Security management
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.- meet-in-the-middle attack - Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.
- Melissa virus - Melissa was a type of email virus that initially become an issue in early 1999.
- message authentication code (MAC) - A message authentication code (MAC) is a cryptographic checksum applied to a message in network communication to guarantee its integrity and authenticity.
- MICR (magnetic ink character recognition) - MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or originality of checks and other paper documents.
- Microsoft Network Device Enrollment Service (NDES) - Microsoft Network Device Enrollment Service (NDES) is a security feature in Windows Server 2008 R2 and later Windows Server operating versions.
- Microsoft Online Services Sign-In Assistant - The Microsoft Online Services Sign-In Assistant is a software application that provides common sign-on capabilities for a suite of Microsoft online services, such as Office 365.
- mobile application management (MAM) - Mobile application management (MAM) is software that secures and enables IT control over enterprise applications on end users' corporate and personal smartphones and tablets.
- mobile malware - Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
- multifactor authentication - Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.
- multisig (multisignature) - Multisig, also called multisignature, is the requirement for a transaction to have two or more signatures before it can be executed.
- mutual authentication - Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.
- national identity card - A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity.
- natural disaster recovery - Natural disaster recovery is the process of recovering data and resuming business operations following a natural disaster.
- near-field communication (NFC) - Near-field communication (NFC) is a short-range wireless connectivity technology that uses magnetic field induction to enable communication between devices when they're touched together or brought within a few centimeters of each other.
- Nessus - Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources.
- network intrusion protection system (NIPS) - A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity.
- NIST (National Institute of Standards and Technology) - NIST (National Institute of Standards and Technology) is a nonregulatory government agency located in Gaithersburg, Md.
- NIST Cybersecurity Framework - The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk.
- non-disclosure agreement (NDA) - A non-disclosure agreement (NDA), also known as a confidentiality agreement (CA), is a signed legally binding contract in which one party agrees to give a second party confidential information about its business or products and the second party agrees not to share this information with anyone else for a specified period of time.
- nonrepudiation - Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.
- OAuth (Open Authorization) - OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet.
- OCR (optical character recognition) - OCR (optical character recognition) is the use of technology to distinguish printed or handwritten text characters inside digital images of physical documents, such as a scanned paper document.
- OCSP (Online Certificate Status Protocol) - OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources.
- one-time pad - In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.
- one-time password - A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single transaction or login one-time password session.
- OODA loop - The OODA loop -- Observe, Orient, Decide, Act -- is a four-step approach to decision-making that focuses on filtering available information, putting it in context and quickly making the most appropriate decision, while also understanding that changes can be made as more data becomes available.
- Open Source Hardening Project - The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code.
- Open System Authentication (OSA) - Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
- Open Web Application Security Project (OWASP) - The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications.
- OpenID (OpenID Connect) - OpenID Connect is an open specification for authentication and single sign-on (SSO).
- OpenSSL - OpenSSL is an open source cryptographic toolkit that facilitates secure communications between endpoints on a network.
- out-of-band patch - An out-of-band patch is a patch released at some time other than the normal release time.
- PA-DSS (Payment Application Data Security Standard) - Payment Application Data Security Standard (PA-DSS) is a set of requirements intended to help software vendors develop secure payment applications for credit card transactions.
- parameter tampering - Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization.
- passkey - A passkey is an alternative method of user authentication that eliminates the need for usernames and passwords.
- passphrase - A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember and difficult to crack.
- password - A password is a string of characters used to verify the identity of a user during the authentication process.
- password cracking - Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
- password salting - Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them.
- PCI DSS merchant levels - Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.
- Peltzman Effect - The Peltzman Effect is the net-zero effect on overall safety between the presence of safety precautions and people’s tendency to be less cautious in their presence.
- pen testing (penetration testing) - A penetration test, also called a pen test or ethical hacking, is a cybersecurity technique that organizations use to identify, test and highlight vulnerabilities in their security posture.
- Pen Testing as a Service (PTaaS) - Pen testing as a service (PTaaS) is a cloud service that provides information technology (IT) professionals with the resources they need to conduct and act upon point-in-time and continuous penetration tests.
- performance testing - Performance testing is a testing measure that evaluates the speed, responsiveness and stability of a computer, network, software program or device under a workload.
- personal health record (PHR) - A personal health record (PHR) is an electronic summary of health information that a patient maintains control of themselves, as opposed to their healthcare provider.
- personal identity verification (PIV) card - A personal identity verification (PIV) card is a United States Federal smart card that contains the necessary data for the cardholder to be granted to Federal facilities and information systems and assure appropriate levels of security for all applicable Federal applications.
- pharming - Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent.
- phishing - Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.
- physical security - Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.
- ping sweep (ICMP sweep) - A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).
- plaintext - In cryptography, plaintext is usually ordinary readable text before it is encrypted into ciphertext or after it is decrypted.
- polymorphic virus - A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to detect with antimalware programs.
- post-quantum cryptography - Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.
- Pretty Good Privacy (PGP) - Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.
- principle of least privilege (POLP) - The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.
- privacy compliance - Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation.
- private CA (private PKI) - A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.
- private certificate authority (CA) - Private CA stands for private certificate authority and is an enterprise specific certificate authority that functions like a publicly trusted CA but is exclusively run by or for the enterprise.
- private key - A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt data.
- privileged identity management (PIM) - Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.
- promiscuous mode - In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique.
- proof of concept (PoC) exploit - A proof of concept (PoC) exploit is a nonharmful attack against a computer or network.
- proxy hacking - Proxy hacking is a cyber attack technique designed to supplant an authentic webpage in a search engine's index and search results pages to drive traffic to an imitation site.
- Public-Key Cryptography Standards (PKCS) - Public-Key Cryptography Standards (PKCS) are a set of standard protocols, numbered from 1 to 15.
- quantum cryptography - Quantum cryptography is a method of encryption that uses the naturally occurring properties of quantum mechanics to secure and transmit data.
- quantum key distribution (QKD) - Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.
- RADIUS (Remote Authentication Dial-In User Service) - RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
- rainbow table - A rainbow table is a password hacking tool that uses a precomputed table of reversed password hashes to crack passwords in a database.
- RAT (remote access Trojan) - A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer.
- raw device mapping - Raw device mapping (RDM) enables disk access in a virtual machine (VM) in the VMware server virtualization environment and allows a storage logical unit number (LUN) to be connected directly to a VM from the storage area network (SAN).
- real-time location system (RTLS) - A real-time location system (RTLS) is one of a number of technologies used to pinpoint the current geographic position and location of a target.
- red teaming - Red teaming is the practice of rigorously challenging plans, policies, systems and assumptions by adopting an adversarial approach.
- remote desktop - A remote desktop is a program or an operating system feature that allows a user to connect to a computer in another location, see that computer's desktop and interact with it as if it were local.
- remote wipe - Remote wipe is a security feature that allows a network administrator or device owner to send a command that remotely deletes data from a computing device.
- Report on Compliance (ROC) - A Report on Compliance (ROC) is a form that must be completed by all Level 1 Visa merchants undergoing a PCI DSS (Payment Card Industry Data Security Standard) audit.
- return merchandise authorization (RMA) - An RMA (return merchandise authorization) is a numbered authorization provided by a mail-order or e-commerce merchant to permit the return of a product.
- Rijndael - Rijndael (pronounced rain-dahl) is an Advanced Encryption Standard (AES) algorithm.
- risk analysis - Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.
- risk assessment framework (RAF) - A risk assessment framework (RAF) is a strategy for prioritizing and sharing information about the security risks to an information technology (IT) infrastructure.
- role mining - Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise.
- rootkit - A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and control over a computer or other system.
- RSA algorithm (Rivest-Shamir-Adleman) - The RSA algorithm (Rivest-Shamir-Adleman) is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it is being sent over an insecure network, such as the internet.
- scareware - Scareware is a type of malware tactic used to manipulate victims into downloading or buying potentially malware-infested software.
- screened subnet - A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces.
- script kiddie - Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses.
- secure access service edge (SASE) - Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native security technologies and delivers them as a single cloud service.
- Secure Electronic Transaction (SET) - Secure Electronic Transaction (SET) is a system and electronic protocol to ensure the integrity and security of transactions conducted over the internet.
- Secure File Transfer Protocol (SSH File Transfer Protocol) - SFTP is a term that refers to either Secure File Transfer Protocol or SSH File Transfer Protocol, and is a computing network protocol for accessing and managing files on remote systems.
- Secure Sockets Layer certificate (SSL certificate) - A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.
- Security Accounts Manager - The Security Accounts Manager (SAM) is a database file in the Microsoft Windows operating system that contains usernames and passwords.
- security analytics - Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.
- Security Assertion Markup Language (SAML) - Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.
- security audit - A security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to an established set of criteria.
- security awareness training - Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.
- security by design - Security by design is an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best practices.
- security clearance - A security clearance is an authorization that allows access to information that would otherwise be forbidden.
- security identifier (SID) - In the context of Windows computing and Microsoft Active Directory (AD), a security identifier (SID) is a unique value that is used to identify any security entity that the operating system (OS) can authenticate.
- security incident - A security incident is an event that could indicate that an organization's systems or data have been compromised or that security measures put in place to protect them have failed.
- security information management (SIM) - Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs and various other data sources.
- security operations center (SOC) - A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks.