A comprehensive glossary of key cybersecurity terms, including encryption, phishing, and intrusion detection systems, to enhance your security knowledge.


Authentication is the process of verifying the identity of a person or a thing, by checking a password, a hardware token or any other object that can prove the identity of the person.

Read more: What is authentication? | Cloudflare 


Just as it is important that unauthorized users are kept out of an organization’s data, data should be available to authorized users whenever they require it. This means keeping systems, networks, and devices up and running.

Read more: What is the CIA Triad? Definition, Importance, & Examples 

Back Door 

Back door is any technique used by an attacker to remotely access a device without the knowledge or permission of the user.

Read more: What is a Backdoor Attack | Shell & Trojan Removal | Imperva 

Blue Team 

An internal security team whose goal is to defend the organization’s security environment from the red team.

Read more: What is a Blue Team? | XM Cyber 


Botnet, formed from the amalgamation of the words ‘robot’ and ‘network’, is a network of computers built to help hackers enhance their capacity to carry out mass cyberattacks, using applications designed to run automated scripts called bots.

Read more: What is a Botnet? ( 

CI/CD pipeline 

Continuous Integration and Continuous Deployment (CI/CD) pipeline is a series of steps focused on improving the reliability of the software delivery process.

Read more: CI/CD Pipeline & Security: A Guide to Continuous Integration and Delivery | Fortinet 

CIA Triad 

Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.

Read more: confidentiality, integrity and availability (CIA triad) 

Cloud Security 

Cloud security, also known as cloud computing security, includes policies, controls and procedures to protect cloud-based systems and data.

Read more: What is Cloud Security? | Microsoft Security 


Confidentiality has to do with keeping an organization’s data private. This often means that only authorized users and processes should be able to access or modify data.

Read more: What is the CIA Triad? Definition, Importance, & Examples 

Cross-Site Request Forgery 

Cross-Site Request Forgery (CSRF) is a web security vulnerability where an attacker manipulates a victim user to perform actions which he doesn’t intend to.

Read more: Cross Site Request Forgery (CSRF) | OWASP Foundation 


Cryptography is the method of converting information to a form such that only the intended person is able to read it. The main intention of this technique is to secure information and communication.

Read more: What is Cryptography? Definition, Importance, Types | Fortinet 


CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer vulnerabilities. When someone refers to a CVE, they mean a security flaw that’s been assigned a CVE ID number.

Read more: FAQs | CVE 


CWE, short for Common Weakness Enumeration, is a formal list of common software and hardware weaknesses that can occur in a computer system, and which can lead to security vulnerabilities that can be exploited.

Read more: CWE – Frequently Asked Questions (FAQ) ( 


Dynamic application security testing (DAST) is a testing technique used to analyze web applications and detect vulnerabilities in its running state.

Read more: Definition of DAST – IT Glossary | Gartner 

Data Breach 

A data breach is an incident where security of a system is violated when an unauthorized person gains access to information.

Read more: What is a data breach? ( 

DDoS Attack 

Distributed Denial-of-Service (DDoS) is a cyber-attack carried out from multiple sources on a single victim, to make the victim site deny its services to its users.

Read more: What is a distributed denial-of-service (DDoS) attack? | Cloudflare 


Decryption is the process of converting back encrypted data into a comprehensible format. Refer more: 


Short for development, Security, and Operations, DevSecOps is an approach taken to integrate security at every stage of the software development lifecycle along with development and operations.

Read more: What is DevSecOps? | IBM 

DOS Attack 

Denial-of-Service (DOS) is a type of cyber attack where users are blocked from accessing a website by interjecting the normal functioning of the system.

Read more: What is a denial-of-service (DoS) attack? | Cloudflare 


Encryption is the process of converting readable data into incomprehensible text, known as ciphertext, so that the data cannot be comprehended by an unauthorized party. Hence the data is protected.

Read more: What is encryption? | Types of encryption | Cloudflare 


Hacker is a person who uses computer, networking, programming or related skills to hack into a cyber system, ethically or unethically.

Read more: What Is a Hacker? – Cisco