Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
  • What is malware? Prevention, detection and how attacks work - Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server.
  • What is network scanning? How to, types and best practices - Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal to devices and await a response.
  • What is obfuscation and how does it work? - Obfuscation means to make something difficult to understand.
  • What is OPSEC (operations security)? - OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.
  • What is password cracking? - Password cracking is the process of using an application program to identify an unknown or forgotten password that allows access to a computer or network resource.
  • What is passwordless authentication? - Passwordless authentication allows a user to sign into a service without using a password.
  • What is PCI DSS (Payment Card Industry Data Security Standard)? - The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
  • What is PKI (public key infrastructure)? - PKI (public key infrastructure) is the underlying framework that enables the secure exchange of information over the internet using digital certificates and public key encryption.
  • What is ransomware? How it works and how to remove it - Ransomware is a type of malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment.
  • What is role-based access control (RBAC)? - Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.
  • What is SAML (Security Assertion Markup Language)? - Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.
  • What is security information and event management (SIEM)? - Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system.
  • What is shared responsibility model? - A shared responsibility model is a cloud security framework that dictates the security obligations of a cloud computing provider and its users to ensure accountability.
  • What is SSH (Secure Shell) and How Does It Work? - SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network.
  • What is static application security testing (SAST)? - Static application security testing (SAST) is the process of analyzing and testing application source code for security vulnerabilities.
  • What is the CIA triad (confidentiality, integrity and availability)? - The CIA triad refers to confidentiality, integrity and availability, describing a model designed to guide policies for information security within an organization.
  • What is the Cybersecurity Information Sharing Act (CISA)? - The Cybersecurity Information Sharing Act (CISA) allows United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
  • What is the dark web (darknet)? - The dark web is an encrypted portion of the internet not visible to the general public via a traditional search engine such as Google.
  • What is the Mitre ATT&CK framework? - The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.
  • What is the zero-trust security model? - The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs.
  • What is threat intelligence? - Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization.
  • What is two-factor authentication (2FA)? - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
  • What is unified endpoint management (UEM)? A complete guide - Unified endpoint management (UEM) is an approach to securing and controlling desktop computers, laptops, smartphones and tablets in a connected, cohesive manner from a single console.
  • What is unified threat management (UTM)? - Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.
  • white hat hacker - A white hat hacker -- or ethical hacker -- is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
  • Wi-Fi (802.11x standard) - Wi-Fi is a term for certain types of wireless local area networks (WLAN) that use specifications in the IEEE 802.
  • Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for computing devices equipped with wireless internet connections.
  • Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
  • wildcard certificate - A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.
  • Windows Defender Exploit Guard - Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.
  • Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
  • Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP.
  • Wireshark - Wireshark is a widely used network protocol analyzer that lets users capture and view the details of network traffic in real time.
  • X.509 certificate - An X.509 certificate is a digital certificate that uses the widely accepted international X.
  • zero-day vulnerability - A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it.
  • Zoombombing - Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app.