Knowledge Library

Cyber Terms & Definitions

Protecting computers, servers, mobile devices, electronic systems, networks, and data from digital attacks, damage, and unauthorized access.

Secure Communication Channels

Encrypted pathways for transmitting information that prevents third parties from intercepting and reading the data.

Indicators of Compromise (IOCs)

IOCs are vital forensic clues, highlighting potential intrusions within a host system or network. They empower Information Security (InfoSec) experts and system administrators with the means to detect attempts at intrusion or other malicious deeds. Security researchers leverage IOCs to deepen their understanding of specific malware, more precisely analyzing its techniques and behaviors. Additionally, IOCs offer actionable intelligence regarding threats. This intelligence can be disseminated throughout the community, enhancing an organization’s strategies for incident response and remediation, thereby strengthening overall security.

Public Key Infrastructure (PKI)

A system for creating, storing, and distributing digital certificates that verify that a particular public key belongs to a specific entity.

Virtual Private Network (VPN)

A technology that creates a safe and encrypted connection over a less secure network like the internet.

Voice over Internet Protocol (VoIP)

technology that allows users to make voice calls using a broadband internet connection instead of a regular phone line.

Data Loss Prevention (DLP)

Strategies and solutions that prevent sensitive data loss, misuse, or unauthorized access.

Endpoint Protection Platform (EPP)

Security software that protects a network’s endpoints, such as laptops and mobile devices, from cyber threats.

Endpoint Detection and Response (EDR)

A cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats.

Mobile Device Management (MDM)

A type of security software used to monitor, manage, and secure employees’ mobile devices that are deployed across multiple mobile service providers and operating systems.

Zero Trust Security

A security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify everything trying to connect to its systems.

Patch Management

The process of managing a network of computers by regularly applying software updates and patches to keep systems up-to-date and secure.

Internet of Things (IoT)

The network of physical objects (“things”) embedded with sensors, software, and other technologies to connect and exchange data with other devices and systems over the internet.

Digital Forensics

The uncovering and interpreting of electronic data for an investigation.

Incident Response

The process by which an organization handles a data breach or cyber-attack, including how it attempts to manage the consequences of the attack or breach (the “incident”).

GDPR

The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

HIPAA

The Health Insurance Portability and Accountability Act is a United States legislation that provides data privacy and security provisions for safeguarding medical information.

PCI DSS

The Payment Card Industry, Data Security Standard, is a proprietary information security standard administered by the PCI Security Standards Council, founded by American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc.

Firewall

A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.

A method of trying to gather personal information using deceptive emails and websites.

A type of malicious software designed to block access to a computer system until money is paid.

Intrusion Detection System (IDS)

A system that monitors networks or systems for malicious activity or policy violations.

Intrusion Prevention System (IPS)

A network security and threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.

Encryption

The process of converting data to an unrecognizable or encrypted form, primarily to protect sensitive information.

Two-Factor Authentication (2FA)

A security process where users provide two different authentication factors to verify themselves.

Biometric Authentication

A security process that relies on the unique biological characteristics of an individual to verify that he is who he says he is.

Botnet

A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge.

DDoS Attack

A distributed denial-of-service attack where multiple compromised computer systems attack a target and cause a denial of service for users of the targeted system.

Malware

Software specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

Secure Sockets Layer (SSL)

A standard security protocol for establishing encrypted links between a web server and a browser in online communication.

Identity and Access Management (IAM)

Frameworks for business processes that facilitate the management of electronic or digital identities.

Threat Hunting

An advanced and proactive cybersecurity technique that involves identifying threats to an organization that remain undetected in network security systems.

Social Engineering

Manipulative tactics that trick users into making security mistakes or giving away sensitive information.

Zero-Day Vulnerability

A software security flaw known to the software vendor but doesn’t have a patch in place to fix the flaw. It’s called a “zero-day” because it’s not known to the public, so there’s been zero days to fix it.

Brute Force Attack

A cyber attack method that involves trying many possible answers until the correct one is found, commonly used against encrypted data and passwords.

Cloud Security

A broad set of policies, technologies, and controls deployed to protect data, applications, and the infrastructure in cloud computing environments.

Cryptocurrency

A digital or virtual currency that uses cryptography for security, making it extremely difficult to counterfeit.

Darknet

A private network where connections are made only between trusted peers using non-standard protocols and ports, often used for illegal activities.

Deepfake

Artificial intelligence-based technology used to produce or alter content so it presents something that didn’t occur.

Hashing

The process of converting an input of any length into a fixed-size text string, using a mathematical function.

Honeypot

A computer security mechanism set to detect, deflect, or counteract attempts at unauthorized use of information systems.

Keylogger

Surveillance technology monitors and records each keystroke typed on a specific computer’s keyboard.

Multi-Factor Authentication (MFA)

An authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.

Spear Phishing

An email or electronic communications scam targeted towards a specific individual, organization or business to steal data for malicious purposes.

Spoofing

A fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.

Trojan Horse

A type of malicious software that misleads users of its true intent, often disguised as legitimate software.

VPN Tunnel

A virtual point-to-point connection that allows data to travel securely across a network, such as the Internet.

Whitelisting

The practice of specifying an index of approved software applications that are permitted to be present and active on a computer system.

Black Hat Hacker

A hacker who violates computer security for personal gain or malicious purposes.

White Hat Hacker

A computer security specialist who breaks into protected systems and networks to test and asses their security, performing these evaluations with the owner’s consent.

Gray Hat Hacker

A hacker who is in between ethical (white hat) and black hat hackers. They surf the internet and hack into a computer system to notify the administrator that their system has a security defect.