Glossary

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

Agent

An agent, or software agent, is a computer program that performs a function automatically for a human user or another program or system.

Learn more about “Agent”

Artificial Intelligence

Artificial intelligence (AI) is a type of intelligence demonstrated by machines, as opposed to natural intelligence, demonstrated by biological organisms.

Learn more about “Artificial Intelligence”

Attacker

An attacker is an individual or organization that carries out a cyberattack on a target with the intent of damaging, stealing, destroying, exposing, accessing, or otherwise modifying secure or sensitive information or systems.

Learn more about “Attacker”

Authentication

Authentication is used by computer systems and applications to check that a user or other application is who they claim to be, and can access the system and its data. If a user positively authenticates themselves, they are then granted access to the application and data.

Learn more about “Authentication”

B

Backdoor

A backdoor is a way to access computer systems, software, or data without having to go through standard authorization and login processes. Although backdoors are sometimes created by developers for building and testing, they are easily exploited by attackers to gain unauthorized access.

Learn more about “Backdoor”

Blacklist

A blacklist is a security feature that denies access to a system if the way the system is accessed is identical to the blacklist criteria. Blacklists are used to exclude certain types of access to sensitive data, systems, websites, or applications.

Learn more about “Blacklist”

Breach

A breach, or data breach, is damage caused by unauthorized access to your computer systems, software, or data that results in the exposure of sensitive information. A data breach can cause significant financial and reputational damage.

Learn more about “Breach”

C

Confidentiality

Confidentiality is an approach used to give authorized users access to sensitive data in accordance with business and role-based needs. It can also relate to the various methods used to ensure confidentiality against unauthorized users.

Learn more about “Confidentiality”

Cybersecurity

Cybersecurity is a catch-all term for the various approaches, technology, tools, frameworks, methods, and best practices designed to secure computer systems from unauthorized access and exploitation.

Learn more about “Cybersecurity”

E

Encryption

Encryption is the process of making data more secure by using an algorithm to encrypt the data so it cannot be accessed, read, or used without a corresponding decryption key. Encryption is used to protect sensitive information.

Learn more about “Encryption”

Exploit

An exploit is a way for a criminal or hacker to gain access to, or take advantage of, a vulnerability or flaw in a computer system. Exploits can be entered through specialized software, as manual commands, or by using data chunks and other techniques. An exploit will typically be followed up with data theft or other damage to an organization’s data and IT systems.

Learn more about “Exploit”

F

Fingerprinting

Fingerprinting is a type of biometric technology, where someone who wants to access a sensitive system has their fingerprints recorded. Then, when they need to access the system, their fingerprints are scanned. Assuming a positive match, this is then combined with other login information to grant access.

Learn more about “Fingerprinting”

Firewall

A firewall is a type of technology that enforces rules on the type of data that can be transmitted into or out of a particular computer system or IT network. It is an early line of defense against unauthorized access to sensitive computer systems.

Learn more about “Firewall”

Footprinting

Footprinting is a technique that hackers and criminals use to find out about the specific environment or IT ecosystem a potentially vulnerable system operates in. This makes it easier for them to intrude into the system so they can steal data or cause other issues.

Learn more about “Footprinting”

H

HTTPS

HyperText Transport Protocol Secure (HTTPS) is a communication protocol used to access information from a secure web server. HTTPS uses strong encryption to prevent others from reading or hijacking data when it is in transit between a secure web server and a browser.

Learn more about “HTTPS”

I

Integrity

Computer system and data integrity relates to the methods and approaches used to protect data and systems from unauthorized access, and to ensure that any data is real, accurate, consistent, and valid across its entire lifecycle.

Learn more about “Integrity”

K

Key

A key, typically a network security key, is a series of numbers and characters that users, devices, apps, and infrastructure use to get legitimate access to a computer network. This ensures that only authentic people, processes, and technology can gain access.

Learn more about “Key”

M

Malware

Malware is a type of malicious software that criminals use to gain access to computer systems, applications, and data. Malware comes in many varieties but is mainly designed to steal information and extort businesses for financial gain.

Learn more about “Malware”

Mitigation

Mitigation is the term for the various methods and techniques that security experts and others can use to minimize the risk of IT failure, data theft, and other activities that compromise data, systems, and applications.

Learn more about “Mitigation”

O

Office 365 Sign On

MS Office 365 Sign On can refer to how users get access to various Office 365 applications and data. It can also refer to the various techniques that are used to protect Office 365 accounts and data from unauthorized access.

Learn more about “Office 365 Sign On”

P

Patch

A patch is a fix that is applied to software, firmware, middleware, infrastructure, and other IT areas to improve or repair specific IT elements. In security terms, a patch is most often applied to remove vulnerabilities that could be exploited by criminals.

Learn more about “Patch”

Phishing

Phishing is an attack method used by hackers and criminals to get unwitting people to enter sensitive information and login details into a fraudulent website. Attackers typically use electronic communications like emails to influence people to enter details into their fraudulent websites.

Learn more about “Phishing”

Point of Sale

Point of Sale (POS) are software and systems that help a business to sell products and services to customers. POS systems will often integrate with other parts of the business to maximize revenue. POS systems can be vulnerable to employee fraud and theft.

Learn more about “Point of Sale”

Privacy

Privacy, also known as data privacy or information privacy is a way to define what data can be safely shared with third-parties without violating personal rights, business policies, or other factors.

Learn more about “Privacy”

Proxy

A proxy is a type of internet service that acts as an intermediary when transmitting and receiving information between users and services. A proxy server can protect the user’s identity or make it appear as if they are accessing data from a different IP address.

Learn more about “Proxy”

R

Ransomware

Ransomware is a specific type of malware that infects an organization’s IT systems and data. It then locks up and encrypts that data and only decrypts and allows access once a ransom is paid.

Learn more about “Ransomware”

Root

A “root” account is a special account on a computer system or network that provides privileged, superuser access and functions to special users. It is often targeted by hackers and malware using tools like a “rootkit.”

Learn more about “Root”

S

Scraping

Data scraping allows a computer program to extract information from human-readable output, most often created by another computer program. Data scraping can be used on websites, software applications, and other areas.

Learn more about “Scraping”

Security Assertion Markup Language

Security Assertion Markup Language (SAML) is a way to securely pass authorization credentials so that a user can access SaaS applications.

Learn more about “Security Assertion Markup Language”

Security Token

A security token is a device used in two-factor or multifactor authentication to authenticate a user and authorize them to access an organization’s network, systems, and data. A security token is often used alongside other security measures to grant access.

Learn more about “Security Token”

Single Sign On

Single sign on is a method of logging in and authenticating with a computer system once that then gives you access to multiple systems without having to enter separate login credentials on each one.

Learn more about “Single Sign On”

Social Engineering

Social engineering is a way to attack computer software, systems, and information through manipulating employees, third parties, and other people and groups. Social engineering attempts to convince unwitting victims to provide authorized access to hackers through the use of trickery and scams.

Learn more about “Social Engineering”

Spyware

Spyware is a type of malicious software (malware) that criminals use to steal information about computer systems, applications, and data. Spyware is mainly designed to gain access to sensitive data and systems so that information can be used for financial gain.

Learn more about “Spyware”

SQL Injection

An SQL Injection is a type of attack on a computer system. It injects “bad” code into a database in an attempt to manipulate the database, expose sensitive information, or otherwise disrupt business operations.

Learn more about “SQL Injection”

T

Trojan Horse

A Trojan Horse is a specific type of malware that misleads users about what it will do. It initially appears harmless, but once it infects a system, it releases a payload that may cause operational harm or expose sensitive data.

Learn more about “Trojan Horse”

Two Factor Authentication

Two Factor Authentication is a way to verify the identities of users through a combination of passwords, logins, and another authentication factor. If a user positively authenticates themselves through two factor authentication, they are then granted access to the application and data.

Learn more about “Two Factor Authentication”

U

User Accounts

A user account is a way for an individual to connect with a particular service, system, or computer network. User accounts help to identify individuals within the network and provide certain access levels and privileges, depending on what the account is intended to do.

Learn more about “User Accounts”

V

Vulnerability

A vulnerability is a flaw in a computer system that a criminal or hacker can exploit to get unauthorized access to systems, data, or applications.

Learn more about “Vulnerability”

W

Whitelist

A whitelist is a security feature that only allows access to systems, software, or data if the way the system is accessed is identical to the whitelist criteria. Whitelists are used to ensure only access meeting predefined filters or authorization is allowed access to sensitive areas.

Learn more about “Whitelist”

Z

Zero Day Vulnerability

A zero day vulnerability is a brand new flaw in computer systems, code, or software that is unknown to the vendors, developers, or other parties that would be in a position to fix the code or patch the vulnerability. This is a significant risk as if these zero day vulnerabilities are detected by hackers, they can be exploited with little recourse.

Learn more about “Zero Day Vulnerability”