The security
glossary.
Plain-English definitions for the language of cybersecurity — 61 terms, no jargon left unexplained.
61 terms
Access Control
DefenseThe selective restriction of access to a place or other resource while access management describes the process.
Adware
AttacksSoftware that automatically displays or downloads advertising material when a user is online.
Antivirus
ToolsSoftware designed to detect and destroy computer viruses.
APT
AttacksAdvanced Persistent Threat. A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
Asymmetric Encryption
CryptographyA form of encryption where keys come in pairs. What one key encrypts, only the other can decrypt.
Botnet
AttacksA network of private computers infected with malicious software and controlled as a group without the owners' knowledge routinely used for DDoS attacks.
Buffer Overflow
AttacksAn anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
Brute Force
AttacksA trial-and-error method used to obtain information such as a user password or personal identification number (PIN).
CIA Triad
GovernanceConfidentiality, Integrity, and Availability. A model designed to guide policies for information security within an organization.
CSRF
AttacksCross-Site Request Forgery. An attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.
CVE
ComplianceCommon Vulnerabilities and Exposures. A list of publicly disclosed cybersecurity vulnerabilities.
DDoS
AttacksDistributed Denial of Service. A malicious attempt to disrupt the normal traffic of a targeted server by overwhelming the target with a flood of Internet traffic.
Digital Forensics
DefenseThe process of uncovering and interpreting electronic data. The goal is to preserve any evidence in its most original form.
DNS Spoofing
AttacksA form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache.
Endpoint Detection
DefenseEDR (Endpoint Detection and Response) is a cyber technology that continually monitors and responds to mitigate cyber threats.
Encryption
CryptographyThe process of converting information or data into a code, especially to prevent unauthorized access.
Exploit
AttacksA piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability.
Firewall
NetworkA network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Fuzzing
ToolsAutomated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program.
Governance
ComplianceThe set of rules, policies, and processes that ensure an organization's IT strategy aligns with its business goals.
Hashing
CryptographyGenerating a value or values from a string of text using a mathematical function.
Honeypot
DefenseA decoy system that is set up to attract cyberattackers, in order to deflect them from critical systems or collect intelligence.
IDS/IPS
NetworkIntrusion Detection System / Intrusion Prevention System. Tools designed to detect and prevent unauthorized access or network attacks.
Incident Response
DefenseAn organized approach to addressing and managing the aftermath of a security breach or cyberattack.
JIRA (Security)
ToolsA proprietary issue tracking product that allows bug tracking and agile project management, frequently used securely in DevOps.
JWT
CryptographyJSON Web Token. An open standard that defines a compact and self-contained way for securely transmitting information between parties.
Keylogger
AttacksA type of surveillance software that tracks and records every keystroke a user makes on an infected machine.
Kill Chain
DefenseA framework used to define the steps of a cyberattack, helping organizations break the attacker's progression.
Lateral Movement
AttacksTechniques that a cyberattacker uses, after gaining initial access, to move deeper into a network in search of sensitive data.
LDAP
NetworkLightweight Directory Access Protocol. An open, vendor-neutral application protocol for accessing and maintaining distributed directory info over IP.
Malware
AttacksSoftware that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
MFA
DefenseMulti-Factor Authentication. A security mechanism that requires the user to provide two or more forms of identification.
NIST
ComplianceNational Institute of Standards and Technology. A physical sciences laboratory and non-regulatory agency of the US Department of Commerce.
NIST Framework
ComplianceA structured methodology issued by NIST to help organizations measure and manage their cybersecurity risks.
OSINT
DefenseOpen-Source Intelligence. Data collected from publicly available sources to be used in an intelligence context.
OWASP
ComplianceOpen Web Application Security Project. An online community that produces freely-available articles, methodologies, documentation, and tools.
Penetration Testing
DefenseAn authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.
Phishing
AttacksThe fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal info.
Quarantine
DefenseThe isolation of files suspected of carrying a virus or malware, preventing them from running or interacting with the system.
Ransomware
AttacksA type of malicious software designed to block access to a computer system until a sum of money is paid.
Risk Assessment
GovernanceThe process of identifying, analyzing, and evaluating risks to information assets.
SIEM
ToolsSecurity Information and Event Management. A solution that provides real-time analysis of security alerts generated by hardware and applications.
Social Engineering
AttacksThe use of deception to manipulate individuals into divulging confidential or personal information.
SQL Injection
AttacksA code injection technique used to attack data-driven applications, inserting nefarious SQL statements into an entry field.
Symmetric Encryption
CryptographyA type of encryption where only one key is used to both encrypt and decrypt electronic data.
Threat Intelligence
DefenseEvidence-based knowledge, including context, mechanisms, indicators, and implications about existing or emerging menaces.
TLS/SSL
CryptographyTransport Layer Security / Secure Sockets Layer. Cryptographic protocols designed to provide communications security over a computer network.
Trojan Horse
AttacksAny malware which misleads users of its true intent by disguising itself as a standard program.
URL Filtering
NetworkA technique used by organizations to restrict what content employees can access over the internet by blocking access to certain URLs.
VPN
NetworkVirtual Private Network. A mechanism for creating a secure connection to another network over the Internet.
Vulnerability
ComplianceA weakness in an information system, system security procedures, internal controls, or implementation that could be exploited.
WAF
NetworkWeb Application Firewall. A specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web application.
Worm
AttacksA standalone malware computer program that replicates itself in order to spread to other computers.
XML External Entity
AttacksXXE. A type of attack against an application that parses XML input and allows references to external entities.
XSS
AttacksCross-Site Scripting. A vulnerability in which an attacker injects malicious executable scripts into the code of a trusted website.
YARA Rules
ToolsA tool used primarily in malware research and detection, allowing researchers to identify and classify malware samples.
Zero-Day
AttacksA computer-software vulnerability that is unknown to those who should be interested in mitigating it, giving them zero days to prepare.
Zero Trust
GovernanceA security framework requiring all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated.
Steganography
CryptographyThe practice of concealing a file, message, image, or video within another file, message, image, or video.
Rootkit
AttacksA set of software tools that enable an unauthorized user to gain control of a computer system without being detected.
Sandbox
ToolsA security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities.