Access control: The process of granting or denying specific requests to obtain or use resources in an information system.
Access control list (ACL): A list of permissions that controls who or what can access specific resources in a computer system or network.
Advanced persistent threat (APT): A type of cyber attack that is typically launched by a nation-state or other highly skilled and well-funded actor, and involves multiple stages of infiltration and data exfiltration over an extended period of time.
Adware: Software that displays advertisements on a computer or mobile device.
Antivirus software: A program that detects and removes malware from a computer or network.
Application security: Measures designed to protect the confidentiality, integrity, and availability of applications from cyber threats.
Asset: Any valuable resource or information owned or controlled by an organization.
Attack surface: The total number of vulnerabilities that an attacker can exploit on a target system or network.
Backup: A copy of data or system files that can be used to restore the original in the event of data loss or system failure.
BI: Business Intelligence (BI) Services analyze current and historical data, helping enterprises identify improvement areas and make decisions that drive the business to be more profitable and competitive.
Binary code: A system of representing data or instructions in the form of a series of ones and zeros.
Black hat: A term used to describe a hacker or cyber criminal who engages in unethical or illegal activities.
Blockchain: A decentralized and distributed database that is used to store and verify transactions, and is secured using cryptography.
Botnet: A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.
Breach: An unauthorized access to or use of a computer system or network.
Bug: A flaw or error in a software program that can cause it to behave unexpectedly or crash.
Cloud computing: The delivery of computing services, such as storage, processing, networking, and software, over the internet (the "cloud") rather than through a local server or personal device.
Cloud security: Measures designed to protect data and applications hosted in the cloud from cyber threats.
Command and control (C&C) server: A server that is used by an attacker to remotely control a network of compromised computers (also known as a botnet).
CRUD: “Create, Read, Update, and Delete” of data is what drives Cybersecurity. Security systems focus on securing the data and only allow authenticated and genuine users to execute CRUD operations on data.
Cryptocurrency: A digital asset that uses cryptography for security and is decentralized, meaning it is not controlled by any central authority or government.
Cryptography: The practice of secure communication by encoding messages to make them unreadable to anyone except the intended recipient.
Cybercrime: Any illegal activity that involves the use of a computer or network.
Cyber espionage: The use of cyber attacks to gather sensitive information from government or corporate organizations for political or economic gain.
Dark web: A part of the internet that is not indexed by search engines and can only be accessed using specialized software, such as the TOR browser.
Data leak: The accidental or intentional release of sensitive information to unauthorized parties.
Data loss prevention (DLP): A security strategy designed to prevent the unauthorized release of sensitive information.
Data mining: The process of extracting useful information or patterns from large datasets.
Denial of service (DoS) attack: An attempt to make a computer or network resource unavailable to its intended users by overwhelming it with traffic or requests.
Distributed denial of service (DDoS) attack: A type of DoS attack in which the attacker uses a network of compromised devices to flood the target system with traffic, making it unavailable to legitimate users.
DNS Leak: It is a security flaw in which the DNS details are sent to the ISP (Internet Service Provider) despite using VPN services to conceal
Encoding: The process of converting data into a form that can be transmitted or stored.
EDR: End Point Response is a security solution that helps to secure endpoints in a network through data analytics, behavior analysis, recording and storing every activity, and providing contextual information and suggestions.
Encryption: The process of encoding data or communication in a way that makes it unreadable to anyone except the intended recipient.
Endpoint security: Measures designed to protect individual devices, such as computers or smartphones, from cyber threats.
ERP: Enterprise Resource Planning (ERP) helps businesses automate various processes and centralize them in a single system. It is a software product.
Exploit: A piece of software, code, or technique that takes advantage of a vulnerability in a computer system or application.
Firewall: A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Golden Ticket Attack: It is a type of attack where an attacker forges valid Kerberos Ticket Granting Tickets (KTGTs), gaining access to the respective Active Directory Domain, mainly by exploiting the Microsoft Kerberos authentication protocol.
Hacking: The unauthorized access or manipulation of a computer or network.
Hash function: A mathematical function that converts an input (called a "message") into a fixed-size output (called a "hash value" or "digest") that has the following properties: it is nearly impossible to generate the same hash value for two different messages, and it is nearly impossible to recreate the original message from the hash value.
Honeypot: A computer system or network that is specifically set up to attract and trap attackers in order to study their methods and techniques.
Identity theft: The unauthorized use of someone's personal information, such as their name, social security number, or credit card details, for fraudulent purposes.
Internet of things (IoT) security: Measures designed to protect connected devices and networks from cyber threats.
Intrusion detection system (IDS): A security system that monitors network traffic for signs of security breaches or cyber attacks.
Kerbroasting Attack: Related to the Kerberos authentication, the malware masquerades as an account user and seeks an encrypted password via a ticket in this post-exploitation attack. The attackers use this ticket to steal the credentials (in plain text) and use them to gain unfretted system access.
Key logger: A type of software that records every keystroke made on a computer, often used by attackers to capture login credentials or other sensitive information.
Lateral Movement: Technique used by bad actors to move further deeper into the network after gaining initial access.
Malware: Short for "malicious software," this refers to any software designed to harm or exploit a computer or network.
MSP: Often, businesses run short of time and budget to have everything in-house. That's where Managed Service Providers (MSP) comes into the picture, providing technical, infrastructural, and maintenance assistance, among others.
Network security: Measures designed to protect the confidentiality, integrity, and availability of a network and its resources from cyber threats.
Pass-the-hash Attack: A technique in which attackers obtain the password hash and use it for authentication. It is often done by scraping the system’s active memory.
Password cracking: The process of attempting to guess or recover a password, often using specialized software or brute force attacks.
Patch: A piece of software designed to update or fix problems with a computer program or system.
Penetration testing: A type of security testing in which a team of security professionals simulates a cyber attack on a system or network to identify vulnerabilities and assess the organization's defenses.
Phishing: A type of cyber attack in which the attacker attempts to trick the victim into giving away sensitive information, such as login credentials or financial information, by disguising themselves as a legitimate entity.
Polymorphic Virus: These are file infectors capable of encrypting their codes using different encryption keys every time and are experts in avoiding detection.
Privacy: The right to be free from unauthorized or unwanted collection, use, and disclosure of personal information.
Ransomware: A type of malware that encrypts a victim's files, making them inaccessible until a ransom is paid to the attacker to decrypt them.
REST: Representational State Transfer – an architecture that helps systems communicate and connect on the web by providing standards.
Rootkit: A type of malware that is designed to gain stealthy and persistent access to a system by installing itself at the root level of the operating system.
RUM: Real User Monitoring – a tool that collects and analyses user actions, performance, and backend resources to give administrators insights to improve their current products.
SAML: The Acronym stands for Security Assertion Markup Language. It helps in credential sharing between IdP (identity providers) and SP (Service Providers)
Sandbox: A security feature that allows software to be tested in a controlled environment without affecting the rest of the system.
Scareware: A type of malware that uses social engineering to scare users and manipulate them to visit infected/spoofed websites or download malware-infected software.
Security information and event management (SIEM): A security management system that combines the capabilities of security information management (SIM) and security event management (SEM).
Social engineering: A type of cyber attack that relies on manipulating people rather than exploiting technical vulnerabilities.
Spam: Unsolicited and often unwanted email messages, typically sent in large quantities.
Spyware: Software that is installed on a computer without the user's knowledge and collects information about their online activities.
SSL Certificate: Acronym for Security Socket Layer, it is a technology that establishes an encrypted link that is established between the server and a client
Two-factor authentication (2FA): An additional layer of security that requires the user to provide a second form of authentication, such as a code sent to their phone, in addition to their password.
Trojan: A type of malware that disguises itself as a legitimate program but performs malicious actions when executed.
Virus: A type of malware that replicates itself and spreads to other computers or devices.
Vulnerability: A weakness in a system or network that can be exploited by an attacker.
Vulnerability management: The process of identifying, prioritizing, and mitigating vulnerabilities in a computer system or network.
White hat: A term used to describe a cybersecurity professional or researcher who uses their skills and knowledge for ethical purposes.
Worm: A type of malware that spreads from one computer to another by exploiting vulnerabilities in networked systems.
Zero-day vulnerability: A vulnerability in a system or software that is unknown to the vendor and can be exploited by an attacker before it has been patched.
Zero Trust: A strategic approach that assumes breach, implements least privilege access and explicitly verifies every authentication and connection. A zero-trust approach is critical in securing networks.