced Encryption Standard (AES)
    An encryption standard being developed by NIST. Intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm.
  • Advanced Persistent Threat (APT)
    Threat that involves attackers sitting on a network for a period of time and the attacker has the time and resources to carry out their attack.
  • Adware
    Displays advertising content to a computer which may or may not be malicious. Can be harmful if is secretly installed on a computer or on applications. Can also gather web information and take up resources on a device.
  • Air Gap
    Notification that a specific attack has been detected or directed at an organization?s information systems.
  • Anti Spyware Software
    A program that specializes in detecting and blocking or removing forms of spyware.
  • Antivirus
    A utility that detects, prevents, and removes malicious content such as viruses, worms, and spyware from a computer. Most antivirus software includes an auto-update feature to detect and block recent threats. Antivirus solutions can look for suspicious behavior and/or block threats based on(...)
  • ARP
    Address Resolution Protocol (ARP) is used for discovering a physical machine (MAC) address and associating it to the Internet Protocol (IP) address.
  • Asset
    A person, structure, facility, information, and records, information technology systems and resources, material, process, relationships, or reputation that has value.
  • Asymmetric Cryptography
    Public-key cryptography; A modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm.
  • Auditing
    Information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.
  • Backdoor
    A method so that a security mechanism is discreetly bypassed to access a computer or its data. This is sometimes written by programmers and developers so that they man edit their work at a later time and should be closed to prevent attackers from exploiting them. Once a device is compromised(...)
  • Backup
    There are several different types of backups including cloud backups, system backups, and data backups and are all used to restore a system and/or network in case data is corrupted, deleted, or lost. It is important backups are implemented in any business environment so that in the event of an(...)
  • Bandwidth
    Capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.
  • Baseline
    Values or conditions where all performances are compared against. In a security environment, baselines are important to monitor activity on a network to locate suspicious activity that deviates from normal behavior.
  • Blacklist
    A list of domains or email addresses that are blocked so that a user can’t send a message to the intended recipient. IP’s can also be blacklisted on a network level to block potentially malicious traffic from communicating in and/or out of your network.
  • Bot
    A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator.
  • Botnet
    A collection of infected computers that are remotely controlled by a hacker.
  • Bring Your Own Device (BYOD)
    A policy where employees are allowed to bring their own devices to work and can be attached to the network. This is becoming increasingly more prevalent in business environments.
  • Brute Force Attack
    Attack where hackers try many keyword or password combinations to gain unauthorized access to a system or file.
  • Buffer Overflow
    When a program stores excess data by overwriting other areas of a computer?s memory, causing errors/crashes.
  • Business Continuity Plan (BCP)
    Plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.
  • Cache
    A place to temporarily store something in a computing environment. Active data is often cached to shorten data access times, reduce latency, and improve input/output (improve application performance).
  • Checksum
    A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.
  • Cloud Computing
    A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
  • Cloud Security
    Control-based technologies and policies to enforce compliance rules and protect information, data applications, and infrastructure in association with cloud usage.
  • Command and Control Center
    A computer that controls a botnet where commands can be sent from a hacker for malicious actions.
  • Compliance
    Being in (or coming into) a state of accordance with established guidelines. Such guidelines are usually set to ensure industry regulations and government legislation.
  • Computer Network Defense
    Actions taken to defend against unauthorized activity within computer networks. CND includes monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities.
  • Confidentiality
    Property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.
  • Cookie
    A file put on a computer to allow websites to remember details.
  • Critical Infrastructure
    The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.
  • Cross Site Scripting (XSS)
    A type of injection security attack where an attacker will inject data (ex. Malicious script) into content of websites. The dynamic content (ex. javascript) can then be delivered to the victim’s browser to carry out the attack.
  • Cryptography
    The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication.
  • Dark Web
    The encrypted part of the internet that is not indexed by search engines. It is a subset of the deep web (which can be accessed by anyone with the correct url). Dark web pages need special software (ex. Tor) with the correct decryption key and access rights and knowledge to find content. Users(...)
  • Data Aggregation
    ability to get a more complete picture of the information by analyzing several different types of records at once.
  • Data Breach
    The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
  • Data Integrity
    The idea that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner.
  • Data Loss Prevention
    Set of procedures and mechanisms to stop sensitive data from leaving a security boundary
  • Data Mining
    technique used to analyze existing information, usually with the intention of pursuing new avenues to pursue business.
  • DDoS
    A cyber attack where multiple compromised computer systems attack a single target (ex. Network resource such as a server) to cause the target to deny service and slow down or even possibly crash and shut down.
  • Decryption
    Process of transforming ciphertext into its original plaintext.
  • Defense In-Depth
    Approach of using multiple layers of security to guard against failure of a single security component.
  • Demilitarized Zone (DMZ)
    In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a subnetwork) that sits between an organization's internal network and an external network, usually the Internet
  • Digital certificate
    A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web and is issued by a certification authority
  • Digital Signature
    value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data.
  • Disaster Recovery Plan
    A documented and structured approach to respond to unforeseen incidents. This should be designed to mitigate the effects of a disaster as much as possible so that a business may quickly resume critical functions.
  • DLP
    Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
  • DNS Hijacking
    Attack where a computer?s DNS settings are changed to either ignore DNS or communicate with a malicious DNS server.
  • Domain Name Service (DNS)
    The ?phone book? of the internet that allows for website names to be translated into IP address so that traffic can flow across the internet.
  • Drive-By Download
    Infection of a computer with malware that occurs when a user visits a malicious website.
  • Electronic Signature
    Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.
  • Encode
    To convert plaintext to ciphertext via code.
  • Encryption
    A method where plaintext (or any other type of readable data) is converted into an encoded version which can only be decoded by another entity if they have the decryption key. Encryption is an excellent way to secure data that’s transmitted across networks.
  • Data Loss Prevention
    Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
  • Endpoint Security
    Protects computers or devices against a wide range of threats and allows for central management of security among multiple endpoints.
  • Enterprise Mobile Data Management (MDM) Software
    Allows IT administrators to control and enforce policies on endpoints such as smartphones and tablets. The goal in MDM software is to protect the business network while maximizing the functionality and security of mobile devices.
  • Enterprise Risk Management
    A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization?s ability to achieve its objectives.
  • Exploit
    Attacker takes advantage of a vulnerability to access or infect a computer.
  • Fail-Over
    A technique where if one computer system fails, a standby system takes over and business functions can resume quickly.
  • File Transfer Protocol
    The File Transfer Protocol (FTP) is a legacy network protocol used for the transfer of files between two endpoints. This protocol is replaced by more secure methods like Secure File Transfer Protocol (SFTP) since it supports encryption.
  • Firewall
    A software or firmware where a set of rules are enforced involving certain data packets entering or leaving a network. In a security sense, firewalls can filter traffic to lower the risk of malicious packets traversing your network.
  • FTP
    The File Transfer Protocol (FTP) is a legacy network protocol used for the transfer of files between two endpoints. This protocol is replaced by more secure methods like Secure File Transfer Protocol (SFTP) since it supports encryption.
  • Fuzzing
    The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see "regression testing".
  • Gateway
    A network node that connects two networks with different protocols (two dissimilar networks).
  • Hardening
    The process of identifying and fixing vulnerabilities on a system.
  • Hashing
    Process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value') that represents the data.
  • Honeypot
    A cybersecurity technique in which attackers or malicious traffic can be captured in an isolated environment in a network for further analysis.
  • Incident Response Plan
    An organized approach to address and manage the aftermath of a cyberattack (or incident). The goal is to limit damage and reduce recovery time and costs.
  • Industrial Control System
    information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets.
  • Insider Threat
    A person or group of persons within an organization who pose a potential risk through violating security policies.
  • Internet of Things (IoT)
    System of devices with the ability to transfer data over a network. Examples of this in a business environment are tablets, smartphones, and smart thermometers.
  • Intranet
    A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.
  • Intrusion
    Unauthorized act of bypassing the security mechanisms of a network or information system.
  • Intrusion Prevention System (IPS)
    A system that monitors network traffic for suspicious activity by analyzing network packets over the network and generates alerts when such an activity is discovered.
  • IP Address
    A computer's inter-network address that is assigned for use by the Internet Protocol and other protocols. An IP version 4 address is written as a series of four 8-bit numbers separated by periods.
  • IP Forwarding
    IP forwarding is an Operating System option that allows a host to act as a router. A system that has more than 1 network interface card must have IP forwarding turned on in order for the system to be able to act as a router.
  • IPsec
    Authenticates and encrypts each IP packet of a communication session.
  • Key Pair
    A public key and its corresponding private key.
  • Keylogging
    Process of secretly recording keystrokes by an authorized 3rd party.
  • Logic Bomb
    Programs or snippets of code that execute when a certain predefined event occurs. Logic bombs may also be set to go off on a certain date or when a specified set of circumstances occurs.
  • MAC Address
    A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.
  • Malware
    Malware is a contraction of malicious and software. Malware is any piece of software that was written with the intent of doing harm to data, devices or to people. This included viruses, worms, trojans, spyware, and ransomware.
  • Multi-Factor Authentication
    System that requires more than one method of authentication to verify a user’s identity for a login.
  • Network Access Control (NAC)
    A secure way to restrict the availability of network resources to endpoint devices and comply with the security policy of a business.
  • Network Infrastructure
    Mix of hardware and software resources of a network to enable network connectivity, communication, operations, and management of your network. A communication path is created between users, processes, applications, services, and external networks.
  • Network Segregation
    A method to split a network into subnetwork into different network segments which provide benefits such as additional security and boosted performance.
  • Packet
    A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.
  • Passive Attack
    Attack that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations.
  • Patch
    A software update that is pushed out to devices (such as servers) for a fix. Examples of such fixes include fixing bugs, installing new drivers, and upgrading software.
  • Payload
    Application data that a packet contains
  • Penetration Testing
    A security assessment method to test, measure, and enhance established security measures on information systems.
  • Penetration Testing (pentesting)
    A security assessment method to test, measure, and enhance established security measures on information systems.
  • Phishing
    Phishing is a method of trying to gather sensitive information using deceptive emails and websites.
  • Ping Scan
    A ping scan looks for machines that are responding to ICMP Echo Requests.
  • Plaintext
    Ordinary readable text before being encrypted into ciphertext or after being decrypted.
  • Point to Point Encryption (P2P)
    Process of securely encrypting a signal or data through a designated tunnel. An example is for credit card information at a POS system (ex. Computer at cash register) to a processing point where the data being transferred is encrypted via P2P encryption.
  • Principle of Least Privilege
    A policy in which users should only be granted access to information and resources that they absolutely need. In other words, they should have the least amount of authority possible to perform their job.
  • Proxy
    A server that acts as a middleman between requesting devices and the destination devices/servers. These are especially popular in corporate environments.
  • Public Key Infrastructure (PKI)
    A process where a certificate authority negotiates a public and private key pair with a system to ensure secure communication.
  • Ransomware
    Type of malicious software that blocks access to your files or computer until a ransom is paid. However, there's no guarantee that paying a ransom will allow you to unlock your files or computer.
  • Red Team
    A group authorized and organized to emulate a potential adversary?s attack or exploitation capabilities against an enterprise?s cybersecurity posture.
  • Redundancy
    An additional system that maintains a degree of overall functionality in case of loss or failure of another system.
  • Remote Access
    The ability to access a computer from a remote location. A few ways that this can be set up are a local area network (LAN), wide area network (WAN) or a virtual private network (VPN).
  • Risk Assessment
    Product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
  • Rootkit
    Piece of software that hides programs/processes running on a computer.
  • Router
    A network device that allows for packets to be forwarded to their destination. It also connects network and is located at gateways (where networks meet) and operates at the network level of the OSI model.
  • Sandboxing
    An isolated computing environment where a program or file can be executed without affecting the application that it runs on. It’s useful for programmers to test new code or in a security environment, mitigate system failures or vulnerabilities from spreading.
  • Script
    A program or sequence of instructions that’s interpreted by a program (as opposed to being compiled) on a computer.
  • Secure Socket Shell (SSH)
    A suite of utilities that allows administrators to securely access a remote computer. SSH involves strong authentication and secure communication between 2 devices.
  • Secure Sockets Layer
    SSL or Secure Socket Layer is the standard security protocol for establishing an encrypted communication between a web server.
  • Security Information and Event Management
    Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system.
  • Security Policy
    Is a document that contains a rule or set of rules and procedures for all users accessing and using an organization's IT assets and resources.
  • Shell
    Shell is a user interface for access to an operating system's services.
  • SIEM
    Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system.
  • Signature
    A signature is like a fingerprint or a pattern that can be used to detect and identify malware.
  • Social Engineering
    A method of manipulating people via phone, email, or in-person to gain confidential information or unauthorized access.
  • Spam
    Unsolicited messages sent to a large number of recipients usually through commercial messages such as emails, text messages, or Internet postings.
  • Spam Filter
    A program for detecting and blocking unsolicited email on a network.
  • Spear Phishing
    A phishing attack that targets specific users to persuade people in an organization to reveal critical data or credentials.
  • Spyware
    Spyware is a type of malware that’s secretly installed on a device. In most cases, spyware tracks and relays user activities such as keystrokes and browsing behavior.
  • SQL Injection
    SQL Injection or SQLi refers to an injection attack wherein an attacker executes malicious Structured Query Language (SQL) statements on a web application’s database server to gains access or make changes to the data.
  • SSL
    SSL or Secure Socket Layer is the standard security protocol for establishing an encrypted communication between a web server.
  • Stateful Inspection
    The stateful inspection also referred to as dynamic packet filtering is a type of packet filtering that helps to control how data packets move through a firewall.
  • Switch
    Is a device that connects multiple devices together on a network by using packet switching to receive, process, and forward data to the destination devices.
  • TCP
    Transmission control protocol (TCP) is a network communication protocol designed to send data packets over the Internet.
  • Threat
    A threat, in the context of cybersecurity, refers to anything that has the potential to cause harm to a computer system.
  • Threat Agent
    An individual, group, organization, or government that conducts or has the intent to conduct malicious activities.
  • Threat Assessment
    Is a practice of determining the credibility and seriousness of a potential threat, as well as the probability that the threat will become a reality.
  • Transmission Control Protocol
    Transmission control protocol (TCP) is a network communication protocol designed to send data packets over the Internet.
  • Trojan
    Trojan is a type of malware that is often disguised as legitimate software.
  • UDP
    User Datagram Protocol (UDP) is an alternative communications protocol to Transmission Control Protocol (TCP) and is used primarily for establishing low-latency and loss-tolerating connections over the Internet.
  • User Datagram Protocol
    User Datagram Protocol (UDP) is an alternative communications protocol to Transmission Control Protocol (TCP) and is used primarily for establishing low-latency and loss-tolerating connections over the Internet.
  • Virtual Private Network
    Virtual Private Network or VPN allows users to securely access a private network via an encrypted tunnel over the Internet.
  • Virus
    A computer virus is a type of malware that is designed to spread from computer to computer and has the ability to replicate itself.
  • VPN
    A VPN allows for users to securely access an organization?s servers (via an encrypted tunnel) over the internet.
  • Weakness
    A shortcoming or imperfection in software code, design, architecture, or deployment that, under proper conditions, could become a vulnerability.
  • Web Crawling/Spidering
    A bot (automated script) that “crawls” the internet to collect web page information such as URL, metatags, and links.
  • Whitelist
    A list of entities that are approved for authorized or privileged access to a specific part of a network. It is regarded as a proactive measure to only allow access to safe things such as safe websites on the internet.
  • Worm
    A type of malware that self-replicates and copies itself to a network. In such an attack, usually a bug is exploited or a vulnerability in an existing software is used. The script that runs the worm is automated, which makes it incredibly important for network admins and security professionals(...)
  • Zero-Day
    A zero-day vulnerability is a flaw in the software, hardware or firmware that is unknown to the responsible parties for patching or fixing the flaw.