Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
What is acceptable use policy (AUP)?
An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources.
-
What is identity governance and administration (IGA)?
Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.
-
What is two-factor authentication (2FA)?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
What is records management?
Records management is the supervision and administration of digital or paper records, regardless of format.
-
What is OPSEC (operations security)?
OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.
-
What is PHI (protected or personal health information)?
Protected health information (PHI), also referred to as 'personal health information,' is the demographic information, medical histories, test and laboratory results, physical and mental health conditions, insurance information and other data that a healthcare professional collects to identify an individual and determine appropriate care.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
What is a threat intelligence feed?
A threat intelligence feed, also known as a TI feed, is an ongoing stream of data related to potential or current threats to an organization's security.
-
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers.
-
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
What is a threat intelligence feed?
A threat intelligence feed, also known as a TI feed, is an ongoing stream of data related to potential or current threats to an organization's security.
-
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers.
-
What is acceptable use policy (AUP)?
An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
What is endpoint detection and response (EDR)?
Endpoint detection and response (EDR) is a system that gathers and analyzes security threat-related information from computer workstations and other endpoints.
-
What is AI red teaming?
AI red teaming is the practice of simulating attack scenarios on an artificial intelligence application to pinpoint weaknesses and plan preventative measures.
-
What is data poisoning (AI poisoning) and how does it work?
Data or AI poisoning attacks are deliberate attempts to manipulate the training data of artificial intelligence and machine learning models to corrupt their behavior and elicit skewed, biased or harmful outputs.