Cybersecurity Glossary
Definitions for common technical terms and industry jargon.
- Access Control
- The process of granting or denying specific requests to obtain and use information and related information processing services.
- APT (Advanced Persistent Threat)
- A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
- Antivirus Software
- A program designed to monitor a computer or network to identify all major types of malware and prevent or contain malware incidents.
- Asset
- A major application, general support system, high-impact program, physical plan, mission-critical system, personnel, equipment, or a logically related group of systems.
- Authentication
- The process of verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.
- Availability
- Timely and reliable access to data and information services for authorized users.
- Backup
- A copy of files and programs made to facilitate recovery if necessary, serving as part of a data loss prevention plan.
- Biometrics
- Security processes that rely on unique biological characteristics of an individual, such as fingerprints or facial recognition, to verify identity.
- Blacklist/Denylist
- A list of entities that are blocked or denied privileges or access. This can include email addresses, IP addresses, URLs, or other elements.
- Botnet
- A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.
- Breach
- A compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected information.
- Brute Force Attack
- A method for cracking an account password by trying many possible combinations.
- Bug Bounty
- A reward offered to individuals who identify and report a bug or vulnerability to the organization.
- Cipher Text
- The result of running plain text through an encryption algorithm, making it unreadable without the proper decryption key.
- Cloud Computing
- Computing resources that make it possible to access files and services through the internet from any location.
- Confidentiality
- A security service that ensures information is not disclosed to unauthorized individuals, entities, or processes.
- Cryptography
- The discipline of transforming data into a form unreadable by unauthorized individuals to provide security services such as confidentiality and data integrity.
- Cyber Attack
- Any unauthorized attempt to access, disrupt, steal, or damage computer systems, networks, or data.
- Dark Web
- A part of the internet that is not indexed by search engines and requires specific software, configurations, or authorization to access.
- Data Loss Prevention (DLP)
- A complex of security measures aimed at detecting and preventing data loss and cyberattacks.
- Decryption
- The process of changing ciphertext into plain text using a cryptographic algorithm and key.
- Denial of Service (DoS/DDoS)
- The prevention of authorized access to resources or the delaying of time-critical operations, typically by overwhelming a system with traffic.
- Digital Certificate
- A means by which to prove identity or provide authentication, commonly through a trusted third-party entity known as a certificate authority.
- Encryption
- The process of converting information or data into a code, especially to prevent unauthorized access.
- Exploit
- A weak spot in a computer system that can be used to attack it.
- Firewall
- A network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies.
- Hacker (Black Hat)
- A person who tries to break into a computer system by exploiting cybersecurity vulnerabilities, often for personal gain or malice.
- Hashing
- The process of transforming any given key or a string of characters into another value, frequently used to verify data integrity.
- Honeypot
- A technique aimed at distracting hackers with a fake target (a computer or data) to make them pursue it instead of the real one.
- Incident Response
- The process and procedures for identifying, containing, eradicating, recovering from, and conducting post-incident activities related to security incidents.
- Integrity
- The quality of an information system reflecting the completeness, soundness, and purity of the data (i.e., freedom from error or unauthorized modification).
- Intrusion Detection System (IDS)
- Software that watches for and identifies attempts to break into systems.
- Intrusion Prevention System (IPS)
- Similar to an IDS but with extra features that can take action to stop an attack, such as automatically disabling a network connection.
- Keylogger
- A type of surveillance software that has the capability to record every keystroke you make to a log file, often used to steal passwords.
- Malware
- Short for malicious software, this encompasses any program intended to damage or exploit programmable devices, services, or networks.
- Man-in-the-Middle (MitM)
- An attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.
- Network Security
- The practice of protecting computer networks and data from intrusion, unauthorized access, and other cyber threats.
- Penetration Testing
- A simulated cyberattack against your computer system to check for exploitable vulnerabilities.
- Phishing
- A cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data.
- Ransomware
- A type of malicious software that encrypts a victim's data or locks their system, demanding payment for decryption or access restoration.
- Risk Assessment
- The systematic process of identifying, analyzing, and evaluating potential threats, vulnerabilities, and impacts to an organization's digital assets.
- Rootkit
- A collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed.
- The psychological manipulation of people into performing actions or divulging confidential information.
- SQL Injection
- A code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.
- Threat Hunting
- The proactive network search to detect and isolate advanced threats that are evading security solutions.
- Trojan Horse
- A type of malware that is often disguised as legitimate software.
- Two-Factor Authentication (2FA)
- A means of proving identity using two authentication factors, often considered stronger than single-factor authentication.
- VPN (Virtual Private Network)
- A service that protects your internet connection and privacy online by creating an encrypted tunnel for your data.
- Vulnerability
- Any weakness in an asset or security protection that would allow a threat to cause harm.
- Zero-Day Vulnerability
- A computer-software vulnerability that is unknown to those who should be interested in mitigating the vulnerability (including the vendor of the target software).