Cybersecurity Glossary

Anti-virus is software that stops known malware. It is critical to stop viruses before they become active.

An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network without detection.

Authentication is the process of verifying the identity of a user, device, or entity before granting access to a system, application, or network.

BYOD policies allow users to access company systems and data from their personal devices.

A backdoor is a hidden method of bypassing security to gain access to a restricted part of a computer system.

A black-hat hacker is someone who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft.

A botnet is a network of compromised computers or devices (referred to as "bots") that are controlled remotely by a cybercriminal.

A brute force attack is an activity that involves repetitive, successive attempts to break into any website using various password combinations.

CASB is a service that ensures access to cloud apps and monitors unsanctioned activities.

CSP is a framework that protects against code injection attacks and other malicious content on trusted web pages.

A DDoS attack is when a perpetrator seeks to make a machine or network resource unavailable to its intended users by disrupting the services of a host connected to a network.

DLP is an application that monitors and restricts the sharing of sensitive information to prevent data breaches.

A data breach is when a hacker successfully breaks into a system, gains control of its network, and exposes its data.

Deepfake refers to any video in which faces have been either swapped or digitally altered, with the help of AI.

EDR is an application or service that continuously monitors device health and responds to cyber threats on distributed devices.

Encryption is the method by which information is converted into secret code that hides the information's true meaning.

An exploit is a means of attack on a computer system, either a series of commands, malicious software, or a piece of infected data.

FWaaS provides firewall capabilities as a cloud service to monitor and block malicious traffic.

FedRAMP is a federal mandate that provides a standardized approach to security assessment and authorization for cloud products and services.

A firewall monitors network traffic and decides whether to allow or block it based on a defined set of security rules.

Threats that use sophisticated techniques to evade multiple detection layers.

HTML Smuggling uses legitimate browser features to sneak malicious content past traditional security measures.

A honeypot is a decoy system or network that serves to attract potential attackers.

LURE is a type of cyberattack that exploits previously safe websites that have been compromised.

MFA is a technique that uses multiple methods to verify the identity of someone trying to access the network.

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or unknowingly interfere with the user's computer security and privacy.

A MITB attack is a proxy trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions

A MITM attack is an attack on the “middleman” - the Wi-Fi system that connects users to the Internet.

Pentesting is an approach to security evaluation where manual exploitations and automated techniques are used by attack and security professionals.

Phishing attacks trick victims into revealing sensitive information by pretending to be trustworthy entities.

Qakbot is a type of banking malware that steals banking credentials and financial data.

RBI is an application that runs dynamic content in a remote browser in the cloud to protect the user's device.

Ransomware is a type of malware that locks access to files and is followed by a ransom demand to release them.

SASE is a service that delivers security and network services through the cloud for secure, continuous access.

SD-WAN is a service that optimizes traffic routes between locations across any network architecture.

A SIEM is an application that correlates reporting data for threat investigation and root cause analysis.

SOC teams investigate potential breaches using forensic and threat intelligence tools.

A Secure Web Gateway (SWG) protects users from web-based threats by blocking malicious content before it reaches the device.

A data lake is a centralized repository that stores, processes, and secures large amounts of data in its original form.

Social engineering is a type of cyberattack that relies on user manipulation and human psychology.

Spoofing attacks are where the attacker disguises as a trustworthy entity to steal money, data, or network access.

Spyware is a type of software that collects user data without consent and sends it to third parties.

A Trojan Horse is malware disguised as harmless software used to gain access to a system.

UEBA uses machine learning to detect anomalies in the behavior of users and devices connected to a corporate network.

A VPN allows remote users to connect securely to the corporate network as if they were in the office.

WAAPaaS is a service that protects against malicious activities originating from web applications by monitoring web traffic.

WAF is a service that filters, monitors, and blocks HTTP traffic to and from a web service to prevent attacks like DDoS.

A white-hat hacker is invited to test out computer systems and servers to find vulnerabilities.

A worm is a type of malware that can reproduce itself for the purpose of spreading itself to other computers in the network.

ZTNA grants access only to necessary applications for a specific role, operating under the Zero Trust approach.

Zero Trust is an approach that eliminates implicit trust, continuously validating every transaction.