A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Software that protects a computer or network from malicious software, such as viruses, spyware, and malware.
The process of verifying the identity of a user, device, or system by verifying the credentials provided.
The process of granting or denying specific requests to access resources in a computer system.
Advanced Persistent Threat (APT)
A type of cyber attack in which an attacker gains unauthorized access to a network and remains undetected for an extended period of time, typically with the intent of stealing sensitive data.
The practice of protecting computer systems and applications from unauthorized access, use, disclosure, disruption, modification, or destruction.
Software that displays advertisements on a computer or mobile device, often without the user's knowledge or consent.
Address Resolution Protocol (ARP)
A protocol used to map an IP address to a physical address on a local network.
Artificial intelligence (AI) security
The branch of cybersecurity that deals with the protection of AI systems and their underlying data from unauthorized access, use, or modification.
Association of Computing Machinery (ACM)
A professional organization for computer scientists and engineers, devoted to advancing the arts, sciences, and applications of information technology.
Advanced Encryption Standard (AES)
A widely used symmetric encryption algorithm that provides strong protection against unauthorized access to sensitive data.
A secret, unauthorized access point in a computer system or software that allows the attacker to bypass normal authentication or encryption.
A network of computers controlled by a malicious actor, used for coordinated attacks such as DDoS attacks, spamming, and spreading malware.
Brute Force Attack
An attack that involves guessing passwords or encryption keys by trying every possible combination until the correct one is found.
A security vulnerability that occurs when a program tries to store more data in a buffer (a temporary storage area) than it can handle, leading to a crash or the execution of malicious code.
A type of computer file that is executed as machine code, typically used to store executable programs or system components.
A term used to describe a malicious hacker or criminal who uses their technical skills for illegal purposes.
A short-range wireless communication protocol used for connecting devices such as smartphones, laptops, and wearable devices.
The use of unique physical or behavioral characteristics, such as fingerprints or facial recognition, to authenticate an individual's identity.
The unauthorized access or theft of sensitive information, typically from a company or government agency.
A duplicate copy of data or software, kept in a separate location to ensure that important information can be recovered in case of a failure or data loss.
A cipher is an algorithm used to encrypt and decrypt data.
Cookies are small text files stored on a user's computer by a website to save information about the user's preferences or activity.
A certificate authority is a trusted entity that issues digital certificates for use in public key infrastructure.
Cryptography is the practice of securing information through encryption and decryption.
Cracking is the process of breaking through security measures in order to access a system or information.
Cybercrime is criminal activity committed using the internet or other forms of technology.
Cyber espionage refers to the act of using technology to steal sensitive information from another entity.
Command and Control Server
A command and control server is a server used by an attacker to remotely control infected computers.
Cybersecurity Awareness Training
Cybersecurity awareness training is a program designed to educate employees on safe online practices and to raise their awareness of potential threats.
A cyber attack is an attack carried out using the internet or other forms of technology to gain unauthorized access to a system or to disrupt its normal functioning.
Denial of Service (DoS)
Denial of Service (DoS) attacks are a type of cyber attack in which a website or network is flooded with a high amount of traffic, causing it to shut down and become unavailable to users.
Data encryption is the process of converting plain text data into encrypted or unreadable text, using mathematical algorithms, to protect it from unauthorized access.
The Dark Web is a portion of the Internet that can only be accessed using specialized software, such as Tor, and is often used for illegal activities, including cybercrime and the sale of illegal goods and services.
A data breach is the unauthorized access of sensitive information, such as personal and financial data, from a company's databases.
Distributed Denial of Service (DDoS)
A Distributed Denial of Service (DDoS) attack is a type of cyber attack in which multiple computers are used to flood a network or website, causing it to shut down and become unavailable to users.
A Drive-by Download is a type of cyber attack in which malware is automatically downloaded to a user's computer when they visit a compromised website.
A Dictionary Attack is a type of cyber attack in which an attacker uses a list of commonly used passwords and usernames to try and gain access to an account.
Deep Packet Inspection (DPI)
Deep Packet Inspection (DPI) is a type of network security technology that examines the contents of data packets to detect and prevent cyber attacks.
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) is a type of technology used to prevent sensitive data from being lost or stolen, by monitoring data transfers and preventing unauthorized access to sensitive information.
A Digital Signature is an electronic security measure used to confirm the authenticity of digital data, such as emails and documents.
Encryption is the process of converting plain text into unreadable ciphertext to protect the sensitive information from unauthorized access.
Endpoint refers to a device or network node that communicates with other endpoints in a network.
Exploit is a code or technique that takes advantage of a vulnerability in software to gain unauthorized access to a system or network.
Ethical Hacker is a professional who uses hacking skills for testing and improving the security of a system.
Email Spoofing is the act of sending an email that appears to come from a different sender than the actual sender.
Encoder is a tool that converts data into a different format.
Encapsulation is the process of wrapping data into a protective layer to maintain its integrity and confidentiality.
Encryption Key is a secret code used to encrypt and decrypt messages.
End-to-End Encryption is a secure method of transmitting data from one endpoint to another, where only the sender and recipient can access the data.
A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
FTP (File Transfer Protocol)
FTP is a standard network protocol used for transferring files from one computer to another over the Internet.
File encryption is the process of converting plain text files into encrypted text to prevent unauthorized access or data breaches.
Forensics is the application of scientific and technical methods to the collection, preservation, and analysis of digital evidence.
Fuzzing is a software testing technique that involves providing unexpected or random input to a computer program to identify security vulnerabilities.
A false positive is a security alert that is generated by a security system even though there is no actual security threat.
Federated identity is a type of identity management system that allows multiple parties to access and manage the same user's information, with the user's consent.
Full Disk Encryption
Full Disk Encryption is the process of encrypting the entire hard drive of a computer to protect the data from unauthorized access.
Granular Access Control
Granular Access Control is the process of limiting user access to specific resources and data within an information system.
GPG Encryption is a widely used encryption tool that uses public and private key cryptography for secure communication and file sharing.
Geofencing is a technology that creates a virtual boundary around a geographic location and triggers specific actions when a device crosses the boundary.
Geolocation is the process of determining the physical location of a device or user through the analysis of data from GPS, Wi-Fi, or other location-based services.
Graphical User Interface (GUI)
Graphical User Interface (GUI) is a visual interface that allows users to interact with software, applications, and systems through visual images and icons.
Green Computing refers to the design, development, and use of computer resources in an energy-efficient and environmentally responsible manner.
Ghostware refers to malicious software that operates covertly in the background of a computer or network, undetectable to the user.
Greyhat Hacker is a term used to describe a hacker who engages in illegal activities, but does not cause direct harm to individuals or organizations.
Hash is a mathematical function that converts data into a fixed-length digital signature, used for data verification and authentication.
Hacker is an individual who uses technical skills to gain unauthorized access to computer systems or networks.
Host-based Intrusion Detection System (HIDS)
HID is a software application that monitors and detects security threats on a single computer or server.
Hypervisor is a virtualization technology that creates and manages virtual machines (VMs) on a physical host computer.
Handshake is the initial process of establishing a secure communication between two systems.
Honeypot is a decoy system that is designed to attract and detect cyber attackers by simulating vulnerabilities.
Human Firewall refers to the implementation of security awareness training for employees to prevent social engineering attacks.
HTTP is the protocol used for transmitting data over the internet, specifically for web pages.
High Availability refers to the ability of a system or network to remain operational and available during unexpected outages or failures.
Incident response is a plan of action for an organization to handle security incidents, such as cyber attacks, data breaches, or system failures.
Intrusion detection system
An intrusion detection system (IDS) is a tool used to monitor and detect unauthorized access to a network or system.
Intrusion prevention system
An intrusion prevention system (IPS) is a tool used to prevent unauthorized access to a network or system by actively blocking suspicious activities.
Information security is the practice of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Identity and access management
Identity and access management (IAM) is the practice of controlling access to information systems based on the identity of users, devices, or systems.
Information technology (IT) is the use of computers, software, and other technology to store, process, and transmit data and information.
Incident management is the process of managing security incidents, such as cyber attacks, data breaches, or system failures, from detection to resolution.
Internet of Things
The Internet of Things (IoT) refers to the interconnected network of physical devices, vehicles, home appliances, and other items that are embedded with electronics, software, and connectivity.
Identity theft is the unauthorized use of another person's personal information, such as their name, Social Security number, or credit card information, for fraudulent purposes.
Infected software is a program that has been compromised by malware, such as viruses, Trojans, or spyware, which can be used to steal sensitive information or cause harm to the system or network.
Jailbreaking is the process of removing the limitations imposed by the manufacturer on a device, such as a smartphone or tablet, allowing the user to install unauthorized apps and customizations.
Java is a high-level programming language used to develop software applications and mobile apps.
JWT (JSON Web Token) is a compact, URL-safe means of representing claims to be transferred between two parties.
Junk mail, also known as spam, is unwanted email that is often sent in large quantities and contains unsolicited ads, phishing scams, or malware.
Juniper is a network security company that provides network security solutions, such as firewalls, VPNs, and intrusion detection systems.
Jurisdiction refers to the geographic area in which a particular court or legal authority has the power to make decisions and enforce laws.
A jump box, also known as a jump server, is a secure, intermediary system used to access and manage other systems on a network.
Kerberos is an authentication protocol that uses tickets to verify a user's identity and grant access to network resources.
A keylogger is a type of malware that records every keystroke made on a computer, capturing sensitive information such as passwords and credit card numbers.
The kernel is the central component of an operating system that controls all other processes and allocates resources.
Key exchange is the process of securely exchanging encryption keys between two parties to establish secure communication.
A kill switch is a mechanism built into malware that allows the attacker to remotely deactivate or erase the malware.
Key management refers to the processes and techniques used to securely store, manage, and control access to encryption keys.
The knock-on effect refers to the indirect consequences that occur as a result of a security breach or cyberattack.
Kernel exploitation is the process of exploiting vulnerabilities in the kernel of an operating system to gain unauthorized access or control over the system.
Key escrow is a system in which encryption keys are stored by a third party, usually a government agency, in case they are needed for law enforcement purposes.
Logs are records of events that occur within a computer system or network, often used for monitoring, troubleshooting, and analysis.
Local area network (LAN)
A LAN is a computer network that connects devices within a limited geographic area, such as a single building or campus.
Linux is a free and open-source operating system that is widely used for servers, desktops, and embedded systems.
Local Privilege Escalation (LPE)
LPE is a type of security vulnerability that allows an attacker to gain elevated privileges on a local computer or network.
Least privilege is a security principle that dictates that users and programs should have the minimum level of access necessary to perform their functions.
A load balancer is a device or software that distributes incoming network traffic across multiple servers in order to optimize resource utilization and improve reliability.
Layered security is a defense-in-depth strategy that employs multiple security measures at different levels of a network to increase overall security.
A LAN switch is a network device that connects devices together within a local area network (LAN) and facilitates communication between them.
Malware is malicious software that is designed to harm or exploit a computer system, network, or device.
A man-in-the-middle attack is a type of cyber attack in which an attacker intercepts communications between two parties in order to gain access to sensitive information.
Mitigation refers to the process of reducing the potential damage from a cyber attack by implementing security measures, such as firewalls or anti-virus software.
Multi-factor authentication is a security process that requires multiple forms of authentication, such as a password and a fingerprint or a password and a security token, to access a system or device.
A malicious insider is a person who has authorized access to a system or network but uses that access for unauthorized purposes.
Machine learning is a type of artificial intelligence that uses algorithms and statistical models to automatically improve performance on a specific task.
Mobile device security
Mobile device security refers to the measures taken to protect mobile devices, such as smartphones or tablets, from cyber threats.
Micro-segmentation is a network security strategy that involves dividing a network into smaller, isolated segments in order to limit the potential damage from a cyber attack.
A memory leak is a type of software bug that causes a program to continue to use memory resources even after they are no longer needed.
Network Security refers to the protection of a computer network and its resources from unauthorized access, abuse, or damage.
Nmap is a free and open-source network mapping and security tool used by network administrators to discover hosts and services on a computer network.
NAT (Network Address Translation) is a method used by routers to translate private IP addresses to public IP addresses.
Nessus is a vulnerability scanner used by security professionals to identify and assess the vulnerabilities of computer systems and networks.
NTFS (New Technology File System) is the file system used by Microsoft Windows operating systems for storing and retrieving files on a hard disk.
NID (Network Intrusion Detection) is a system that monitors network traffic for signs of intrusions and alerts administrators of any suspicious activity.
NAC (Network Access Control) is a security measure that restricts access to a computer network based on certain predefined policies and conditions.
NoSQL is a type of database management system that does not use the traditional relational database model and is designed to handle large amounts of data.
Nymaim is a type of malware that is used for various cyber attacks such as downloading other malware, stealing personal information, and spreading to other computers on the same network.
Obfuscation is the act of making code or data difficult to understand and analyze.
Offensive security refers to the practice of proactively attacking and testing an organization's network and systems to identify vulnerabilities and weaknesses.
Open source security
Open source security refers to the practice of securing systems and software that are based on open-source components.
Operating system security
Operating system security refers to the protection and defense mechanisms in place for a computer's operating system.
Organization security policy
An organization security policy is a set of guidelines and rules that dictate the security standards and protocols for an organization's employees, systems, and data.
Out of band authentication
Out of band authentication is a security process where a user provides authentication through a secondary channel, separate from the primary channel being used.
An overflow attack is a type of cyber attack where an attacker attempts to overflow a buffer or a register in order to execute malicious code.
Ownership chain refers to the chain of ownership of a particular resource or asset, used to determine access and permissions for that resource.
Operational security refers to the procedures and measures in place to ensure the secure and proper functioning of an organization's systems and processes.
An online threat is any potential danger or harm that can be inflicted through the use of the internet or online technologies.
Phishing is a type of cyber attack in which a malicious actor attempts to trick a victim into revealing personal information, such as passwords or credit card numbers.
A password is a secret string of characters used to authenticate a user and gain access to a system or website.
A patch is a software update designed to fix security vulnerabilities and improve the functionality of a program.
Penetration testing is a simulated cyber attack performed by security experts to identify security weaknesses in a system or network.
Perimeter defense is a line of defense designed to protect an organization's network and systems from external threats.
PKI (Public Key Infrastructure)
PKI is a system that uses public and private key encryption to secure electronic communications, such as online transactions or email.
A protocol is a set of rules and standards that govern the communication between computers on a network.
A proxy server is an intermediary server that acts as a gatekeeper between a user and the internet, providing security and privacy for internet users.
A public cloud is a cloud computing infrastructure that is owned and operated by a third-party service provider, allowing users to access and use shared resources over the internet.
PII (Personally Identifiable Information)
PII is any information that can be used to identify an individual, such as their name, address, social security number, or credit card information.
Quantum Computing is a type of computing that uses quantum mechanics to store and process data, offering faster and more efficient computation compared to traditional computing methods.
Quantum Key Distribution
Quantum Key Distribution is a method of secure communication that uses the principles of quantum mechanics to securely distribute cryptographic keys.
Quantum Cryptography is a field of cryptography that leverages the principles of quantum mechanics to secure communications.
Quantum Safe is a term used to describe technologies and algorithms that are designed to be secure against quantum computing attacks.
Quantum Resistance is a term used to describe technologies and algorithms that are designed to be resistant to quantum computing attacks.
Quantum Key Agreement
Quantum Key Agreement is a method of secure communication that uses the principles of quantum mechanics to securely agree on cryptographic keys.
Quantum Secure is a term used to describe technologies and algorithms that are designed to be secure against quantum computing attacks.
Quantum Key Generation
Quantum Key Generation is a method of generating cryptographic keys using the principles of quantum mechanics.
Ransomware is a type of malware that encrypts a user's data and demands payment for the decryption key.
A rootkit is a type of malicious software that hides its presence on a computer and allows an attacker to gain administrative control over the system.
Risk management is the process of identifying and assessing potential threats to an organization's cybersecurity and implementing measures to mitigate those risks.
Remote access refers to the ability to access a computer or network from a remote location, typically through the internet.
The registry is a database in Windows that contains information about the configuration and settings of the operating system and installed applications.
Reconnaissance is the first stage of a cyber attack where an attacker collects information about a target's systems and vulnerabilities.
Routers are networking devices that forward data packets between computer networks.
Reverse engineering is the process of examining a product or system in order to understand its design and functionality.
A red team is a group of cybersecurity experts who perform simulated attacks on an organization's systems to test their security measures.
Resilience refers to an organization's ability to quickly recover from a cybersecurity attack or disruption and maintain normal operations.
Spoofing refers to the act of impersonating another person or entity through the use of false information or identity.
Social engineering is a tactic used by attackers to manipulate individuals into divulging sensitive information or performing an action that benefits the attacker.
Spyware is a type of malicious software that tracks a user's activity and collects sensitive information without their knowledge or consent.
Symmetric encryption is a type of encryption that uses the same key for both encryption and decryption.
A sandbox is a secure environment used to test and evaluate software and applications, isolated from the rest of a user's system.
Spam refers to unwanted or unsolicited email messages, typically containing advertisements or scams.
Scanning refers to the act of analyzing a network or system to identify vulnerabilities or weaknesses.
Single Sign-On (SSO)
Single Sign-On (SSO) is a system that allows a user to log in to multiple applications or services using a single set of credentials.
Session hijacking is an attack that involves intercepting an active communication session between two parties, allowing the attacker to gain control of the session.
A security token is a physical device used for authentication and authorization, typically in combination with a password.
A token is a small hardware device used for authentication purposes.
Threat intelligence is the collection, analysis, and dissemination of information about potential or active cyber threats.
Two-factor authentication is an added layer of security that requires a user to provide two forms of authentication, such as a password and a fingerprint or a password and a one-time code.
TLS (Transport Layer Security)
TLS is a protocol used to secure communication over the internet by encrypting data as it is transmitted between two devices.
Traffic analysis is the process of analyzing network traffic to identify patterns or anomalies in order to detect potential threats or security breaches.
A tarpit is a security tool that slows down or blocks malicious traffic in order to make it more difficult for attackers to compromise a system.
A trojan horse is a type of malware that appears to be legitimate software, but actually contains hidden code that is used to compromise a system.
Tunneling is a method of transmitting data in a secure manner by encapsulating it in another protocol or encryption layer.
A threat actor is an individual or group that carries out cyberattacks or other malicious activities.
Tailgating is a security threat where an unauthorized person follows an authorized person into a secure area without proper authorization.
Unpatched software refers to outdated software that has not been updated with the latest security patches to protect against known vulnerabilities.
Unauthorized access refers to accessing a computer or network without proper authorization or permission.
An unsecured network is a network that does not have proper security measures in place, making it vulnerable to cyber attacks.
A username is a unique identifier used by an individual to log into a system or website.
A URL (Uniform Resource Locator) is the address of a website or online resource.
Unique Identification Number
A unique identification number is a number or identifier assigned to an individual or device to identify them in a database or system.
Unencrypted data refers to data that is not protected by encryption, making it vulnerable to interception and unauthorized access.
A UDP Flood is a type of denial-of-service attack that floods a target system with large numbers of UDP packets.
An untrusted source is an individual or entity that is not trusted by the recipient due to a lack of knowledge or evidence of their trustworthiness.
A USB drive is a portable data storage device that uses a USB connection to transfer data between computers.
A virus is a malicious software program designed to harm or destroy a computer system, network or individual files.
Virtual Private Network (VPN)
A VPN is a secure, encrypted connection between two networks or devices that allows users to access a private network as if they were on the same local network.
A vulnerability is a weakness in a system or software that can be exploited by attackers to gain unauthorized access or cause harm.
A vault is a secure, encrypted location used to store sensitive information such as passwords, credit card numbers, and other confidential data.
A virus scanner is a software program that searches for and removes malicious software from a computer or network.
A virus signature is a unique code or pattern that is used to identify a specific virus.
A virtual machine is a software-based simulation of a computer system that allows multiple operating systems to run on a single physical machine.
Vishing is a form of phishing that uses voice messages to trick victims into revealing sensitive information such as passwords or credit card numbers.
Voice over IP (VoIP)
VoIP is a technology that allows voice communication to be transmitted over the internet, eliminating the need for traditional telephone systems.
Volumetric DDoS Attack
A volumetric DDoS attack is a type of attack that floods a network or server with a large amount of traffic, causing it to become unavailable to users.
Web application firewall (WAF)
A WAF is a network security system designed to protect web applications from malicious attacks and unauthorized access.
A white hat is a term used to describe ethical hackers who use their hacking skills for good, such as testing a company's security measures.
Wi-Fi security refers to the measures used to protect Wi-Fi networks from unauthorized access or hacking.
A worm is a type of malware that replicates itself and spreads to other computers without any human intervention.
Web scraping is the process of automatically extracting data from websites for various purposes, such as research or analysis.
Whaling is a type of phishing attack that targets high-level executives, such as CEOs, in order to steal sensitive information or financial gain.
Watering hole attack
A watering hole attack is a type of cyber attack that targets a specific group of users by compromising a website they frequently visit.
War driving is the act of searching for Wi-Fi access points while in a moving vehicle, usually with the intention of finding open or unsecured networks.
WPA3 is a version of Wi-Fi Protected Access, a security protocol used to secure Wi-Fi networks.
XSS (Cross-Site Scripting)
XSS is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
XOR (Exclusive Or)
XOR is a logical operator used in cryptography and computer programming to compare two binary values and return a result based on their differences.
X.509 is a standard for digital certificate authentication used in cryptography to secure digital communications and data transfer.
XDR (Extended Detection and Response)
XDR is a cybersecurity term referring to a new generation of security tools that can detect and respond to security incidents across multiple domains and platforms.
X-Force is a team of security experts and researchers at IBM that provides security services and solutions to customers.
XDP (eXpress Data Path)
XDP is a high-performance networking framework used in cybersecurity to process and filter network traffic in real-time.
XML (Extensible Markup Language)
XML is a markup language used to describe and store data in a format that is both human-readable and machine-readable.
X-Frame-Options is an HTTP header used in cybersecurity to prevent a web page from being embedded into another website, known as a clickjacking attack.
X-Content-Type-Options is an HTTP header used in cybersecurity to prevent browsers from interpreting files as a different MIME type.
YAML is a data serialization format that is used to represent structured data in a human-readable format.
Zombies are computers that have been infected with malware, allowing cyber criminals to control and use the computer for malicious purposes, such as sending spam, distributing malware or participating in a DDoS attack.
A zero-day exploit is a vulnerability in software that is not known to the vendor and is exploited by cyber criminals to compromise the security of the software.
A Zener card is a tool used in penetration testing to detect and exploit vulnerabilities in a system's security.
A zipper attack is a type of cyber attack that targets the firmware of connected devices and implants malicious code into the device.
Zero trust is a cybersecurity approach that assumes that all users, devices, and systems are untrusted and must be verified before being granted access to sensitive data.
Zoning is a method of creating security boundaries within a network by separating different functions or departments into different security zones.
ZigBee is a wireless communication standard used for low-power, short-range wireless connections, commonly used in IoT devices.
Z-Wave is a wireless communication standard used for low-power, short-range wireless connections, commonly used in home automation systems.
Zend is a PHP-based open-source web application framework that is widely used for creating dynamic websites and web applications.
ZetaCrypt is a ransomware variant that encrypts the victim's files and demands a ransom payment for the decryption key.