Glossary

A comprehensive glossary of key cybersecurity terms, including encryption, phishing, and intrusion detection systems, to enhance your security knowledge

Authentication

Authentication is the process of verifying the identity of a person or a thing, by checking a password, a hardware token or any other object that can prove the identity of the person.

Availability

Just as it is important that unauthorized users are kept out of an organization’s data, data should be available to authorized users whenever they require it. This means keeping systems, networks, and devices up and running.

Back Door

Back door is any technique used by an attacker to remotely access a device without the knowledge or permission of the user.

Blue Team

An internal security team whose goal is to defend the organization’s security environment from the red team.

Botnet

Botnet, formed from the amalgamation of the words ‘robot’ and ‘network’, is a network of computers built to help hackers enhance their capacity to carry out mass cyberattacks, using applications designed to run automated scripts called bots.

CI/CD pipeline

Continuous Integration and Continuous Deployment (CI/CD) pipeline is a series of steps focused on improving the reliability of the software delivery process.

CIA Triad

Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.

Cloud Security

Cloud security, also known as cloud computing security, includes policies, controls and procedures to protect cloud-based systems and data.

Confidentiality

Confidentiality has to do with keeping an organization’s data private. This often means that only authorized users and processes should be able to access or modify data.

Cross-Site Request Forgery

Cross-Site Request Forgery (CSRF) is a web security vulnerability where an attacker manipulates a victim user to perform actions which he doesn’t intend to.

Cryptography

Cryptography is the method of converting information to a form such that only the intended person is able to read it. The main intention of this technique is to secure information and communication.

CVE

CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer vulnerabilities. When someone refers to a CVE, they mean a security flaw that’s been assigned a CVE ID number.

CWE

CWE, short for Common Weakness Enumeration, is a formal list of common software and hardware weaknesses that can occur in a computer system, and which can lead to security vulnerabilities that can be exploited.

DAST

Dynamic application security testing (DAST) is a testing technique used to analyze web applications and detect vulnerabilities in its running state.

Data Breach

A data breach is an incident where security of a system is violated when an unauthorized person gains access to information.

DDoS Attack

Distributed Denial-of-Service (DDoS) is a cyber-attack carried out from multiple sources on a single victim, to make the victim site deny its services to its users.

Decryption

Decryption is the process of converting back encrypted data into a comprehensible format. Refer more:

DevSecOps

Short for development, Security, and Operations, DevSecOps is an approach taken to integrate security at every stage of the software development lifecycle along with development and operations.

DOS Attack

Denial-of-Service (DOS) is a type of cyber attack where users are blocked from accessing a website by interjecting the normal functioning of the system.

Encryption

Encryption is the process of converting readable data into incomprehensible text, known as ciphertext, so that the data cannot be comprehended by an unauthorized party. Hence the data is protected.

Let us show you how we can help your organization

For starters, we can show how to improve upon your existing security in 30 mins. Care to proceed?