Resources / Lexicon

The security
glossary.

Plain-English definitions for the language of cybersecurity — 61 terms, no jargon left unexplained.

61 terms

Access Control

Defense

The selective restriction of access to a place or other resource while access management describes the process.

Adware

Attacks

Software that automatically displays or downloads advertising material when a user is online.

Antivirus

Tools

Software designed to detect and destroy computer viruses.

APT

Attacks

Advanced Persistent Threat. A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.

Asymmetric Encryption

Cryptography

A form of encryption where keys come in pairs. What one key encrypts, only the other can decrypt.

Botnet

Attacks

A network of private computers infected with malicious software and controlled as a group without the owners' knowledge routinely used for DDoS attacks.

Buffer Overflow

Attacks

An anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.

Brute Force

Attacks

A trial-and-error method used to obtain information such as a user password or personal identification number (PIN).

CIA Triad

Governance

Confidentiality, Integrity, and Availability. A model designed to guide policies for information security within an organization.

CSRF

Attacks

Cross-Site Request Forgery. An attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.

CVE

Compliance

Common Vulnerabilities and Exposures. A list of publicly disclosed cybersecurity vulnerabilities.

DDoS

Attacks

Distributed Denial of Service. A malicious attempt to disrupt the normal traffic of a targeted server by overwhelming the target with a flood of Internet traffic.

Digital Forensics

Defense

The process of uncovering and interpreting electronic data. The goal is to preserve any evidence in its most original form.

DNS Spoofing

Attacks

A form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache.

Endpoint Detection

Defense

EDR (Endpoint Detection and Response) is a cyber technology that continually monitors and responds to mitigate cyber threats.

Encryption

Cryptography

The process of converting information or data into a code, especially to prevent unauthorized access.

Exploit

Attacks

A piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability.

Firewall

Network

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Fuzzing

Tools

Automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program.

Governance

Compliance

The set of rules, policies, and processes that ensure an organization's IT strategy aligns with its business goals.

Hashing

Cryptography

Generating a value or values from a string of text using a mathematical function.

Honeypot

Defense

A decoy system that is set up to attract cyberattackers, in order to deflect them from critical systems or collect intelligence.

IDS/IPS

Network

Intrusion Detection System / Intrusion Prevention System. Tools designed to detect and prevent unauthorized access or network attacks.

Incident Response

Defense

An organized approach to addressing and managing the aftermath of a security breach or cyberattack.

JIRA (Security)

Tools

A proprietary issue tracking product that allows bug tracking and agile project management, frequently used securely in DevOps.

JWT

Cryptography

JSON Web Token. An open standard that defines a compact and self-contained way for securely transmitting information between parties.

Keylogger

Attacks

A type of surveillance software that tracks and records every keystroke a user makes on an infected machine.

Kill Chain

Defense

A framework used to define the steps of a cyberattack, helping organizations break the attacker's progression.

Lateral Movement

Attacks

Techniques that a cyberattacker uses, after gaining initial access, to move deeper into a network in search of sensitive data.

LDAP

Network

Lightweight Directory Access Protocol. An open, vendor-neutral application protocol for accessing and maintaining distributed directory info over IP.

Malware

Attacks

Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

MFA

Defense

Multi-Factor Authentication. A security mechanism that requires the user to provide two or more forms of identification.

NIST

Compliance

National Institute of Standards and Technology. A physical sciences laboratory and non-regulatory agency of the US Department of Commerce.

NIST Framework

Compliance

A structured methodology issued by NIST to help organizations measure and manage their cybersecurity risks.

OSINT

Defense

Open-Source Intelligence. Data collected from publicly available sources to be used in an intelligence context.

OWASP

Compliance

Open Web Application Security Project. An online community that produces freely-available articles, methodologies, documentation, and tools.

Penetration Testing

Defense

An authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.

Phishing

Attacks

The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal info.

Quarantine

Defense

The isolation of files suspected of carrying a virus or malware, preventing them from running or interacting with the system.

Ransomware

Attacks

A type of malicious software designed to block access to a computer system until a sum of money is paid.

Risk Assessment

Governance

The process of identifying, analyzing, and evaluating risks to information assets.

SIEM

Tools

Security Information and Event Management. A solution that provides real-time analysis of security alerts generated by hardware and applications.

Social Engineering

Attacks

The use of deception to manipulate individuals into divulging confidential or personal information.

SQL Injection

Attacks

A code injection technique used to attack data-driven applications, inserting nefarious SQL statements into an entry field.

Symmetric Encryption

Cryptography

A type of encryption where only one key is used to both encrypt and decrypt electronic data.

Threat Intelligence

Defense

Evidence-based knowledge, including context, mechanisms, indicators, and implications about existing or emerging menaces.

TLS/SSL

Cryptography

Transport Layer Security / Secure Sockets Layer. Cryptographic protocols designed to provide communications security over a computer network.

Trojan Horse

Attacks

Any malware which misleads users of its true intent by disguising itself as a standard program.

URL Filtering

Network

A technique used by organizations to restrict what content employees can access over the internet by blocking access to certain URLs.

VPN

Network

Virtual Private Network. A mechanism for creating a secure connection to another network over the Internet.

Vulnerability

Compliance

A weakness in an information system, system security procedures, internal controls, or implementation that could be exploited.

WAF

Network

Web Application Firewall. A specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web application.

Worm

Attacks

A standalone malware computer program that replicates itself in order to spread to other computers.

XML External Entity

Attacks

XXE. A type of attack against an application that parses XML input and allows references to external entities.

XSS

Attacks

Cross-Site Scripting. A vulnerability in which an attacker injects malicious executable scripts into the code of a trusted website.

YARA Rules

Tools

A tool used primarily in malware research and detection, allowing researchers to identify and classify malware samples.

Zero-Day

Attacks

A computer-software vulnerability that is unknown to those who should be interested in mitigating it, giving them zero days to prepare.

Zero Trust

Governance

A security framework requiring all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated.

Steganography

Cryptography

The practice of concealing a file, message, image, or video within another file, message, image, or video.

Rootkit

Attacks

A set of software tools that enable an unauthorized user to gain control of a computer system without being detected.

Sandbox

Tools

A security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities.

Is your organization secure?

Take our free 10-question security assessment. Get instant recommendations.

Free Assessment
Shuraya Labs

Cybersecurity and secure software delivery for organizations that refuse to cut corners on security.

Solutions

© 2026 Shuraya Labs. All rights reserved.

Made with in India 🇮🇳