Security management
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.- cyber threat hunter (cybersecurity threat analyst) - A cyber threat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that may go undetected by automated security tools such as malware detectors and firewalls.
- cybersecurity - Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats.
- cybersecurity asset management (CSAM) - Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its cybersecurity protections.
- cyberwarfare - The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm.
- data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
- data breach - A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an unauthorized fashion.
- data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
- data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
- data protection management (DPM) - Data protection management (DPM) is the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
- data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
- data splitting - Data splitting is when data is divided into two or more subsets.
- dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.
- Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.
- digital footprint - A digital footprint -- sometimes called a digital shadow -- is the body of data that an individual creates through their actions online.
- digital forensics and incident response (DFIR) - Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events.
- digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software.
- Digital Signature Standard (DSS) - The Digital Signature Standard (DSS) is a digital signature algorithm (DSA) developed by the U.
- directory traversal - Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory.
- disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume operations after an unplanned incident.
- disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
- distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
- DMZ in networking - In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.
- document sanitization - Document sanitization is the process of cleaning a document to ensure that only the intended information can be accessed from it.
- Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
- electronic discovery (e-discovery or ediscovery) - Electronic discovery -- also called e-discovery or ediscovery -- refers to any process of obtaining and exchanging evidence in a civil or criminal legal case.
- elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.
- email security - Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting against unauthorized access and email threats.
- email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
- employee onboarding and offboarding - Employee onboarding involves all the steps needed to get a new employee successfully deployed and productive, while offboarding involves separating an employee from a firm.
- encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
- encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
- encryption key - In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text or to decrypt encrypted text.
- encryption key management - Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys.
- end-to-end encryption (E2EE) - End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
- enterprise file sync and share (EFSS) - Enterprise file sync and share (EFSS) is a service that allows users to save files in cloud or on-premises storage and then access them on desktop and mobile devices.
- enterprise mobility management (EMM) - Enterprise mobility management (EMM) is software that allows organizations to securely enable employee use of mobile devices and applications.
- erasure coding (EC) - Erasure coding (EC) is a method of data protection in which data is broken into fragments, expanded and encoded with redundant data pieces, and stored across a set of different locations or storage media.
- ethical hacker - An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.
- event handler - In programming, an event handler is a callback routine that operates asynchronously once an event takes place.
- evil twin attack - An evil twin attack is a rogue Wi-Fi access point (AP) that masquerades as a legitimate one, enabling an attacker to gain access to sensitive information without the end user's knowledge.
- facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features to confirm their identity.
- FACTA (Fair and Accurate Credit Transactions Act) - FACTA (Fair and Accurate Credit Transactions Act) is an amendment to FCRA (Fair Credit Reporting Act ) that was added, primarily, to protect consumers from identity theft.
- Faraday cage - A Faraday cage is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM field).
- federated identity management (FIM) - Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks.
- FFIEC compliance (Federal Financial Institutions Examination Council) - FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC).
- filter (computing) - The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question.
- firewall - A firewall is a network security device that prevents unauthorized access to a network.
- firewall as a service (FWaaS) - Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis capabilities to customers as part of an overall cybersecurity program.
- footprinting - Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
- frequency-hopping spread spectrum (FHSS) - Frequency-hopping spread spectrum (FHSS) transmission is the repeated switching of the carrier frequency during radio transmission to reduce interference and avoid interception.
- full-disk encryption (FDE) - Full-disk encryption (FDE) is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive.
- fuzz testing (fuzzing) - Fuzz testing (fuzzing) is a quality assurance technique used to discover coding errors or bugs and security loopholes in software, operating systems and networks.
- garbage in, garbage out (GIGO) - Garbage in, garbage out, or GIGO, refers to the idea that in any system, the quality of output is determined by the quality of the input.
- going dark - Going dark describes a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel to a private, encrypted channel.
- Google Docs - Google Docs, first released in 2006, is a free web-based word processor in which documents can be created, edited and stored as part of the Google Docs Editors suite of free web applications.
- Google Play Protect - Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.
- hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
- hacktivism - Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.
- hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
- Hash-based Message Authentication Code (HMAC) - Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function.
- hashing - Hashing is the process of transforming any given key or a string of characters into another value.
- health informatics - Health informatics is the practice of acquiring, studying and managing health data and applying medical concepts in conjunction with health information technology systems to help clinicians provide better healthcare.
- homomorphic encryption - Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.
- honey monkey - A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet.
- honeynet - A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.
- honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.
- host intrusion prevention system (HIPS) - A host intrusion prevention system (HIPS) is an approach to security that relies on third-party software tools to identify and prevent malicious activities.
- hybrid cloud security - Hybrid cloud security is the combination of technologies and practices that protect a hybrid cloud user's sensitive data, infrastructure and applications.
- Hypertext Transfer Protocol Secure (HTTPS) - Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website.
- hypervisor security - Hypervisor security is the process of ensuring the hypervisor -- the software that enables virtualization -- is secure throughout its lifecycle.
- identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
- incident - An incident is an occurrence where a service or component fails to provide a feature or service that it was designed to deliver.
- incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
- indicators of compromise (IOC) - Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.
- information security (infosec) - Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information.
- information security management system (ISMS) - An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data.
- Information Technology Amendment Act 2008 (IT Act 2008) - The Information Technology Amendment Act 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act 2000.
- initialization vector - An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks.
- inline frame (iframe) - An inline frame (iframe) is a HTML element that loads another HTML page within the document.
- input validation attack - An input validation attack is any malicious action against a computer system that involves manually entering strange information into a normal user input field.
- insider threat - An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.
- International Data Encryption Algorithm (IDEA) - The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.
- International Information Systems Security Certification Consortium (ISC)2 - (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates.
- Internet Key Exchange (IKE) - Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
- IP spoofing - Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from.
- IPsec (Internet Protocol Security) - IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
- ISA Server - Microsoft's ISA Server (Internet Security and Acceleration Server) was the successor to Microsoft's Proxy Server 2.
- ISO 27001 - ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard created by the International Organization for Standardization (ISO), which provides a framework and guidelines for establishing, implementing and managing an information security management system (ISMS).
- ISO 27002 (International Organization for Standardization 27002) - The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.
- ITIL V3 - ITIL V3 is the third version of the Information Technology Infrastructure Library (ITIL), a globally recognized collection of best practices for managing IT and for implementing IT service management (ITSM) practices.
- Java Authentication and Authorization Service (JAAS) - The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code, and ensure that the entity has the privilege or permission to execute the functions requested.
- Kerberos - Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.
- key fob - A key fob is a small, programmable device that provides access to a physical object.
- key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
- keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.
- kill switch - A kill switch in an IT context is a mechanism used to shut down or disable a device or program.
- kiosk mode (Windows assigned access) - Kiosk mode is a feature in Windows operating system (OS) that allows a device to run only specified applications and settings.
- law of unintended consequences - The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.
- LDAP injection - LDAP (Lightweight Directory Access Protocol) injection is a type of security exploit that is used to compromise the authentication process used by some websites.
- LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.