Cybersecurity Glossary of Terms

Blocking new threats in 5G mobile networks through robust encryption, authentication, and network slicing controls.

Learn more about 5G Security

Acceptable risk is the level of potential harm or loss that an organization considers tolerable after analyzing threats, implementing controls, and weighing costs against benefits—acknowledging that all risk cannot be eliminated and establishing thresholds that balance security requirements with business objectives and resource limitations.

Learn more about Acceptable risk

Tool blocking unauthorized access

Learn more about Access Blocker

Mechanisms to restrict resource access.

Learn more about Access control

List of permissions determining resource access rights

Learn more about Access Control List

A table defining user permissions.

Learn more about Access control matrix

Means to ensure that access to assets is authorized and restricted based on business and security requirements related to logical and physical systems.

Learn more about Access control system

The system decides if access is to be granted or denied based upon the validity of the token for the point where it is read based upon time, date, day, holiday, or other condition used for controlling validation.

Learn more about Access control tokens

Technique for data retrieval and manipulation

Learn more about Access Method

Device enabling wireless network connections

Learn more about Access Point

Temporary account disabling after failed attempts

Learn more about Account Lockout

Accountability ensures that account management has assurance that only authorized users are accessing the system and using it properly.

Learn more about Accountability

Microsoft directory service for network authentication and access control

Learn more about Active Directory

A Microsoft high-level interface for all kinds of data.

Learn more about ActiveX Data Objects

Microsoft data access technology

Learn more about Activex Data Objects ADO

Risk-based authentication system

Learn more about Adaptive Authentication

Dynamic security approach that adapts to changing threats

Learn more about Adaptive security

Is used at the Media Access Control (MAC) Layer to provide for direct communication between two devices within the same LAN segment.

Learn more about Address Resolution Protocol

Mapping IP addresses to hardware addresses

Learn more about Address Resolution Protocol ARP

Data access technology for NET applications.

Learn more about ADONET

Standard symmetric encryption algorithm

Learn more about Advanced Encryption Standard

Advanced Persistent Threat (APT) is a sophisticated, prolonged cyber attack where highly skilled threat actors gain unauthorized access to a network and remain undetected for extended periods while systematically mapping the target's infrastructure, escalating privileges, and exfiltrating sensitive data to achieve specific strategic objectives.

Learn more about Advanced Persistent Threat

Prolonged targeted cyber attack

Learn more about Advanced Persistent Threat APT

Detection of sophisticated security threats

Learn more about Advanced threat detection

Security solution for detecting advanced threats

Learn more about Advanced Threat Protection

Study of attacks against machine learning systems

Learn more about Adversarial machine learning

Tricking AI with cunning inputs so it misclassifies or reveals data, bypassing traditional defenses.

Learn more about Adversarial Machine Learning Techniques

Entity attempting to compromise security systems

Learn more about Adversary

Software that displays unwanted ads

Learn more about Adware

Encryption key length specification

Learn more about AES Key Size

Ensuring artificial intelligence systems don’t cause unintended harm or dangerous outcomes—covering robustness, bias, security, and alignment.

Learn more about AI Safety

Physical isolation of secure networks

Learn more about Air Gap

A mathematical function that is used in the encryption and decryption processes.

Learn more about Algorithm

Identifying unusual system behaviors that may indicate threats

Learn more about Anomaly detection

Software that detects and removes malicious programs.

Learn more about Antivirus

A service or appliance managing and securing API calls by routing requests, enforcing policies, and controlling access to backend services.

Learn more about API Gateway

An API Gateway is a centralized security and management layer that controls, routes, and protects API interactions between clients and backend services, providing a single entry point for authentication, traffic management, and comprehensive monitoring of digital communications.

Learn more about API Security

Checking that an API handles requests safely, preventing injection, broken auth, or data exposure.

Learn more about API Security Testing

Automatic IP address allocation feature

Learn more about APIPA

Protecting applications from security threats

Learn more about Application Security

Organized team conducting advanced attacks

Learn more about APT Group

An attack that manipulates ARP tables.

Learn more about ARP cache poisoning

A malicious network technique that hijacks ARP communications to intercept and manipulate traffic by falsely associating an attacker's device with legitimate network IP addresses.

Learn more about ARP Poisoning

Memory randomization security technique

Learn more about ASLR

An item perceived as having value.

Learn more about Asset

Categorizing assets by importance and sensitivity.

Learn more about Asset classification

A comprehensive list of an organizations assets.

Learn more about Asset inventory

The phases that an asset goes through from creation (collection) to destruction.

Learn more about Asset lifecycle

Systematic tracking and management of assets.

Learn more about Asset management

Not identical on both sides. In cryptography, key pairs are used, one to encrypt, the other to decrypt.

Learn more about Asymmetric

Specific test case for security validation

Learn more about Atomic test

Sequential model of attack progression

Learn more about Attack Chain

Different security testing methods find different vulnerability types.

Learn more about Attack surface

Total potential system entry points

Learn more about Attack Surface

Identifying, monitoring, and reducing all potential entry points where an attacker might attempt to breach a system or network.

Learn more about Attack Surface Management

Diagramming all possible ways attackers could break in or cause harm, helping teams prioritize defenses.

Learn more about Attack Tree Analysis

Path used by attackers to access systems

Learn more about Attack vector

Verification of system integrity status

Learn more about Attestation

This is an access control paradigm whereby access rights are granted to users with policies that combine attributes together.

Learn more about Attribute Based Access Control

Access control using attributes

Learn more about Attribute Based Access Control ABAC

The tools, processes, and activities used to perform compliance reviews.

Learn more about Audit

Systematic examination of security practices

Learn more about Audit Auditing

Recording system and user activities.

Learn more about Audit logging

Recording system events for security analysis

Learn more about Audit Logging

A record of system activities for accountability.

Learn more about Audit trail

Digital credential for user authentication

Learn more about Auth Token

The process of verifying identity.

Learn more about Authentication

Tiers indicating how certain you can be about a user’s identity, from simple passwords to strong hardware-based proofs.

Learn more about Authentication Assurance Levels

Component used to verify user identity

Learn more about Authentication factor

Protocol providing IP packet authentication

Learn more about Authentication Header

Rules for verifying user identity

Learn more about Authentication Protocol

The process of defining the specific resources a user needs and determining the type of access to those resources the user may have.

Learn more about Authorization

Ensuring timely and reliable access to and use of information by authorized users.

Learn more about Availability

Security education for employees

Learn more about Awareness Training

Method to bypass normal authentication

Learn more about Backdoor

Method to bypass security and gain unauthorized system access

Learn more about Backdoor

Copy of data stored separately for disaster recovery

Learn more about Backup

Intentional limiting of network traffic rates for security purposes

Learn more about Bandwidth Throttling

A minimum level of security.

Learn more about Baselines

Establishing normal operational patterns to detect anomalies

Learn more about Baselining

Using human behavior for identification

Learn more about Behavioral Biometrics

Standards used for comparison and evaluation.

Learn more about Benchmarks

BGP Hijacking is a malicious internet routing attack that manipulates Border Gateway Protocol routing tables to fraudulently redirect network traffic, enabling large-scale interception and control of global internet communications.

Learn more about BGP Hijacking

BGP Security comprises protective technologies and protocols designed to authenticate, validate, and secure internet routing information, preventing malicious manipulation of global network communications.

Learn more about BGP Security

A system using 0 and 1 to represent values.

Learn more about Binary

Rules ensuring accurate and safe use of fingerprint, face, or iris recognition to avoid spoofing and protect personal data.

Learn more about Biometric Authentication Standards

Authentication using unique physical or behavioral characteristics

Learn more about Biometrics

Most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.

Learn more about Bit

Testing without internal knowledge

Learn more about Black Box Testing

Malicious hacker performing unauthorized system intrusions

Learn more about Black Hat Hacker

Security method blocking access to known malicious entities

Learn more about Blacklisting

Blockchain is a decentralized digital ledger technology that records transactions across multiple computers in a way that ensures the data cannot be altered retroactively, using cryptographic principles to create transparent, immutable, and chronological records without requiring a central authority, enabling secure peer-to-peer transactions and automated agreements through smart contracts.

Learn more about Blockchain

Preventing tampering or attacks on decentralized ledgers, including node misconfigurations, 51% attacks, and key theft.

Learn more about Blockchain Security

Security team focused on defending against cyber attacks

Learn more about Blue Team

Sending unsolicited messages via Bluetooth.

Learn more about BlueJacking

Unauthorized data access via Bluetooth.

Learn more about BlueSnarfing

Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and it has been integrated into many types of business and consumer devices.

Learn more about Bluetooth

A low power variant of Bluetooth for short range communication.

Learn more about Bluetooth Low Energy BLE

Protection mechanisms for Bluetooth wireless communications

Learn more about Bluetooth Security

Standard for short range wireless connectivity

Learn more about Bluetooth Wireless Personal Area Network IEEE 802 15

Malware targeting computer boot sectors

Learn more about Boot Sector Virus

Network of compromised computers controlled remotely by attackers

Learn more about Botnet

Protection of network perimeter against unauthorized access

Learn more about Boundary Defense

Unauthorized access to sensitive protected information

Learn more about Breach

Layer 2 devices that filter traffic between segments based on Media Access Control (MAC) addresses.

Learn more about Bridges

Policies and controls to secure personal devices used for work, balancing convenience with data protection.

Learn more about Bring Your Own Device BYOD Security

A network segment for broadcast traffic.

Learn more about Broadcast domain

Tracking users by collecting unique browser settings and characteristics without cookies, raising privacy/security concerns.

Learn more about Browser Fingerprinting

Isolating web browsing activity for security

Learn more about Browser Isolation

Separates web browsing processes from the local device or network, often running them in a remote container to reduce the risk of malware.

Learn more about Browser Isolation Technology

Protective measures within web browsers against online threats

Learn more about Browser Security

Systematic trial of all key combinations

Learn more about Brute Force Attack

Memory vulnerability when a program exceeds allocated buffer space

Learn more about Buffer Overflow

Program rewarding vulnerability reporting

Learn more about Bug Bounty

Initiative rewarding discovery and reporting of security vulnerabilities

Learn more about Bug Bounty Program

Actions, processes, and tools for ensuring an organization can continue critical operations during a contingency.

Learn more about Business continuity

Business Continuity and Disaster Recovery is a strategic approach to maintaining critical business operations and rapidly recovering from unexpected disruptions through comprehensive planning, technological solutions, and resilient organizational strategies.

Learn more about Business Continuity and Disaster Recovery

Ensuring business operations continue during disasters

Learn more about Business Continuity BC

Strategy ensuring operations continue during cybersecurity incidents

Learn more about Business Continuity Planning

Business Impact Analysis is a strategic assessment process that identifies, quantifies, and evaluates the potential financial and operational consequences of disruptions to critical business functions.

Learn more about Business Impact Analysis

Assessment of business disruption impact

Learn more about Business Impact Analysis BIA

Policy allowing personal devices for work purposes

Learn more about BYOD

A unit of digital information consisting of eight bits.

Learn more about Byte

Maturity model focused on quality management processes and has five maturity levels that contain several key practices within each maturity level.

Learn more about Capability Maturity Model for Software

Framework to assess and improve software processes

Learn more about Capability Maturity Model For Software Or Software Capability Maturity Model CMM Or SW CMM

Meeting California’s consumer privacy regulations that mandate how personal data is collected, used, and protected.

Learn more about CCPA CPRA Compliance

Handling Californians’ requests to see, delete, or correct personal data under CCPA and CPRA.

Learn more about CCPA Data Rights Management

A radio network distributed over land areas called cells, each served by at least one fixed-location transceiver, known as a cell site or base station.

Learn more about Cellular Network

An entity trusted by one or more users as an authority that issues, revokes, and manages digital certificates tof bind individuals and entities to their public keys.

Learn more about Certificate authority

Entity that issues digital certificates

Learn more about Certificate Authority CA

Associating a host with its expected certificate

Learn more about Certificate Pinning

Locking apps to known certificates so fake certs don’t fool them, preventing rogue CA or MITM impersonation.

Learn more about Certificate Pinning Implementation

A framework for publicly logging all issued digital certificates, making it easier to detect fraudulent or misissued certificates.

Learn more about Certificate Transparency

Documentation of evidence handling.

Learn more about Chain of custody

A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment.

Learn more about Change management

The CIA Triad is a fundamental security model that defines the three key objectives of information security: Confidentiality (protecting data from unauthorized access), Integrity (ensuring data remains accurate and unaltered), and Availability (guaranteeing reliable access to information when needed).

Learn more about CIA Triad

An algorithm for encrypting or decrypting data.

Learn more about Cipher

The altered form of a plaintext message, so as to be unreadable for anyone except the intended recipients. Something that has been turned into a secret.

Learn more about Ciphertext

Arrangement of assets into categories.

Learn more about Classification

The removal of sensitive data from storage devices in such a way that there is assurance that the data may not be reconstructed using normal system functions or software recovery utilities.

Learn more about Clearing

Security enforcement for cloud services

Learn more about Cloud Access Security Broker CASB

Deploying a service layer that enforces security policies and monitors data transfers between users and cloud platforms.

Learn more about Cloud Access Security Broker Implementation

Managing and securing the permissions, roles, and accounts in multi-cloud environments to prevent excessive or unauthorized access.

Learn more about Cloud Infrastructure Entitlement Management CIEM

Protection of cloud based resources

Learn more about Cloud Security

A cloud security stamp of approval showing robust controls, integrating the CSA Cloud Controls Matrix and ISO 27001.

Learn more about Cloud Security Alliance STAR Certification

Tools and processes that continuously detect and address configuration and compliance risks in cloud environments.

Learn more about Cloud Security Posture Management CSPM

A solution designed to secure workloads in various cloud environments, providing features like threat detection, compliance checks, and runtime protection.

Learn more about Cloud Workload Protection Platform CWPP

Every call's data is encoded with a unique key, then the calls are all transmitted at once.

Learn more about Code division multiple access CDMA

A Microsoft technology for software components.

Learn more about COM

A communication channel through which attackers remotely direct compromised systems and extract data or execute malicious commands.

Learn more about Command and Control C2

A set of standards that addresses the need for interoperability between hardware and software products.

Learn more about Common Object Request Broker Architecture CORBA

A standard rating for software vulnerabilities’ severity, guiding how urgent remediation should be.

Learn more about Common Vulnerability Scoring System CVSS

Adherence to a mandate; both the actions demonstrating adherence and the tools, processes, and documentation that are used in adherence.

Learn more about Compliance

A program written with functions and intent to copy and disperse itself without the knowledge and cooperation of the owner or user of the computer.

Learn more about Computer virus

Multiplex connected devices into one signal to be transmitted on a network.

Learn more about Concentrators

This criterion requires sufficient test cases for each condition in a program decision to take on all possible outcomes at least once. It differs from branch coverage only when multiple conditions must be evaluated to reach a decision.

Learn more about Condition coverage

Using hardware-based enclaves to protect data in use from unauthorized inspection or modification.

Learn more about Confidential Computing

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

Learn more about Confidentiality

Maintaining system consistency through documented changes.

Learn more about Configuration management

A formal, methodical, comprehensive process for establishing a baseline of the IT environment (and each of the assets within that environment).

Learn more about Configuration management CM

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter.

Learn more about Confusion

Securing container platforms like Kubernetes or Docker Swarm with access controls and resource isolation.

Learn more about Container Orchestration Security

Securing containerized applications

Learn more about Container Security

Is a large distributed system of servers deployed in multiple data centers across the internet.

Learn more about Content Distribution Network CDN

Embedding security checks and automation throughout the software build, test, and release pipeline.

Learn more about Continuous Integration Continuous Deployment CICD Security

Regularly and automatically testing security defenses against real-world threats to identify gaps and improve defenses.

Learn more about Continuous Security Validation

An information flow that is not controlled by a security control and has the opportunity of disclosing confidential information.

Learn more about Covert channel

Covert Security Testing is an undetected cybersecurity assessment method that simulates real-world attacks to identify vulnerabilities by penetrating an organization's systems without triggering internal security mechanisms.

Learn more about Covert security testing

Automated use of stolen credentials

Learn more about Credential Stuffing

Blocking attacks that try known username-password pairs across multiple sites to compromise reused credentials.

Learn more about Credential Stuffing Prevention

Assets vital to an organizations operations.

Learn more about Critical assets

Essential protective measures to block or lessen the most common attacks, maintained by CIS.

Learn more about Critical Security Controls

Tricking a user into unwanted actions

Learn more about Cross Site Request Forgery CSRF

Injection of malicious scripts in web pages

Learn more about Cross Site Scripting XSS

This is achieved when the type I and type II are equal.

Learn more about Crossover Error Rate CER

The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services provided through cryptography.

Learn more about Cryptanalysis

Protecting digital wallets, private keys, and exchanges from breaches, theft, and smart-contract exploits in crypto.

Learn more about Cryptocurrency Security

Resistance of an encryption algorithm to attacks.

Learn more about Cryptographic strength

Secret writing. Today provides the ability to achieve confidentiality, integrity, authenticity, non-repudiation, and access control.

Learn more about Cryptography

Unauthorized cryptocurrency mining

Learn more about Cryptojacking

The science that deals with hidden, disguised, or encrypted information and communications.

Learn more about Cryptology

The critical point where a material's intrinsic magnetic alignment changes direction.

Learn more about Curie Temperature

Responsible for protecting an asset that has value, while in the custodian's possession.

Learn more about Custodian

Managing and securing consumer-facing user accounts, ensuring streamlined registration, authentication, and data privacy.

Learn more about Customer Identity and Access Management CIAM

A list of the most common and dangerous software vulnerabilities, compiled by CWE and the SANS Institute.

Learn more about CWE SANS Top 25

Defensive tools and techniques that mimic targets or assets to mislead attackers and gather intelligence on their methods.

Learn more about Cyber Deception Technology

Criminals demanding payment (often via ransomware or data leak threats) to restore access or avoid publicizing stolen data.

Learn more about Cyber Extortion

A policy covering costs related to cyber incidents, such as breach notifications, data recovery, or legal fees.

Learn more about Cyber Insurance

A framework outlining the common stages of a cyberattack, from reconnaissance to data exfiltration, helping defenders identify and disrupt threats.

Learn more about Cyber Kill Chain

Protecting systems that blend digital networks with real-world operations (like autonomous vehicles, medical devices, or smart buildings).

Learn more about Cyber Physical Systems Security

A simulated environment for running realistic cyber-attack drills and training defensive teams in an isolated setting.

Learn more about Cyber Range

An organization’s capacity to maintain operations under cyberattack and quickly recover from disruptions.

Learn more about Cyber Resiliency

Using quantitative methods to estimate potential financial and operational impacts of cyber threats, aiding in informed risk management decisions.

Learn more about Cyber Risk Quantification

A proactive approach to finding threats in an environment by analyzing current and historical data for indicators of compromise.

Learn more about Cyber Threat Hunting

Analysis of information about cyber threats

Learn more about Cyber Threat Intelligence CTI

Processes like planning, collection, analysis, and dissemination used to turn raw threat data into actionable intelligence.

Learn more about Cyber Threat Intelligence CTI Lifecycle

The use of digital attacks by nation-states or groups to disrupt or gain strategic advantage over adversaries’ information systems.

Learn more about Cyber Warfare

Cybersecurity is the practice of protecting computers, networks, and digital information from unauthorized access, theft, and damage. It's like a digital security system that guards your electronic devices and online accounts against hackers, viruses, and other cyber threats. Just as you lock your home to keep intruders out, cybersecurity uses technology, smart practices, and awareness to keep your digital life safe from online criminals who want to steal your personal information, financial data, or disrupt your digital activities.

Learn more about Cybersecurity

A U.S. DoD framework ensuring defense contractors demonstrate specific cybersecurity capabilities and processes.

Learn more about Cybersecurity Maturity Model Certification CMMC

Gathering info from hidden online forums and markets to spot leaked data or criminal plans early.

Learn more about Dark Web Intelligence

Layer for abstracting database interactions.

Learn more about Data access layer

Entails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category.

Learn more about Data classification

The person/role within the organization owner/controller.

Learn more about Data custodian

Conversion of data into a secure format

Learn more about Data Encryption

This criteria requires sufficient test cases for each feasible data flow to be executed at least once.

Learn more about Data flow coverage

Data governance is a framework of policies, processes, roles, and metrics that ensures the effective and efficient use of information across an organization, establishing how data is controlled, accessed, and used while maintaining its quality, security, privacy, and compliance with regulations.

Learn more about Data Governance

Managing data throughout its lifecycle.

Learn more about Data lifecycle management

The second layer of the OSI model for data transfer.

Learn more about Data link layer

Tools and processes designed to prevent unauthorized data exfiltration or accidental leakage.

Learn more about Data Loss Prevention DLP

Identifying and labeling data across an organization to track it properly for privacy and security compliance.

Learn more about Data Mapping Classification Tools

Hiding sensitive data with altered content

Learn more about Data Masking

Collecting and keeping only the data you really need to reduce breach risks and comply with privacy regulations.

Learn more about Data Minimization

A decision-making technique that is based on a series of analytical techniques taken from the fields of mathematics, statistics, cybernetics, and genetics.

Learn more about Data mining

An entity that collects or creates PII.

Learn more about Data owner controller

The individual human related to a set of personal data.

Learn more about Data subject

Letting people request copies, corrections, or deletion of their personal data under laws like GDPR, CCPA, etc.

Learn more about Data Subject Access Rights

A suite of application programs that typically manages large, structured sets of persistent data.

Learn more about Database Management System DBMS

Describes the relationship between the data elements and provides a framework for organizing the data.

Learn more about Database model

Tools and services designed to detect and block Distributed Denial of Service attacks, keeping online resources available.

Learn more about DDoS Mitigation Services

Considered to be a minimum level of coverage for most software products, but decision coverage alone is insufficient for high-integrity applications.

Learn more about Decision branch coverage

The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key that was used to do the original encryption.

Learn more about Decryption

Inspection of packet data for analysis

Learn more about Deep Packet Inspection DPI

Identifying AI-generated or manipulated media impersonations before they fool the public or breach security.

Learn more about Deepfake Detection

A layered approach to security.

Learn more about Defense in depth

Eliminating data using a controlled, legally defensible, and regulatory compliant way.

Learn more about Defensible destruction

Defending decentralized finance platforms from exploits—whether code, price manipulations, or malicious insiders.

Learn more about DeFi Security

An approach based on lean and agile principles in which business owners and the development, operations, and quality assurance departments collaborate.

Learn more about DevOps

A collaborative culture and set of practices that integrates security activities into every phase of software development and operations.

Learn more about DevSecOps

Mixing “noise” into data or queries so you can’t pinpoint individuals while still extracting aggregate insights.

Learn more about Differential Privacy

Provided by mixing up the location of the plaintext throughout the ciphertext. The strongest algorithms exhibit a high degree of confusion and diffusion.

Learn more about Diffusion

An electronic document that contains the name of an organization or individual, the business address, the digital signature of the certificate authority issuing the certificate, the certificate holder's public key, a serial number, and the expiration date. Used to bind individuals and entities to their public keys. Issued by a trusted third party referred to as a Certificate Authority (CA).

Learn more about Digital certificate

Trail of data left online

Learn more about Digital Footprint

Investigation of digital evidence

Learn more about Digital Forensics

Investigating security incidents, gathering digital evidence, and coordinating actions to contain and mitigate damage.

Learn more about Digital Forensics and Incident Response DFIR

A broad range of technologies that grant control and protection to content providers over their own digital media. May use cryptography techniques.

Learn more about Digital rights management DRM

Monitoring and managing digital risks

Learn more about Digital Risk Protection

Discrete signals representing binary data.

Learn more about Digital signals

Provide authentication of a sender and integrity of a sender's message and non-repudiation services.

Learn more about Digital signatures

Blocking malicious file path manipulations (like ../) to prevent reading or writing outside authorized dirs.

Learn more about Directory Traversal Mitigation

Strategies to recover from disasters.

Learn more about Disaster recovery

Those tasks and activities required to bring an organization back from contingency operations and reinstate regular operations.

Learn more about Disaster recovery DR

The system owner decides who gets access.

Learn more about Discretionary access control DAC

A Distributed Denial of Service (DDoS) attack is a coordinated assault on network infrastructure or services where multiple compromised systems flood the target with overwhelming traffic from many sources simultaneously, exhausting server resources and bandwidth capacity, and preventing legitimate users from accessing the targeted system, website, or network service.

Learn more about Distributed Denial Of Service DDOS Attack

Decentralized transaction recording system

Learn more about Distributed Ledger Technology DLT

Email protocols that verify sender authenticity and reduce the risk of spoofing and phishing.

Learn more about DMARC SPF DKIM Email Security

A protocol that encrypts DNS queries over HTTPS, improving privacy and blocking potential eavesdroppers.

Learn more about DNS over HTTPS DoH

A protocol that secures DNS queries using TLS to protect against interception or tampering.

Learn more about DNS over TLS DoT

Protecting the Domain Name System

Learn more about DNS Security

Enhancements to DNS that use cryptographic signatures to prevent domain spoofing and forgery.

Learn more about DNS Security Extensions DNSSEC

Redirecting malicious or suspicious domain name queries to a controlled server, preventing attackers from communicating with command-and-control servers.

Learn more about DNS Sinkholing

Digitally signing DNS records to stop attackers from redirecting users to fake sites.

Learn more about DNSSEC Implementation

Techniques to safeguard containerized applications, such as scanning images, restricting privileges, and isolating containers.

Learn more about Docker Security

A method used by malware to generate many domain names for command-and-control servers, making them harder to track or block.

Learn more about Domain Generation Algorithm DGA

A legal concept pertaining to the duty owed by a provider to a customer.

Learn more about Due care

Actions taken by a vendor to demonstrate/ provide due care.

Learn more about Due diligence

Testing live applications for security flaws.

Learn more about Dynamic application security testing DAST

Ports 49152 – 65535. Whenever a service is requested that is associated with Well- Known or Registered Ports those services will respond with a dynamic port.

Learn more about Dynamic or Private Ports

When the system under test is executed and its behavior is observed.

Learn more about Dynamic testing

Unauthorized interception of private communications.

Learn more about Eavesdropping Attack

Public key cryptography using elliptic curves.

Learn more about ECC

Monitoring outbound traffic to prevent unauthorized data transfers.

Learn more about Egress Filtering

Ensuring voting systems and processes can’t be compromised, tampered, or sabotaged, protecting democratic integrity.

Learn more about Election Security

Techniques to protect email communications from threats.

Learn more about Email Security

A solution that filters and monitors email traffic to block spam, phishing, and malware before reaching end users.

Learn more about Email Security Gateway

A major banking Trojan turned malware distribution platform.

Learn more about Emotet

Layering or packaging data with protocol headers or methods for secure communication.

Learn more about Encapsulation

The action of changing a message into another format through the use of a code.

Learn more about Encoding

Converting plaintext to ciphertext using cryptographic algorithms.

Learn more about Encryption

Encryption from sender to recipient without exposure on intermediate servers.

Learn more about End to End Encryption

Endpoint Detection and Response (EDR) is a security technology that continuously monitors endpoint devices for malicious activity, providing real-time detection, investigation, and remediation capabilities to protect against advanced threats.

Learn more about Endpoint Detection And Response EDR

Putting real-time monitors on endpoints to spot and contain threats, surpassing traditional AV capabilities.

Learn more about Endpoint Detection and Response EDR Implementation

Integrated endpoint security solution

Learn more about Endpoint Protection Platform EPP

Security measures for devices

Learn more about Endpoint Security

Measure of randomness crucial for secure cryptographic operations.

Learn more about Entropy

Systematic probing to discover network resources, accounts, or services.

Learn more about Enumeration

Gaining higher access rights than intended, often through vulnerabilities.

Learn more about Escalation of Privileges

High-assurance SSL certificate showing verified company identity, historically recognized by browser UI indicators.

Learn more about EV Certificate

Gathering data for forensic analysis.

Learn more about Evidence collection

Rogue WiFi access point mimicking a legitimate one to steal data.

Learn more about Evil Twin Attack

Unauthorized transfer of data out of a system or network.

Learn more about Exfiltration

Technique to take advantage of vulnerabilities

Learn more about Exploit

Extended Detection and Response (XDR) is a security solution that unifies multiple protection technologies into a cohesive system, collecting and automatically correlating data across multiple security layers—including email, endpoints, servers, cloud workloads, and networks—to detect sophisticated threats through advanced analytics, while providing enhanced visibility, investigation capabilities, and automated response actions from a single platform.

Learn more about Extended Detection and Response XDR

A digital certificate with stricter identity checks for higher assurance.

Learn more about Extended Validation EV Certificate

This is erroneous recognition either by confusing one user with another, or by accepting an imposter as a legitimate user.

Learn more about False Acceptance Rate Type II

Deceptive attacks pretending to come from someone else, complicating attribution and response decisions.

Learn more about False Flag Operations

This is failure to recognize a legitimate user.

Learn more about False Rejection Rate Type I

A model allowing users to access multiple applications or domains with a single digital identity from a trusted provider.

Learn more about Federated Identity

Training AI models without gathering raw data centrally—devices or institutions keep their data locally, sending only model updates.

Learn more about Federated Learning

A lightweight encapsulation protocol, and it lacks the reliable data transport of the TCP layer.

Learn more about Fibre Channel over Ethernet FCoE

A protocol that enables strong, passwordless logins using hardware or built-in authenticators with public key cryptography.

Learn more about FIDO2 Authentication

Malicious software that operates entirely in memory or leverages legitimate system tools rather than installing files on a disk.

Learn more about Fileless Malware

Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules.

Learn more about Firewalls

Safeguarding low-level device software so attackers can’t tamper at startup or use persistent exploits.

Learn more about Firmware Security

Preparedness for digital investigations.

Learn more about Forensic Readiness

Data represented at Layer 2 of the Open Systems Interconnection (OSI) model.

Learn more about Frame

A process to identify security control deficiencies by comparing current and desired states.

Learn more about Gap Analysis

Secure memory cleanup to prevent data leakage.

Learn more about Garbage Collection Security Context

A network node that manages and filters traffic between networks.

Learn more about Gateway

Adherence to EU data protection rules

Learn more about GDPR Compliance

EU rules demanding strong data protections and strict handling of personal info.

Learn more about GDPR Technical Requirements

Location-based control method that restricts or allows digital access.

Learn more about Geofencing

Attaching location data to files, which can pose security risks.

Learn more about Geotagging

Stealth malware that deletes itself after execution.

Learn more about Ghostware

Hardware manipulation to bypass device security protections.

Learn more about Glitching

Each call is transformed into digital data that is given a channel and a time slot.

Learn more about Global System for Mobiles GSM

Security practices and tools for Linuxbased systems.

Learn more about GNULinux Security

Preconfigured secure system image used for standard deployments.

Learn more about Gold Image

Using advanced Google searches to find exposed security risks.

Learn more about Google Hacking

The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles, and procedures the organization uses to make those decisions.

Learn more about Governance

A formal body of personnel who determine how decisions will be made within the organization and the entity that can approve changes and exceptions to current relevant governance.

Learn more about Governance committee

Opensource encryption tool using publickey cryptography.

Learn more about GPG GNU Privacy Guard

Cryptographic key pair used for secure GPG encryption.

Learn more about GPG Key

Finetuned control over resource access based on user roles.

Learn more about Granular Access Control

Protecting GraphQL APIs through measures like query analysis, rate limiting, and schema validation to prevent malicious requests.

Learn more about GraphQL Security

Testing with partial internal knowledge.

Learn more about Gray box testing

Integrated framework for strategy, risk management, and compliance.

Learn more about GRC Governance Risk and Compliance

PKIbased framework for securing distributed computing grids.

Learn more about Grid Security Infrastructure GSI

Windows feature for managing user and device configurations.

Learn more about Group Policy

Protected memory areas used to detect buffer overflows.

Learn more about Guard Pages

Suggested practices and expectations of activity to best accomplish tasks and attain goals.

Learn more about Guidelines

OS with enhanced security configurations

Learn more about Hardened Operating System

Reducing vulnerabilities through configuration.

Learn more about Hardening

A secure chip or component that anchors all sensitive security processes in hardware.

Learn more about Hardware Root of Trust

A dedicated appliance for securely creating, storing, and managing cryptographic keys and performing encryption operations.

Learn more about Hardware Security Module HSM

A way to prove message integrity and authenticity using a shared secret key and hashing.

Learn more about Hash based Message Authentication Code HMAC

Accepts an input message of any length and generates, through a one-way operation, a fixed-length output called a message digest or hash.

Learn more about Hash function

A flaw in OpenSSL’s heartbeat feature letting attackers read server memory, including keys or credentials.

Learn more about Heartbleed Vulnerability

Design ensuring continuous operation.

Learn more about High availability

U.S. regulation setting standards for protecting the confidentiality, integrity, and availability of electronic health information.

Learn more about HIPAA Security Rule

An approach enabling calculations on encrypted data without decrypting it, preserving data privacy during processing.

Learn more about Homomorphic Encryption

Machines that exist on the network, but do not contain sensitive or valuable data, and are meant to distract and occupy malicious or unauthorized intruders, as a means of delaying their attempts to access production data/assets.

Learn more about Honeypots honeynets

Decoy resource for detecting intrusions

Learn more about Honeytoken

Extra instructions (like CSP, HSTS) sent by websites to reduce XSS, clickjacking, or insecure transport exposures.

Learn more about HTTP Security Headers

Identity and Access Management (IAM) is a system for managing digital identities and regulating resource access. It ensures that only authorized individuals receive the appropriate permissions through authentication and authorization controls.

Learn more about Identity And Access Management IAM

Cloud-based services that broker identity and access management (IAM) functions to target systems on customers' premises and/or in the cloud.

Learn more about Identity as a service IDaaS

Managing user identities, roles, and access rights to ensure compliance and minimize security risks.

Learn more about Identity Governance and Administration IGA

Managing user identities and access.

Learn more about Identity management

The process of collecting and verifying information about a person for the purpose of proving that a person who has requested an account, a credential, or other special privilege is indeed who he or she claims to be and establishing a reliable relationship that can be trusted electronically between the individual and said credential for purposes of electronic authentication.

Learn more about Identity proofing

Organized approach to handling incidents

Learn more about Incident Management

Handling security breaches

Learn more about Incident Response

Early-stage signs that a malicious act or tactic is in progress, focusing on the intent behind attacker actions.

Learn more about Indicators of Attack IoA

Forensic clues pointing to malicious activity, such as suspicious file hashes or network connections.

Learn more about Indicators of Compromise IoC

Protecting the supervisory and control systems that manage industrial operations, such as manufacturing, power grids, or utilities.

Learn more about Industrial Control System ICS Security

Ensuring secure configuration and governance of infrastructure managed through code, such as scripts or templates.

Learn more about Infrastructure as Code IaC Security

A non-secret binary vector used as the initializing input algorithm, or a random starting point, for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.

Learn more about Initialization vector IV

Exposing raw database or file references so attackers can switch them to see or manipulate unauthorized data.

Learn more about Insecure Direct Object References IDOR

Managing risks from internal actors

Learn more about Insider Risk Management

Threat from within an organization

Learn more about Insider Threat

A management technique that simultaneously integrates all essential acquisition activities through the use of multidisciplinary teams to optimize the design, manufacturing, and supportability processes.

Learn more about Integrated Process and Product Development IPPD

Guarding against improper information modification or destruction and includes ensuring information non-repudiation and authenticity.

Learn more about Integrity

Intangible assets (notably includes software and data).

Learn more about Intellectual property

Tools and techniques that identify security flaws in running applications by monitoring code execution and traffic in real time.

Learn more about Interactive Application Security Testing IAST

Provides a means to send error messages and a way to probe the network to determine network availability.

Learn more about Internet Control Message Protocol ICMP

Used to manage multicasting groups that are a set of hosts anywhere on a network that are listening for a transmission.

Learn more about Internet Group Management Protocol IGMP

Is the dominant protocol that operates at the Open Systems Interconnection (OSI) Network Layer 3. IP is responsible for addressing packets so that they can be transmitted from the source to the destination hosts.

Learn more about Internet Protocol IPv4

Is a modernization of IPv4 that includes a much larger address field: IPv6 addresses are 128 bits that support 2^128 hosts.

Learn more about Internet Protocol IPv6

A solution that monitors the environment and automatically recognizes malicious attempts to gain unauthorized access.

Learn more about Intrusion detection system IDS

A solution that monitors the environment and automatically takes action when it recognizes malicious attempts to gain unauthorized access.

Learn more about Intrusion prevention system IPS

Complete list of items.

Learn more about Inventory

A network of infected smart devices controlled by criminals for large-scale attacks.

Learn more about IoT Botnet

Protecting internet-connected devices—from smart home gadgets to industrial sensors—by securing their data, interfaces, and networks.

Learn more about IoT Device Security

Security for Internet of Things devices

Learn more about IOT Security

The 32 bit internet addressing protocol.

Learn more about IPv4

Making sure the new internet protocol (IPv6) isn’t misused for attacks like neighbor discovery spoofing or extension header exploits.

Learn more about IPv6 Security

An international standard specifying requirements for establishing, implementing, and continually improving an Information Security Management System.

Learn more about ISO IEC 27001

An API for database access in Java.

Learn more about JDBC

The practice of having personnel become familiar with multiple positions within the organization as a means to reduce single points of failure and to better detect insider threats.

Learn more about Job rotation

Granting elevated privileges or resources only when needed and revoking them immediately afterward to reduce exposure.

Learn more about Just in Time JIT Access

A compact token for secure information exchange.

Learn more about JWT

Safeguarding JSON Web Tokens from misuse by enforcing correct signature validation, expiration, and storage.

Learn more about JWT Security

When different encryption keys generate the same ciphertext from the same plaintext message.

Learn more about Key Clustering

Securely exchanging cryptographic keys.

Learn more about Key exchange

The size of a key, usually measured in bits, that a cryptographic algorithm uses in ciphering or deciphering protected information.

Learn more about Key Length

Managing the lifecycle of cryptographic keys.

Learn more about Key management

The input that controls the operation of the cryptographic algorithm. It determines the behavior of the algorithm and permits the reliable encryption and decryption of the message.

Learn more about Key or Cryptovariable

A mathematical statistical and visualization method of identifying valid and useful patterns in data.

Learn more about Knowledge Discovery in Databases KDD

Practices and tools to protect container orchestration clusters, including configuration hardening and network segmentation.

Learn more about Kubernetes Security

The technique attackers use to move from one compromised system or account to another within a network to gain higher privileges or deeper access.

Learn more about Lateral Movement

Encryption relying on difficult lattice math that remains secure even against quantum computing breakthroughs.

Learn more about Lattice based Cryptography

The practice of only granting a user the minimal permissions necessary to perform their explicit job function.

Learn more about Least privilege

Phases that an asset goes through from creation to destruction.

Learn more about Lifecycle

Kernel add-ons like SELinux or AppArmor that enforce strict security policies beyond standard Unix permissions.

Learn more about Linux Security Modules

An attacker’s strategy of using built-in system tools or legitimate software to evade detection and maintain persistence.

Learn more about Living off the Land LotL Attack

A record of actions and events that have taken place on a computer system.

Learn more about Log

Collecting and analyzing system logs

Learn more about Log Management

A major flaw in the Log4j library letting attackers run code with crafted log messages.

Learn more about Log4Shell Vulnerability

Recording system events for auditing.

Learn more about Logging

Non-physical system that allows access based upon pre-determined policies.

Learn more about Logical access control system

This criterion requires sufficient test cases for all program loops to be executed for zero one two and many iterations covering initialization typical running and termination boundary conditions.

Learn more about Loop coverage

A unique network interface identifier.

Learn more about MAC address

Malicious advertising

Learn more about Malvertising

Malicious software

Learn more about Malware

Examining the structure and behavior of malicious software to support detection and response efforts.

Learn more about Malware Analysis

A form of malware injection that intercepts and manipulates web communications directly within a user’s browser.

Learn more about Man in the Browser MitB Attack

Interception of communications between parties

Learn more about Man In The Middle Attack MITM

A security service that combines technology and human expertise to identify, investigate, and respond to threats on behalf of organizations.

Learn more about Managed Detection and Response MDR

Access control that requires the system itself to manage access controls in accordance with the organizations security policies.

Learn more about Mandatory access controls MAC

The measure of how long an organization can survive an interruption of critical functions. Also known as maximum tolerable downtime MTD.

Learn more about Maximum allowable downtime MAD

Any object that contains data.

Learn more about Media

Permanently removing data from storage media.

Learn more about Media sanitization

Processor flaws exploiting speculative execution to steal sensitive data from protected memory areas.

Learn more about Meltdown Spectre Vulnerabilities

Analyzing a computer’s RAM for traces of hidden or suspicious activity, especially fileless or advanced malware.

Learn more about Memory Forensics

Writing code in ways or using languages that prevent vulnerabilities like buffer overflows or memory corruption.

Learn more about Memory Safe Programming

A small block of data that is generated using a secret key and then appended to the message used to address integrity.

Learn more about Message authentication code MAC

A small representation of a larger message. Message digests are used to ensure the authentication and integrity of information not the confidentiality.

Learn more about Message digest

Information about the data.

Learn more about Metadata

Dividing a network into isolated zones to limit the lateral movement of attackers and reduce potential damage.

Learn more about Microsegmentation

A use case from the point of view of an actor hostile to the system under design.

Learn more about Misuse case

A structured matrix of adversary tactics and techniques that helps organizations understand and respond to cyber threats.

Learn more about MITRE ATTACK Framework

Managing mobile devices in enterprises

Learn more about Mobile Device Management MDM

Continuous observation for anomalies.

Learn more about Monitoring

Testing all combinations of conditions

Learn more about Multi Condition Coverage

Authentication using multiple factors

Learn more about Multi Factor Authentication

Multiple users on a single instance with isolation

Learn more about Multi Tenancy

These criteria require sufficient test cases to exercise all possible combinations of conditions in a program decision.

Learn more about Multi-condition coverage

Ensures that a user is who he or she claims to be. The more factors used to determine a persons identity the greater the trust of authenticity.

Learn more about Multi-factor authentication

Is a wide area networking protocol that operates at both Layer 2 and 3 and does label switching.

Learn more about Multiprotocol Label Switching MPLS

Access limited to required personnel

Learn more about Need To Know

Primarily associated with organizations that assign clearance levels to all users and classification levels to all assets restricts users with the same clearance level from sharing information unless they are working on the same effort. Entails compartmentalization.

Learn more about Need-to-know

This ensures the application can gracefully handle invalid input or unexpected user behavior.

Learn more about Negative testing

Meeting North American Electric Reliability Corporation standards to protect power grids and related infrastructure.

Learn more about NERC CIP Compliance

Policy enforcement for network access

Learn more about Network Access Control NAC

The objective of NFV is to decouple functions such as firewall management intrusion detection network address translation or name service resolution away from specific hardware implementation into software solutions.

Learn more about Network Function Virtualization NFV

Protecting data and resources on a network.

Learn more about Network security

Dividing a network into isolated segments.

Learn more about Network segmentation

The arrangement of network nodes and connections.

Learn more about Network topology

Monitoring and evaluating network flows to detect anomalies, threats, and potential intrusions in real time.

Learn more about Network Traffic Analysis NTA

An advanced firewall that goes beyond traditional packet filtering, offering deep-packet inspection and integrated security features.

Learn more about Next Generation Firewall NGFW

Securing digital ownership tokens from counterfeits, scam contracts, or stolen keys, especially in art/collectible markets.

Learn more about NFT Security

A set of guidelines and best practices published by NIST to help organizations manage cybersecurity risk.

Learn more about NIST Cybersecurity Framework

A structured way to spot and handle privacy risks in line with NIST guidelines, paralleling the Cybersecurity Framework model.

Learn more about NIST Privacy Framework

Ensuring actions cannot be denied.

Learn more about Non repudiation

Inability to deny. In cryptography a service that ensures the sender cannot deny a message was sent and the integrity of the message is intact and the receiver cannot claim receiving a different message.

Learn more about Non-repudiation

Hiding plaintext within other plaintext. A form of steganography.

Learn more about Null cipher

A protocol for token based authorization.

Learn more about OAuth

Protecting OAuth tokens and flows so attackers can’t hijack delegated app access.

Learn more about OAuth Security

A standard API for database access.

Learn more about ODBC

COM based interfaces for data access.

Learn more about OLE DB

The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service or by allowing the third-party application to obtain access on its own behalf.

Learn more about Open Authorization OAuth

An interior gateway routing protocol developed for IP networks based on the shortest path first or link-state algorithm.

Learn more about Open Shortest Path First OSPF

Physical layer.

Learn more about OSI Layer 1

Data-link layer.

Learn more about OSI Layer 2

Network layer.

Learn more about OSI Layer 3

Transport layer.

Learn more about OSI Layer 4

Session layer.

Learn more about OSI Layer 5

Presentation layer.

Learn more about OSI Layer 6

Application layer.

Learn more about OSI Layer 7

Overt testing can be used with both internal and external testing. When used from an internal perspective the bad actor simulated is an employee of the organization. The organizations IT staff is made aware of the testing and can assist the assessor in limiting the impact of the test by providing specific guidelines for the test scope and parameters.

Learn more about Overt security testing

A list of the most critical web application security risks compiled by the Open Web Application Security Project.

Learn more about OWASP Top 10

Possessing something usually of value.

Learn more about Ownership

Representation of data at Layer 3 of the Open Systems Interconnection OSI model.

Learn more about Packet

A technique called Packet Loss Concealment PLC is used in VoIP communications to mask the effect of dropped packets.

Learn more about Packet Loss

RAID technique logical mechanism used to mark striped data allows recovery of missing drives by pulling data from adjacent drives.

Learn more about Parity bits

Software for managing passwords

Learn more about Password Manager

A login approach eliminating passwords, often using biometrics or secure tokens to validate user identities.

Learn more about Passwordless Authentication

An update/fix for an IT asset.

Learn more about Patch

This criteria require sufficient test cases for each feasible path basis path etc from start to exit of a defined program segment to be executed at least once.

Learn more about Path coverage

Following the Payment Card Industry Data Security Standard, which sets requirements for securely handling payment card information.

Learn more about PCI DSS Compliance

Simulated attacks to identify vulnerabilities.

Learn more about Penetration Testing

On-demand or subscription-based penetration testing that provides continuous evaluations of an organization’s security posture.

Learn more about Penetration Testing as a Service PTaaS

Keeping old encrypted sessions safe even if current keys are compromised, via ephemeral key exchanges.

Learn more about Perfect Forward Secrecy

A network for devices around an individual.

Learn more about Personal Area Network

Any data about a human being that could be used to identify that person.

Learn more about Personally identifiable information PII

Phishing is a cybersecurity attack where criminals masquerade as trustworthy entities through fraudulent emails, messages, or websites to deceive victims into revealing sensitive information such as passwords, credit card details, or personal data, or to trick them into downloading malware or visiting compromised websites.

Learn more about Phishing Attack

Login methods that can’t be easily captured or replayed (e.g., FIDO2 tokens), offering strong protection against phishing.

Learn more about Phishing resistant Authentication

Testing employee vulnerability to phishing attempts by sending controlled, fake phishing messages.

Learn more about Phishing Simulation

An automated system that manages the passage of people or assets through an openings in a secure perimeters based on a set of authorization rules.

Learn more about Physical access control system

The OSI models layer for raw data transmission.

Learn more about Physical layer

Exceeds maximum packet size and causes receiving system to fail.

Learn more about Ping of Death

Network mapping technique to detect if host replies to a ping then the attacker knows that a host exists at that address.

Learn more about Ping Scanning

A framework for managing digital certificates and keys.

Learn more about PKI

The message in its natural format has not been turned into a secret.

Learn more about Plaintext

Protocol for direct network connections

Learn more about Point To Point Protocol PPP

Documents published and promulgated by senior management dictating and describing the organizations strategic goals.

Learn more about Policy

Access control determined by predefined policies.

Learn more about Policy based access control

Malware that alters its code or signature with each infection to evade detection by traditional security tools.

Learn more about Polymorphic Malware

An extension to NAT to translate all addresses to one routable IP address and translate the source port number in the packet to a unique value.

Learn more about Port Address Translation PAT

This determines that your application works as expected.

Learn more about Positive testing

Cryptographic algorithms designed to withstand attacks from future quantum computers, ensuring long-term data security.

Learn more about Post Quantum Cryptography

Granting only the minimum necessary access.

Learn more about Principle of least privilege

A Windows print service issue allowing attackers to gain high privileges by installing malicious printer drivers.

Learn more about PrintNightmare Vulnerability

The right of a human individual to control the distribution of information about him- or herself.

Learn more about Privacy

Baking privacy considerations into systems from the earliest design stages, ensuring minimal data handling risks.

Learn more about Privacy by Design

Tools that reduce or hide identifying info while still supporting analytics or ML, protecting user privacy.

Learn more about Privacy Enhancing Technologies PETs

Controlling and reviewing user privileges.

Learn more about Privilege management

Controlling and monitoring admin-level accounts to minimize the risk of misuse or compromise.

Learn more about Privileged Access Management PAM

Explicit repeatable activities to accomplish a specific task. Procedures can address one-time or infrequent actions or common regular occurrences.

Learn more about Procedures

Shifting encrypted data between keys without ever decrypting the content, enabling secure delegation of data access.

Learn more about Proxy Re encryption

Encryption using paired public and private keys.

Learn more about Public key cryptography

Framework for managing digital certificates

Learn more about Public Key Infrastructure PKI

The removal of sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique.

Learn more about Purging

A security collaboration where Red Team (offensive) and Blue Team (defensive) work together to refine threat detection and response capabilities.

Learn more about Purple Team

Measuring something without using numbers using adjectives scales and grades etc.

Learn more about Qualitative

Using numbers to measure something usually monetary values.

Learn more about Quantitative

Quantum cryptography is an advanced security method that uses quantum physics principles to enable secure communication by creating encryption keys through quantum mechanics, allowing parties to detect any eavesdropping attempts due to the fundamental property that measuring a quantum system unavoidably disturbs it, providing theoretically unbreakable protection against interception.

Learn more about Quantum Cryptography

Using quantum bits to securely share encryption keys, detecting any eavesdropping attempts by measuring quantum disturbances.

Learn more about Quantum Key Distribution

A business model where cybercriminals provide ransomware toolkits to affiliates in exchange for a share of ransom payments.

Learn more about Ransomware as a Service RaaS

An approach to web monitoring that aims to capture and analyze every transaction of every user of a website or application.

Learn more about Real user monitoring RUM

A measure of how much data the organization can lose before the organization is no longer viable.

Learn more about Recovery point objective RPO

The target time set for recovering from any interruption.

Learn more about Recovery time objective RTO

Group that simulates cyber attacks

Learn more about Red Team

Authorized tests where specialists pose as attackers to find organizational weak points in a stealthy, multi-phase manner.

Learn more about Red Team Exercises

Backup components to ensure reliability.

Learn more about Redundancy

Ports 1024 to 49151. These ports typically accompany non-system applications associated with vendors and developers.

Learn more about Registered Ports

This performs certificate registration services on behalf of a Certificate Authority CA.

Learn more about Registration authority RA

Mandatory legal and policy standards.

Learn more about Regulatory requirements

Software helping organizations meet compliance rules automatically and efficiently, using AI, data analytics, and automation.

Learn more about Regulatory Technology RegTech

Residual magnetism left behind.

Learn more about Remanence

The risk remaining after security controls have been put in place as a means of risk mitigation.

Learn more about Residual risk

Assets of an organization that can be used effectively.

Learn more about Resources

Obligation for doing something. Can be delegated.

Learn more about Responsibility

The possibility of damage or harm and the likelihood that damage or harm will be realized.

Learn more about Risk

Determining that the potential benefits of a business function outweigh the possible risk impact/likelihood and performing that business function with no other action.

Learn more about Risk acceptance

The level of risk an organization is willing to accept.

Learn more about Risk appetite

Evaluation of potential risks

Learn more about Risk Assessment

Determining that the impact and/or likelihood of a specific risk is too great to be offset by the potential benefits and not performing a certain business function because of that determination.

Learn more about Risk avoidance

Putting security controls in place to attenuate the possible impact and/or likelihood of a specific risk.

Learn more about Risk mitigation

A documented list of identified risks, their potential impacts, and mitigation plans, used for ongoing risk management.

Learn more about Risk Register

The acceptable variation in outcomes related to risk.

Learn more about Risk tolerance

Paying an external party to accept the financial impact of a given risk.

Learn more about Risk transference

Role-Based Access Control (RBAC) is a security approach that assigns permissions to users based on their organizational roles rather than managing them individually, allowing administrators to regulate system access according to job responsibilities, simplify user management, enforce the principle of least privilege, and reduce administrative overhead through standardized permission templates.

Learn more about Role Based Access Control RBAC

Flipping bits in adjacent memory cells by rapidly “hammering” certain DRAM addresses, enabling unexpected privilege escalation.

Learn more about Rowhammer Attack

A widely used asymmetric cryptographic algorithm.

Learn more about RSA

Rule-based access control is a security model where access decisions are made by applying a predefined set of rules that determine who can access specific resources.

Learn more about Rule based access control RuBAC

A security approach that embeds protections within an application, monitoring and blocking threats in real time as it runs.

Learn more about Runtime Application Self Protection RASP

Analyzing application or system behavior at runtime to detect and respond to malicious activities as they occur.

Learn more about Runtime Threat Analytics

An XML based protocol for SSO.

Learn more about SAML

Weaknesses in SAML setups that let attackers spoof or tamper with user authentication.

Learn more about SAML Vulnerabilities

An isolated test environment that simulates the production environment but will not affect production components/data.

Learn more about Sandbox

Securing Supervisory Control and Data Acquisition systems against threats targeting critical infrastructure and industrial processes.

Learn more about SCADA Security

Secure Access Service Edge (SASE) is a cloud-delivered architecture that converges networking and security functions into a unified service, providing identity-based secure access for users, devices, and applications regardless of location, while eliminating the complexity of managing multiple point solutions and delivering consistent protection across distributed environments.

Learn more about Secure Access Service Edge SASE

A process that uses cryptographic signatures to ensure the firmware or operating system has not been tampered with before loading.

Learn more about Secure Boot

Examining application source code to detect and fix vulnerabilities before deployment.

Learn more about Secure Code Review

Configuring systems following security best practices.

Learn more about Secure configuration

The process of maintaining systems, software, and networks in a known, trusted, and hardened state to prevent misconfiguration-related vulnerabilities.

Learn more about Secure Configuration Management

Safe elimination of data and hardware.

Learn more about Secure disposal

A tamper-resistant hardware component used to store and manage sensitive information, such as cryptographic keys.

Learn more about Secure Element

A dedicated secure subsystem—often in CPUs—that protects operations like encryption or biometric authentication from tampering.

Learn more about Secure Enclave

Computing a result without revealing individual private data to each other, often via advanced cryptographic protocols.

Learn more about Secure Multi party Computation

Protocols for encrypted network communication

Learn more about Secure Sockets Layer SSL Transport Layer Security TLS

A process that integrates security activities—like threat modeling and code reviews—into each stage of software creation and maintenance.

Learn more about Secure Software Development Lifecycle SSDLC

A security solution that filters and monitors outbound web traffic, blocking threats and enforcing organization-wide web policies.

Learn more about Secure Web Gateway SWG

A version of the SAML standard for exchanging authentication and authorization data between security domains.

Learn more about Security Assertion Markup Language SAML

Deliberately introducing controlled failures or security stress tests in production systems to identify weaknesses and build resilience.

Learn more about Security Chaos Engineering

Standards for automated checks on system configurations and vulnerabilities, enabling interoperability and consistency.

Learn more about Security Content Automation Protocol SCAP

Evaluating how effectively security safeguards meet organizational requirements and protect systems.

Learn more about Security Control Assessment SCA

A notional construct outlining the organizations approach to security including a list of specific security processes procedures and solutions used by the organization.

Learn more about Security control framework

Testing defenses to ensure they actually block or detect threats in real attack scenarios.

Learn more about Security Control Validation

Programs designed to inform and train personnel about security risks, policies, and best practices to reduce human error.

Learn more about Security Education Training and Awareness SETA

Sending random or invalid inputs to software to reveal hidden memory or logic flaws before attackers do.

Learn more about Security Fuzzing

The entirety of the policies roles and processes the organization uses to make security decisions in an organization.

Learn more about Security governance

Specialists who handle cybersecurity incidents from detection and containment to eradication and recovery.

Learn more about Security Incident Response Team SIRT

Systems for analyzing security logs

Learn more about Security Information And Event Management SIEM

Improper settings, defaults, or configurations that leave systems and applications susceptible to exploitation.

Learn more about Security Misconfiguration

Centralized security monitoring unit

Learn more about Security Operations Center SOC

A category of tools that coordinate, automate, and accelerate security operations tasks, enabling faster and more consistent incident response.

Learn more about Security Orchestration Automation and Response SOAR

The overall security status of an organization.

Learn more about Security posture

A map that connects each security need with validation steps, bridging policy requirements and technical implementation.

Learn more about Security Requirements Traceability Matrix SRTM

Guidelines that define security requirements.

Learn more about Security standards

Assessing a system’s security measures through tests and reviews to ensure they meet defined requirements and resist attacks.

Learn more about Security Testing and Evaluation STE

Data representation at Layer 4 of the Open Systems Interconnection OSI model.

Learn more about Segment

Letting users hold and control their own digital credentials and identities without relying on central authorities.

Learn more about Self Sovereign Identity

The practice of ensuring that no organizational process can be completed by a single person forces collusion as a means to reduce insider threats.

Learn more about Separation of duties

Risks when objects are converted to data formats and can carry malicious code – often enabling remote code execution.

Learn more about Serialization Deserialization Vulnerabilities

Tricking a server into making unauthorized requests to internal or external resources using user-supplied URLs.

Learn more about Server Side Request Forgery SSRF

Safeguarding function-based computing environments in which the cloud provider manages the infrastructure layer.

Learn more about Serverless Security

A contract defining expected service levels.

Learn more about Service level agreement SLA

An attack where a threat actor takes over a valid user session—often by stealing session cookies—to gain unauthorized access.

Learn more about Session Hijacking

Is designed to manage multimedia connections.

Learn more about Session Initiation Protocol SIP

Splitting cloud security tasks between the provider (infrastructure) and the user (config/data).

Learn more about Shared Responsibility Model

A bug in Bash that let attackers embed commands in environment variables, threatening millions of Unix-based systems.

Learn more about Shellshock Vulnerability

Incorporating security practices earlier in the development lifecycle to find and fix issues sooner.

Learn more about Shift Left Security

Reading info from indirect cues—like power usage or timing—rather than directly cracking encryption or access controls.

Learn more about Side Channel Attacks

Systems that analyze security logs.

Learn more about SIEM

A secure messaging application employing strong end-to-end encryption and privacy safeguards.

Learn more about Signal Messenger

Involves the use of simply one of the three available factors solely to carry out the authentication process being requested.

Learn more about Single factor authentication

Access multiple systems with one login.

Learn more about Single Sign On

Reviewing and testing blockchain code to prevent or detect bugs and logic flaws that can cause major financial losses.

Learn more about Smart Contract Security

ICMP Echo Request sent to the network broadcast address of a spoofed victim causing all nodes to respond to the victim with an Echo Reply.

Learn more about Smurf

Automated workflows that unify detection, investigation, and response steps across tools, speeding up incident resolution.

Learn more about SOAR Playbooks

Adhering to the Service Organization Control 2 standard covering security, availability, processing integrity, confidentiality, and privacy.

Learn more about SOC 2 Compliance

Social engineering is a deceptive technique used by attackers to manipulate individuals into revealing sensitive information or performing actions that compromise security by exploiting human psychology rather than technical vulnerabilities.

Learn more about Social Engineering

The level of confidence that software is free from vulnerabilities either intentionally designed into the software or accidentally inserted at any time during its lifecycle and that it functions in the intended manner.

Learn more about Software assurance

An inventory listing all components, libraries, and modules in a software application to identify vulnerabilities and manage updates.

Learn more about Software Bill of Materials SBOM

Identifying and managing open-source or third-party components in software to detect known vulnerabilities and licensing issues.

Learn more about Software Composition Analysis SCA

Network management using software control

Learn more about Software Defined Networks SDNS

A security model that dynamically creates one-to-one network connections between users and the specific resources they access, hiding infrastructure from unauthorized view.

Learn more about Software Defined Perimeter SDP

Is an extension of the SDN practices to connect to entities spread across the internet to support WAN architecture especially related to cloud migration.

Learn more about Software Defined Wide Area Network SD WAN

Separates network systems into three components raw data how the data is sent and what purpose the data serves. This involves a focus on data control and application management functions or planes.

Learn more about Software-defined networks SDNs

Targeted phishing attack

Learn more about Spear Phishing

Spyware is malicious software that infiltrates devices without user consent to secretly monitor activities, collect sensitive information, and potentially take control of systems, often for financial gain, identity theft, or surveillance purposes.

Learn more about Spyware

SQL injection is a code injection technique that exploits vulnerabilities in database-driven applications by inserting malicious SQL statements into entry fields, tricking the system into executing unintended commands that can allow attackers to bypass authentication, access, modify, or delete data, compromising the database and potentially the entire system.

Learn more about SQL Injection

Specific mandates explicitly stating expectations of performance or conformance.

Learn more about Standards

This criterion requires sufficient test cases for each program statement to be executed at least once however its achievement is insufficient to provide confidence in a software products behavior.

Learn more about Statement coverage

Analysis of the application source code for finding vulnerabilities without executing the application.

Learn more about Static source code analysis SAST

Hiding something within something else or data hidden within other data.

Learn more about Steganography

Standards for structuring and exchanging cyber threat intelligence data, enabling interoperability across platforms.

Learn more about STIX TAXII

When a cryptosystem performs its encryption on a bit-by-bit basis.

Learn more about Stream cipher

RAID technique writing a data set across multiple drives.

Learn more about Striping

The process of exchanging one letter or bit for another.

Learn more about Substitution

An attack aimed at compromising a vendor, partner, or external service to infiltrate a target’s network or systems indirectly.

Learn more about Supply Chain Attack

Operate at Layer 2. A switch establishes a collision domain per port.

Learn more about Switches

Operate with a single cryptographic key that is used for both encryption and decryption of the message.

Learn more about Symmetric algorithm

Involves having external agents run scripted transactions against a web application.

Learn more about Synthetic performance monitoring

An organized assembly of resources and procedures united and regulated by interaction or interdependence to accomplish a set of specific functions.

Learn more about System

A structured project management methodology that divides information system development into phases such as initiation development implementation testing and disposal.

Learn more about System Development Life Cycle SDLC

An interdisciplinary approach to designing and building trustworthy computer systems using engineering principles.

Learn more about Systems Security Engineering

A method of unauthorized access to a facility by following an authorized person through a secure entrance.

Learn more about Tailgating

The deliberate altering of data or a system to cause harm or gain unauthorized access.

Learn more about Tampering

In security assessment terminology the system hardware product software or module being evaluated for security certification.

Learn more about Target of Evaluation TOE

DOS attack using fragmented packets

Learn more about Teardrop Attack

Security safeguards or countermeasures utilizing hardware firmware or software solutions to protect information systems.

Learn more about Technical Controls

Electronic systems used in the transmission or reception of information between two or more locations. Electronic systems may include voice video data or other information transmitted over physical media or wireless technologies.

Learn more about Telecommunications

Remote measurement and reporting of information.

Learn more about Telemetry

The potential for a threat-source to exercise accidentally trigger or intentionally exploit a specific vulnerability.

Learn more about Threat

An individual or group that can manifest a threat.

Learn more about Threat Actor

A continuous process of identifying, prioritizing, and mitigating security weaknesses and threats within an organization.

Learn more about Threat and Vulnerability Management TVM

Proactive security activities to search for and identify sophisticated threats that evade existing detection mechanisms.

Learn more about Threat Hunting

Guidelines for proactively searching for advanced threats, mapping data sources and detection steps to potential adversary behaviors.

Learn more about Threat Hunting Playbooks

Exchanging data on cyber threats among organizations to strengthen collective defenses.

Learn more about Threat Information Sharing

Information that provides relevant and sufficient understanding for mitigating the impact of a potentially harmful event.

Learn more about Threat Intelligence

A system that aggregates, analyzes, and shares threat data from multiple sources to help organizations proactively defend against attacks.

Learn more about Threat Intelligence Platform TIP

Threat modeling is a structured approach to identifying potential security threats, vulnerabilities, and risks in systems or applications, analyzing their potential impact, and developing strategies to mitigate them before implementation, helping organizations prioritize security efforts based on a comprehensive understanding of both the system architecture and the adversary's perspective.

Learn more about Threat Modeling

Exploiting direct memory access over Thunderbolt or PCIe to read system memory contents undetected.

Learn more about Thunderbolt PCIe DMA Attacks

A class of software bugs caused by changes in a system between the checking of a condition and the use of the results of that check.

Learn more about Time of Check Time of Use TOCTOU

A physical device that helps authenticate a user by supplementing or replacing the password.

Learn more about Token

The process of replacing sensitive data with non-sensitive placeholders.

Learn more about Tokenization

Protecting anonymity in Tor by securing relays and thwarting surveillance or malicious node infiltration.

Learn more about Tor Network Security

Tracking the origin and changes of data.

Learn more about Traceability

Reliable data transmission protocol

Learn more about Transmission Control Protocol TCP

Protocol suite for internet communications

Learn more about Transport Control Protocol Internet Protocol TCP IP Model

Rearrangement based encryption technique

Learn more about Transposition

A program that appears to be useful or legitimate but contains hidden code designed to exploit or damage the system on which it runs.

Learn more about Trojan Horse

Core components ensuring system security

Learn more about Trusted Computing Base TCB

An isolated area on a main processor that ensures sensitive code and data remain secure and confidential.

Learn more about Trusted Execution Environment TEE

A specialized chip on a computer systems motherboard that stores encryption keys specific to the host system for hardware authentication.

Learn more about Trusted Platform Module TPM

The process of encapsulating one network protocol within another.

Learn more about Tunneling

A physical security device that permits only one person at a time to pass through a passageway.

Learn more about Turnstile

Dual authentication process

Learn more about Two Factor Authentication 2FA

A symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits.

Learn more about Twofish

When a working condition is reported as an alarm condition false positive.

Learn more about Type I Error

When an alarm condition is reported as a working condition false negative.

Learn more about Type II Error

A DDoS attack by overloading a distant host with UDP packets.

Learn more about UDP Flood

Backup power devices

Learn more about Uninterruptible Power Supplies UPS

A device that allows your computer to keep running for at least a short time when the primary power source is lost.

Learn more about Uninterruptible Power Supply UPS

The operational time of a system.

Learn more about Uptime

Scenarios of system usage

Learn more about Use Cases

An individual who can perceive information or interact with an IT asset.

Learn more about User

Determining if the system being tested is acceptable to a user based on pre-established criteria.

Learn more about User acceptance testing UAT

Tools that monitor and analyze user or device behavior, detecting anomalies that may signal malicious or risky activity.

Learn more about User and Entity Behavior Analytics UEBA

Analysis of user activity for anomalies

Learn more about User Behavior Analytics UBA

Connectionless communication protocol

Learn more about User Datagram Protocol UDP

The process of determining whether the requirements for a system or component are complete and correct whether the system as built complies with these requirements and whether the system is fit for its intended use.

Learn more about Validation

Confirmation by examination and provision of objective evidence that specified requirements regarding a product process or system have been met.

Learn more about Verification

Centralized remote desktop hosting

Learn more about Virtual Desktop Infrastructure VDI

A logical local area network that extends beyond a single traditional LAN to a group of LAN segments given specific configuration.

Learn more about Virtual LAN VLAN

An isolated network segment in the public cloud with custom security controls providing a private environment.

Learn more about Virtual Private Cloud VPC

A protected information system link utilizing tunneling encryption and authentication to achieve confidentiality of content.

Learn more about Virtual Private Network VPN

The simulation of the software and/or hardware upon which other software runs.

Learn more about Virtualization

A self-replicating program segment that attaches itself to an application program or other executable system component and leaves no external signs of its presence.

Learn more about Virus

The use of public switched telephone network to fish for personal and financial details from the public.

Learn more about Vishing

Internet based voice communication

Learn more about Voice Over Internet Protocol VOIP

A flaw or weakness in system security procedures design implementation or internal controls that could be exercised accidentally triggered or intentionally exploited and result in a security breach or a violation of the systems security policy.

Learn more about Vulnerability

A systematic evaluation process of identifying vulnerabilities in cybersecurity systems without exploiting those vulnerabilities.

Learn more about Vulnerability assessment

Identifying and addressing security vulnerabilities.

Learn more about Vulnerability management

Ongoing steps to find, prioritize, fix, and verify vulnerabilities across systems and applications.

Learn more about Vulnerability Management Lifecycle

Vulnerability scanning is a proactive cybersecurity process that uses automated tools to systematically identify, classify, and report potential security weaknesses in networks, systems, applications, and devices before they can be exploited by malicious actors, providing organizations with actionable intelligence for remediation and risk management.

Learn more about Vulnerability Scanning

A firewall that monitors filters or blocks HTTP traffic to and from a web application.

Learn more about WAF Web Application Firewall

The practice of using a computer program to scan telephone numbers and then later dial up a range of phone numbers to search for carriers computers modems and fax machines.

Learn more about War dialing

The act of searching for wireless computer networks from a moving vehicle.

Learn more about Wardriving

A backup site that can be operational within a matter of hours.

Learn more about Warm site

Linear sequential software development process

Learn more about Waterfall Development Methodology

A software-development methodology in which progress flows downward through phases of requirements analysis design implementation integration testing installation and maintenance.

Learn more about Waterfall model

Created to protect intellectual property by adding a visible or invisible mark to help prove authenticity or to track unauthorized copies.

Learn more about Watermarking

A W3C standard for secure, passwordless user authentication on the web using cryptographic key pairs.

Learn more about WebAuthn

Ports in the range from 0 through 1023.

Learn more about Well Known Ports

Whamming is an advanced social engineering attack that uses highly personalized, sophisticated communication strategies to manipulate targets into compromising their security through psychological and technical deception.

Learn more about Whamming

Software testing taking place from an internal viewpoint where the tester has access to internal structures interfaces and algorithms.

Learn more about White box testing

Ethical security tester

Learn more about White Hat Hacker

The reverse of blacklisting where everything is denied by default and only allowed items on the whitelist are permitted.

Learn more about Whitelisting

A type of encryption in which an entire disk partition is encrypted rather than just selected files.

Learn more about Whole disk encryption

Wireless internet access technology

Learn more about Wimax Broadband Wireless Access IEEE 802 16

Microsoft’s recommended settings to harden Windows against common attacks.

Learn more about Windows Security Baseline

Measures to protect wireless networks.

Learn more about Wireless security

A fixed sized group of bytes processed together.

Learn more about Word

Effort needed to break encryption

Learn more about Work Factor

A computer node connected to a network that serves a single user.

Learn more about Workstation

A self-replicating program that operates without altering existing computer files but may exploit the vulnerabilities of systems to conduct activities ranging from using resources to damaging networks.

Learn more about Worm

A type of attack that exploits how some XML processors validate or parse XML input.

Learn more about XML External Entity XXE

A type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users.

Learn more about XSS Cross Site scripting

Blocking XML External Entity exploits that could read files or initiate SSRF by referencing external resources.

Learn more about XXE Prevention

A previously unknown vulnerability being exploited in software applications before the software vendor is aware of it and a patch or fix has been released.

Learn more about Zero day

Exploits of unknown vulnerabilities

Learn more about Zero Day Attacks

An attack that targets a vulnerability not yet known to the software vendor or unpatched, leaving no time for defenders to respond.

Learn more about Zero Day Exploit

Proving you know something secret without revealing the actual secret, enabling strong privacy and verification simultaneously.

Learn more about Zero Knowledge Proofs

A security model that assumes no user device network or system component is inherently trusted whether inside or outside the network perimeter.

Learn more about Zero Trust

A security model that assumes no implicit trust.

Learn more about Zero trust Architecture

A computer that has been taken over by a hacker rootkit or Trojan Horse program.

Learn more about Zombie

The process of replicating DNS information to one or several secondary name servers.

Learn more about Zone Transfer

A method to design a network by fragmenting the Network Topology into multiple segments.

Learn more about Zoning