✨ Shield now has support for Avalonia UI

Cybersecurity Glossary

In the digital environment around us, understanding cybersecurity terminology and concepts is crucial to protecting your data and systems from threats. Our comprehensive glossary is designed to equip you with the knowledge you need.

Adware

Software that automatically displays or downloads unwanted advertising material when a user is online, potentially posing a security risk.

Anomaly Detection

The practice of identifying unusual patterns or behaviors in network traffic or system activities that may indicate a security threat.

Anti-Malware

Software designed to detect, protect against, and remove malicious software such as viruses, worms, and trojans.

APT (Advanced Persistent Threat):

A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period to steal data continuously.

Asset

Any data, device, or other component valuable to an organization that must be protected, including hardware, software, and information.

Attack

A deliberate attempt to compromise the security of a network, system, or data, often to gain unauthorized access or cause harm.

Attack Surface

The total number of points or ways an unauthorized user can try to enter or extract data from an environment.

Audit Trail

A record that shows who has accessed a computer system and what operations the user has performed during a given period.

Authentication

The process of verifying the legitimacy of a user's or system's identity, typically through passwords, tokens, or biometric data.

Authorization

The process that determines the access levels and permissions granted to a user or system, ensuring they can perform only permitted actions.

Backup

A copy of data stored separately from the original to protect against data loss, corruption, or disasters, allowing data recovery when needed.

Bandwidth

The maximum rate of data transfer across a given path. Bandwidth describes the data transfer capacity of a network or internet connection.

Biometrics

The use of unique physical characteristics, such as fingerprints, retina patterns, or facial recognition, for identifying and authenticating individuals.

Blacklist

A list of entities (such as IP addresses, email addresses, or applications) that are denied access to a system or network based on security policies.

Botnet

A network of private computers infected with malicious software and controlled as a group without the owners' knowledge, often used to launch distributed denial-of-service (DDoS) attacks.

Breach

An incident in which data, networks, or systems are accessed or compromised without authorization, leading to the potential exposure of sensitive information.

Brute Force Attack

A trial-and-error method used by attackers to guess passwords or encryption keys by trying all possible combinations until the correct one is found.

Bug Bounty

A program that rewards individuals for discovering and reporting software vulnerabilities or security issues to the software owner or developer.

Business Continuity Plan (BCP)

A comprehensive strategy that outlines procedures and instructions to follow before, during, and after a disaster to ensure that critical business functions continue.

BYOD (Bring Your Own Device)

A policy allowing employees to bring personal devices, such as smartphones or laptops, to their workplace to access the company’s systems and data, raising specific security challenges.

Certificate Authority (CA)

An organization or entity responsible for issuing and managing digital certificates, which are used to verify the authenticity of entities and encrypt communications in public key infrastructure (PKI).

Ciphertext

Data that has been encrypted and is unreadable to anyone without the proper decryption key. It is the opposite of plaintext, which is unencrypted information.

Cloud Security

Measures and protocols designed to protect data, applications, and services hosted in cloud environments from threats and breaches.

Command and Control (C&C)

Infrastructure and protocols used by attackers to communicate with compromised devices within a botnet or malware infestation, often to exfiltrate data or remotely control the infected systems.

Confidentiality

Ensuring that information is accessible only to those authorized to have access, maintaining the privacy and security of sensitive data.

Critical Infrastructure

Vital systems and assets, both physical and virtual, that are essential for the functioning of a society and economy, such as power grids, water supply, and transportation systems, which require protection from cyber threats.

Cross-Site Scripting (XSS)

A type of security vulnerability found in web applications, where attackers inject malicious scripts into otherwise benign and trusted websites, thereby affecting users who visit those websites.

Cryptography

The practice and study of techniques for securing communication and data through the use of codes and ciphers to ensure privacy, integrity, and authenticity.

Cybersecurity

The practice of protecting systems, networks, and data from digital attacks, theft, damage, or unauthorized access through various technologies, processes, and practices.

Cyber Threat Intelligence (CTI)

Information collected and analyzed about potential or current attacks that threaten an organization’s security to help in preventing or mitigating these threats.

Data Breach

An incident where confidential, sensitive, or protected information is accessed, disclosed, or stolen by an unauthorized individual.

Data Encryption

The process of converting plaintext data into ciphertext to prevent unauthorized parties from accessing the information.

Data Loss Prevention (DLP)

A set of strategies and tools designed to prevent sensitive information from being lost, misused, or accessed by unauthorized users.

Denial of Service (DoS)

An attack that aims to make a computer or network resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests.

Digital Certificate

An electronic document used to prove the ownership of a public key, issued by a Certificate Authority (CA) and used for secure communications.

Disaster Recovery Plan (DRP)

A documented process or set of procedures designed to recover and protect a business IT infrastructure in the event of a disaster.

Distributed Denial of Service (DDoS)

A type of cyber attack where multiple compromised systems, often infected with malware, collectively target a single system to cause a denial of service.

Domain Name System (DNS)

A hierarchical system that translates human-readable domain names (like www.example.com) into IP addresses understood by computers.

Drive-by Download

Unintentional download of malicious software to a user's computer or device when they visit a compromised website.

Dynamic Analysis

The examination of programs by executing them in a controlled environment to observe their behavior and identify potential security vulnerabilities.

Eavesdropping

The unauthorized interception of private communications, such as phone calls or data transmissions, to gather information.

Encryption

The process of using algorithms to encode data into an unreadable format to protect it from unauthorized access.

Endpoint Security

Measures and tools used to protect network endpoints, such as computers, mobile devices, and servers, from cyber threats.

End-to-End Encryption (E2EE)

A method of data transmission where information is encrypted on the sender's side and only decrypted by the recipient, preventing intermediaries from accessing the data.

Ethical Hacking

The practice of legally penetrating systems and networks to identify vulnerabilities and weaknesses, in order to improve security defenses.

Event Log

A record of events, errors, and other significant occurrences generated by software or hardware, used for troubleshooting and security monitoring.

Exfiltration

The unauthorized transfer of data from a computer or network, often performed by cyber criminals to steal sensitive information.

Exploit

A piece of software, data, or sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior in software, hardware, or something electronic.

Exploit Kit

A toolkit used by cyber criminals to exploit vulnerabilities within software applications, often used to spread malware.

Exposure

The state of being subjected to a potential risk or harm due to vulnerabilities in a system's security posture.

False Positive

An error in which a security system incorrectly identifies a benign activity or entity as a potential threat or malicious activity.

Fileless Malware

A type of malicious software that operates without leaving behind traditional file traces, making it harder to detect using conventional antivirus tools.

Firewall

A network security device or software designed to monitor and control incoming and outgoing network traffic based on predetermined security rules.

Firewall Rules

Configured parameters in a firewall that define which types of network traffic are allowed or blocked, based on criteria such as IP addresses, protocol types, and ports.

Firmware

Specialized software programmed into the read-only memory of a hardware device, providing low-level control for the device's operation.

Flood Attack

A type of denial-of-service attack in which the attacker overwhelms the target system with excessive amounts of data or requests, causing it to become unresponsive.

Forensics

The application of scientific methods and techniques to investigate and establish facts in relation to crimes, including data recovery and analyzing digital evidence in cybersecurity contexts.

Framework

A comprehensive set of guidelines, best practices, and standards used to manage cybersecurity risks, such as the NIST Cybersecurity Framework.

Full Disk Encryption (FDE)

Security technology that encrypts all data on a disk drive, ensuring that the data is protected from unauthorized access.

Fuzz Testing (Fuzzing)

A software testing technique that involves providing invalid, unexpected, or random data inputs to a computer program to identify vulnerabilities and bugs.

Gateway

A network device that acts as a point of entry and exit for network traffic, often serving as a security checkpoint to filter and manage incoming and outgoing traffic.

General Data Protection Regulation (GDPR)

European Union regulation that sets guidelines for the collection and processing of personal data of individuals within the EU, enforcing strict data protection measures.

Geolocation

The identification of the geographical location of an individual, device, or network address, often used in various security applications for identifying potential threats.

GNU Privacy Guard (GPG)

An encryption software that uses the OpenPGP standard to encrypt and decrypt texts, e-mails, and files, ensuring secure communications and data protection.

Grayware

Software that is not classified as malicious but can still present risks or be a nuisance, such as adware or spyware.

GRC (Governance, Risk Management, and Compliance)

A type of denial-of-service attack in which the An integrated approach to managing an organization's overall governance, risk, and compliance with regulations to ensure effective security and operations.

Grooming

The process by which malicious actors build a relationship with a target for the purpose of exploiting them, often seen in social engineering and online predatory tactics.

Group Policy

A feature in Windows operating systems that provides centralized management and configuration of operating systems, applications, and users' settings.

Guard Band

A frequency range within a communication channel allocated to prevent interference between adjacent channels, commonly used in wireless communications and networking.

Guise

A deceptive means by which attackers present themselves as legitimate entities to trick users into divulging sensitive information.

Hacker

An individual who uses technical skills to gain unauthorized access to systems or networks, often to steal data or cause disruptions.

Hash Collision

An event where two different inputs produce the same hash value, potentially compromising the security of hash functions used in digital signatures and data integrity checks.

Hash Function

An algorithm that converts an input (or 'message') into a fixed-length string of characters, typically a hash code, which is used for ensuring data integrity.

Heuristic Analysis

A method of detecting malware based on behavior, rather than signatures, by analyzing patterns and characteristics that may indicate malicious activity.

Honeypot

A security mechanism set up to lure and trap attackers by emulating vulnerable systems, allowing analysts to study attack methods and gather intelligence.

Host-Based Intrusion Detection System (HIDS)

Software installed on individual hosts or devices that monitors and analyzes system behavior for signs of potential intrusions or malicious activity.

HTTP Secure (HTTPS)

An extension of HTTP that uses encryption protocols such as SSL/TLS to secure communications between a user's browser and the web server.

Human Firewall

The role that employees play in an organization's cybersecurity defense, by being aware and proactive in recognizing and responding to security threats.

Hybrid Cloud

A computing environment that integrates private and public cloud services, allowing data and applications to be shared and moved between them securely.

Hypervisor

Software that allows multiple virtual machines to run on a single physical host by abstracting the underlying hardware resources, facilitating virtualization.

Identity and Access Management (IAM)

A framework of policies and technologies for ensuring that the right individuals have appropriate access to technology resources.

Incident Response

A structured approach to handling and managing the aftermath of a security breach or cyberattack, with the objective of minimizing damage and recovering as quickly as possible.

Information Security (InfoSec)

The practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction of information.

Input Validation

The process of ensuring that a program operates on clean, correct, and useful data by validating input received from users or other sources.

Insider Threat

A security risk that originates from within the organization, often involving employees, former employees, contractors, or business associates who have inside information.

Integrity

The assurance that data is accurate, consistent, and protected from unauthorized modifications, thus maintaining its trustworthiness and reliability.

Intrusion Detection System (IDS)

A security system that monitors network or system activities for malicious actions or policy violations and reports them to the management system.

Intrusion Prevention System (IPS)

A network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.

IP Spoofing

A technique used by attackers to send messages from a false IP address to deceive the recipient about the source of the message.

ISO/IEC 27001

An information security management standard for creating, implementing, maintaining, and improving an organization’s information security management system (ISMS).

Jailbreaking

The process of removing software restrictions imposed by the manufacturer on Apple devices running the iOS operating system, allowing the installation of unauthorized software.

Jamming Attack

A type of Denial-of-Service (DoS) attack in which the attacker disrupts or jams wireless communications by sending out interference signals.

JavaScript Malware

Malicious code written in JavaScript that can be embedded within web pages to exploit vulnerabilities and compromise systems when users visit the page.

Jitter

The variability in packet arrival times in a network, which can be exploited to degrade the quality of real-time communications and services, such as VoIP.

Job Rotation

A security policy that involves rotating employees through different roles to reduce risk of fraud, improve detection of malicious activities, and promote cross-training.

JSON Web Token (JWT)

A compact and self-contained way to securely transmit information between parties as a JSON object, commonly used for authentication and information exchange in web applications.

JTAG (Joint Test Action Group)

A standard for testing and debugging integrated circuits and embedded systems, often used in security analysis to identify vulnerabilities.

Juice Jacking

A type of cyberattack in which a compromised USB charging station is used to infect devices with malware or steal data when they are plugged in for charging.

Jump Box/Jump Server

A secure server used as an intermediary for accessing and managing devices in a different security zone, designed to provide an additional layer of security.

Just-In-Time (JIT) Access

A security approach that grants users temporary access to systems or data only when it is needed to perform a specific task, reducing potential attack vectors.

Kerberos

A network authentication protocol designed to provide secure authentication for user identity over non-secure network environments using secret-key cryptography.

Kernel

The core component of an operating system, managing system resources and communication between hardware and software, often a target for attacks due to its critical role.

Key Distribution Center (KDC)

A component of the Kerberos authentication protocol that issues ticket-granting tickets (TGT) and service tickets to users and services, facilitating secure authentication within a network.

Keylogger

A type of surveillance software or hardware device that records every keystroke made on a computer’s keyboard, often used to steal sensitive information like passwords and credit card numbers.

Key Management

The processes and techniques used for generating, distributing, and storing cryptographic keys, ensuring their secure use in encryption and decryption.

Keystroke Dynamics

A biometric authentication method that recognizes and measures the unique patterns of typing behavior for verification of a user's identity.

Kill Chain

A model used to describe the stages of a cyberattack, from initial reconnaissance to the final objective, helping in the development of defensive strategies.

Kismet

An open-source wireless network detector, sniffer, and intrusion detection system that is commonly used for network monitoring and security assessments.

Knowledge Base

A centralized repository of information and data that can include security policies, procedures, and threat intelligence used to support decision-making and problem-solving in cybersecurity.

KPI (Key Performance Indicator)

Metrics used to evaluate the effectiveness and success of an organization's security measures and processes in achieving its cybersecurity goals.

LAN (Local Area Network)

A network that connects computers and devices within a limited area, such as a home, school, or office building, allowing them to communicate and share resources.

LDAP (Lightweight Directory Access Protocol)

A protocol used for accessing and managing directory information services over an IP network, commonly used for user authentication and storage of user details.

Least Privilege

A security principle that restricts users to the minimum level of access—or privileges—needed to perform their job functions, reducing the risk of unauthorized access.

Life Cycle

The stages through which a system or product progresses, from initial design and development to deployment, operation, maintenance, and eventual retirement, emphasizing the importance of security at each stage.

Load Balancer

A device or software that distributes network or application traffic across multiple servers to ensure no single server becomes overwhelmed, improving performance and reliability.

Log Analysis

The process of reviewing and interpreting log data to identify unusual actions and detect security incidents or operational issues within an IT environment.

Logic Bomb

Malicious code that is embedded into a legitimate program and triggers a harmful action when certain conditions are met, such as a specific date or event.

Log Management

The process of collecting, storing, analyzing, and archiving log data generated by network devices, applications, and security solutions to monitor and respond to security incidents.

Low-Hanging Fruit

Vulnerabilities or weaknesses in a system that are easy for attackers to exploit due to lack of sufficient protective measures, often targeted first in cyberattacks.

Lua

A powerful, efficient, lightweight, and embeddable scripting language often used for configuration, scripting, and automation in cybersecurity tools and applications.

Macro Virus

A type of virus written in a macro programming language, often embedded within documents or spreadsheets, and activated when the document is opened.

Malvertising

The use of online advertising to distribute malware, where malicious code is hidden within ads to infect users when viewed or clicked.

Man-in-the-Middle (MitM) Attack

A cyberattack where the attacker secretly intercepts and potentially alters the communication between two parties who believe they are directly communicating with each other.

Malware

Software designed to damage, disrupt, or gain unauthorized access to computer systems, including viruses, worms, trojans, and ransomware.

Metrics

Quantitative measures used to assess and track the effectiveness, performance, and progress of security controls and practices within an organization.

Mitigation

Efforts and strategies implemented to reduce or eliminate the risk of cyber threats, minimizing their impact on systems and data.

Mobile Device Management (MDM)

Software solutions that allow organizations to manage and secure their employees' mobile devices, ensuring compliance with security policies.

Monitoring

The continuous observation and analysis of network traffic and system activities to detect and respond to security threats in real-time.

Multi-Factor Authentication (MFA)

A security mechanism that requires multiple forms of evidence or factors (such as passwords, tokens, or biometrics) to verify a user's identity.

Mutual Authentication

A security process where both parties in a communication session verify each other's identity to establish trust before exchanging information.

Need-to-Know Basis

A security principle where access to sensitive information is restricted to individuals who must know it to perform their job duties.

Network Access Control (NAC)

Security measures and protocols that control access to network resources by enforcing policies, ensuring that only authorized devices and users can connect.

Network Intrusion Detection System (NIDS)

A system that monitors network traffic for suspicious activity and potential threats, generating alerts for further investigation.

Network Segmentation

The practice of dividing a network into smaller, isolated segments to improve security and reduce the impact of a potential breach.

Network Security

Measures and practices designed to protect the integrity, confidentiality, and availability of computer networks and data from cyber threats.

Network Traffic Analysis

The process of intercepting, collecting, and examining network traffic to identify patterns, anomalies, and security threats.

Next-Generation Firewall (NGFW)

An advanced firewall that provides integrated network security features, such as intrusion prevention, deep packet inspection, and application awareness.

NIST (National Institute of Standards and Technology)

A U.S. federal agency that develops and promotes cybersecurity standards, guidelines, and best practices for improving information security.

Nonce

A random or pseudo-random value that is used only once in cryptographic communication to prevent replay attacks.

Non-Repudiation

Ensuring that a party in a digital communication cannot deny the authenticity of their signature on a document or the sending of a message, providing proof of origin.

OAuth

An open standard for authorization that allows third-party services to exchange user information, granting limited access to resources without sharing credentials.

Obfuscation

Techniques used to make code, messages, or data difficult to understand or reverse-engineer, often employed to protect sensitive information in software.

Onboarding

The process of integrating and configuring new devices, users, or applications into an organization's network, ensuring compliance with security policies.

One-Time Password (OTP)

A password that is valid for only one login session or transaction, providing an additional layer of security over static passwords.

Online Certificate Status Protocol (OCSP)

A protocol used to verify the validity of a digital certificate in real-time, allowing systems to check for revoked certificates.

Open Source Intelligence (OSINT)

The practice of collecting and analyzing publicly available information from various sources to support cybersecurity efforts and threat intelligence.

Operational Security (OpSec)

A process that identifies critical information and implements controls to protect against the collection and exploitation of this information by adversaries.

OSI Model (Open Systems Interconnection Model)

Paraphrased Definition**: A conceptual framework used to understand and implement network protocols in seven layers, each layer serving specific functions for data communication.

Out-of-Band (OOB) Authentication

An additional authentication method that uses a separate communication channel to verify a user's identity, enhancing security by reducing reliance on a single channel.

Packet Sniffing

The use of software or hardware to capture and analyze data packets traveling over a network, often used for monitoring and troubleshooting but also for malicious activities.

Password Policy

A set of rules and guidelines established by an organization to create and manage secure passwords, ensuring they are strong and regularly updated to reduce the likelihood of unauthorized access.

Patch Management

The process of identifying, acquiring, testing, and deploying software updates or patches to address security vulnerabilities and improve system performance.

Penetration Testing (Pen Testing)

A simulated cyberattack conducted by security professionals to identify and exploit vulnerabilities in systems, applications, or networks.

Phishing

A social engineering technique where attackers deceive individuals into providing sensitive information, such as passwords or credit card numbers, by pretending to be a trustworthy entity.

Polymorphic Malware

Malicious software that changes its code or appearance with each infection to avoid detection by signature-based antivirus software.

Privacy Impact Assessment (PIA)

An analysis conducted to assess the impact of a new or existing project, system, or process on the privacy of individuals, identifying potential risks and mitigation strategies.

Public Key Infrastructure (PKI)

A framework of policies, procedures, and technologies that manage digital certificates and public-key encryption to secure communications.

QR Code Phishing (QRishing)

A type of phishing attack that uses QR codes to redirect victims to malicious websites, where they are tricked into providing sensitive information.

Quantum Cryptography

An advanced form of encryption that leverages the principles of quantum mechanics to create theoretically unbreakable codes, providing a high level of data security.

Quarantine

The process of isolating files or software suspected to be malicious to prevent them from causing harm to the system or spreading infections.

Ransomware

Malicious software that encrypts the victim's data and demands payment for the decryption key, effectively holding the data hostage until the ransom is paid.

Recovery Time Objective (RTO)

The maximum acceptable amount of time that an organization can tolerate for the recovery of systems and data after a disruption or disaster.

Red Team

A group of security professionals who simulate cyberattacks to test the effectiveness of an organization's security measures and identify potential vulnerabilities.

Remote Access Trojan (RAT)

A type of malware that allows an attacker to gain unauthorized remote control over an infected computer, often used for espionage or data theft.

Replay Attack

A type of cyberattack where previously intercepted data transmissions are maliciously repeated or delayed, often to gain unauthorized access.

Repudiation

The act of denying participation in or responsibility for a digital communication or transaction, often countered by methods that ensure non-repudiation.

Residual Risk

The amount of risk that remains after security measures and controls have been implemented to mitigate potential threats.

Risk Assessment

The process of identifying, analyzing, and evaluating risks to an organization's information assets, helping to develop strategies for mitigating those risks.

Role-Based Access Control (RBAC)

A method of regulating access to a system or network based on the roles of individual users, ensuring that only authorized personnel can access specific resources.

Rootkit

A collection of malicious software tools that enable an attacker to gain and maintain privileged access to a computer while hiding their activities from detection.

Sandboxing

A security mechanism that isolates programs or code execution in a controlled environment to prevent them from affecting the system or network.

Secure Socket Layer (SSL)

A cryptographic protocol that provides secure communications over a computer network, often used for securing web transactions and data transfers.

Security Information and Event Management (SIEM)

A comprehensive solution that combines real-time monitoring, correlation of events, and logging of security data to detect, analyze, and respond to security incidents.

Security Token

A physical or digital device used to authenticate a user’s identity and grant access to a system or network, enhancing security by providing a second layer of verification.

Service-Level Agreement (SLA)

A formal contract between a service provider and a client that defines the performance and quality metrics the provider must meet, including security commitments.

Session Hijacking

A cyberattack where an attacker takes control of a user's session by stealing or recreating the session ID, gaining unauthorized access to the user's information.

Social Engineering

The manipulation of individuals into divulging confidential information or performing actions that compromise security, often through deception or psychological tactics.

SQL Injection (SQLi)

A code injection technique where attackers insert malicious SQL statements into an input field to manipulate a database and gain unauthorized access to data.

Spyware

Malicious software that secretly monitors and collects information about a user's activities without their knowledge, often used for identity theft or corporate espionage.

Symmetric Encryption

An encryption method where the same key is used for both encrypting and decrypting the data, requiring secure key management for both sender and receiver.

Traffic Analysis

The process of intercepting and examining messages to deduce information from patterns in communication, often used for both network management and cyber espionage.

Transport Layer Security (TLS)

A cryptographic protocol designed to provide secure communication over a computer network, succeeding SSL with enhanced security features.

Threat Actor

An individual, group, or entity that conducts malicious activities targeting an organization's assets, ranging from cybercriminals to nation-state attackers.

Threat Intelligence

Information about potential or current threats gathered from various sources, used to help organizations protect against, detect, and respond to cyberattacks.

Threat Model

A structured representation of potential threats to a system, used to understand an organization's security posture and identify areas for improvement.

Tokenization

A cyberattack where an attacker takes control of a user's session by stealing or recreating the session ID, gaining unauthorized access to the user's information.

Trojan Horse

Malicious software that disguises itself as legitimate software, tricking users into installing it and thereby giving attackers access to the system.

Trusted Platform Module (TPM)

A specialized chip on a device that provides hardware-based security functions, such as secure key storage and authentication.

Two-Factor Authentication (2FA)

An authentication method that requires two different types of evidence, such as a password and a physical token, to verify a user's identity.

Typosquatting

A type of cyberattack where attackers create malicious websites with URLs similar to legitimate ones, exploiting typographical errors made by users.

Unauthorized Access

The act of gaining access to a network, system, or data without permission, often through cyberattacks or exploiting vulnerabilities.

Unified Threat Management (UTM)

A comprehensive approach to security management that combines multiple security functions, such as firewall, VPN, antivirus, and intrusion detection, into a single device.

Uninterruptible Power Supply (UPS)

A device that provides emergency power to electronic systems in the event of a power outage, helping to prevent data loss and system damage.

Update Management

The process of managing the deployment of software updates or patches to ensure systems are up-to-date and protected against known vulnerabilities.

URL Filtering

A security measure that blocks or allows access to specific websites based on URL analysis, helping to prevent access to malicious or inappropriate content.

Usability

The ease with which users can effectively and efficiently interact with security systems and software, balancing security with user convenience.

USB Security

Measures and protocols implemented to protect against threats associated with USB devices, such as malware transmission and unauthorized data transfer.

User and Entity Behavior Analytics (UEBA)

Technology that uses machine learning and algorithms to detect unusual behavior by users or entities within a network, identifying potential security threats.

User Authentication

The process of verifying the identity of a user by requiring credentials such as passwords, tokens, or biometrics before granting access.

User Rights

Permissions granted to users that determine what actions they can perform within a system or network, often managed through access control policies.

Valuation

The process of determining the value or worth of an asset, often used in the context of information assets to assess their importance and the impact of potential threats.

Vendor Risk Management (VRM)

The process of identifying, assessing, and mitigating risks associated with third-party vendors that have access to an organization's information systems or data.

Verified Boot

A security feature that ensures a device boots using only software that is trusted by the device manufacturer, protecting against malicious code execution during startup.

Virtual Private Network (VPN)

A technology that creates a secure and encrypted connection over a less secure network, such as the internet, ensuring privacy and protection of data transmissions.

Virtual Firewall

A software-based firewall that protects virtual environments by controlling traffic between virtual machines and the external network.

Virtualization

A technology that allows multiple operating systems and applications to run on a single physical machine by creating virtual versions of resources.

Virus

A type of malicious software that can replicate itself and spread to other computers, often causing harm by corrupting or destroying data.

Voice Phishing (Vishing)

A type of phishing attack conducted through voice communication, where attackers impersonate legitimate entities to steal sensitive information from victims.

Vulnerability

A weakness or flaw in a system, application, or network that can be exploited by attackers to gain unauthorized access or cause damage.

Vulnerability Assessment

A systematic evaluation process to identify, quantify, and prioritize vulnerabilities in a system, application, or network.

Watering Hole Attack

A targeted cyberattack where attackers infect websites frequently visited by their intended victims, with the goal of compromising users who access those sites.

Waterfall Model

A linear and sequential software development methodology emphasizing clear phases and milestones, often used in contexts requiring strict documentation and control.

Wearable Technology

Electronic devices worn on the body that can collect, store, and transmit data, posing new security challenges and risks, especially in integrating with other systems.

Web Application Firewall (WAF)

A security solution that monitors, filters, and blocks HTTP/HTTPS requests to and from a web application to protect against attacks like SQL injection and cross-site scripting.

Whaling

A type of phishing attack that targets high-profile executives or important individuals within an organization to steal sensitive information or gain access to privileged systems.

Whitelist

A list of approved entities, such as IP addresses or applications, that are granted access to a system, network, or service, blocking everything not on the list.

Wi-Fi

Technology that allows devices to connect to a network wirelessly using radio waves, often secured with encryption protocols to protect data.

Wi-Fi Protected Access (WPA/WPA2)

A security protocol designed to secure wireless networks by providing strong encryption and authentication, improving upon the older WEP standard.

Wireless Intrusion Detection System (WIDS)

A system that monitors wireless network traffic for suspicious activity and unauthorized devices, helping to detect and respond to wireless network threats.

Worm

A type of malware that self-replicates and spreads without the need for a host file, often exploiting network vulnerabilities to infect multiple systems.

X.509 Certificate

A standard format for public key certificates used in various internet protocols, providing a framework for digital signatures and public key infrastructure (PKI).

Xen Virtualization

An open-source hypervisor that allows multiple operating systems to run on a single physical machine simultaneously, supporting server virtualization and cloud computing.

XML Encryption

The process of encrypting XML data to protect its confidentiality, ensuring that only authorized parties can access the information.

XOR Encryption

A simple encryption technique that uses the XOR (exclusive OR) logical operation to mix plaintext with a key, often used for basic obfuscation.

XSS (Cross-Site Scripting)

A security vulnerability found in web applications where attackers inject malicious scripts into web pages viewed by others, leading to potential data theft or user impersonation.

YARA Rules

A set of rules used to identify and classify malware samples by their patterns and characteristics, aiding in threat detection and malware analysis.

Year 2000 (Y2K) Bug

A computer bug related to the formatting and storage of calendar data, which caused widespread concern that systems would fail at the turn of the millennium.

Yellow Team

Security professionals who focus on developing and deploying security tools and automation to assist both offensive (Red Team) and defensive (Blue Team) operations.

Yield

In the context of cybersecurity, it often refers to the effectiveness or success rate of a particular security control or measure in mitigating threats.

YubiKey

A hardware authentication device used for two-factor and multi-factor authentication, providing an extra layer of security through physical possession.

Zero-Day Exploit

A cyberattack that targets a newly discovered vulnerability before the software vendor has released a patch to fix it, often highly effective due to the lack of defenses.

Zeroization

The process of securely erasing data from storage devices or memory to prevent unauthorized recovery, often used in cryptographic contexts to clear sensitive keys.

Zero Trust

A security model based on the principle of always verifying and never trusting, assuming that threats can come from both outside and inside the network, and enforcing strict access controls.

Zombie

A computer that has been compromised by malware and is being controlled remotely by an attacker, often part of a botnet used for malicious activities such as DDoS attacks.

Zone-Based Firewall

A type of firewall configuration that segments the network into different zones, each with its own set of security policies, to control traffic and enhance security.