Access control: The process of granting or denying specific requests to obtain or use resources in an information system.

    Access control list (ACL): A list of permissions that controls who or what can access specific resources in a computer system or network.

    Advanced persistent threat (APT): A type of cyber attack that is typically launched by a nation-state or other highly skilled and well-funded actor, and involves multiple stages of infiltration and data exfiltration over an extended period of time.

    Adware: Software that displays advertisements on a computer or mobile device.

    Antivirus software: A program that detects and removes malware from a computer or network.

    Application security: Measures designed to protect the confidentiality, integrity, and availability of applications from cyber threats.

    Asset: Any valuable resource or information owned or controlled by an organization.

    Attack surface: The total number of vulnerabilities that an attacker can exploit on a target system or network.


    Backup: A copy of data or system files that can be used to restore the original in the event of data loss or system failure.

    BI: Business Intelligence (BI) Services analyze current and historical data, helping enterprises identify improvement areas and make decisions that drive the business to be more profitable and competitive.

    Binary code: A system of representing data or instructions in the form of a series of ones and zeros.

    Black hat: A term used to describe a hacker or cyber criminal who engages in unethical or illegal activities.

    Blockchain: A decentralized and distributed database that is used to store and verify transactions, and is secured using cryptography.

    Botnet: A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.

    Breach: An unauthorized access to or use of a computer system or network.

    Bug: A flaw or error in a software program that can cause it to behave unexpectedly or crash.


    Cloud computing: The delivery of computing services, such as storage, processing, networking, and software, over the internet (the "cloud") rather than through a local server or personal device.

    Cloud security: Measures designed to protect data and applications hosted in the cloud from cyber threats.

    Command and control (C&C) server: A server that is used by an attacker to remotely control a network of compromised computers (also known as a botnet).

    CRUD: “Create, Read, Update, and Delete” of data is what drives Cybersecurity. Security systems focus on securing the data and only allow authenticated and genuine users to execute CRUD operations on data.

    Cryptocurrency: A digital asset that uses cryptography for security and is decentralized, meaning it is not controlled by any central authority or government.

    Cryptography: The practice of secure communication by encoding messages to make them unreadable to anyone except the intended recipient.

    Cybercrime: Any illegal activity that involves the use of a computer or network.

    Cyber espionage: The use of cyber attacks to gather sensitive information from government or corporate organizations for political or economic gain.


    Dark web: A part of the internet that is not indexed by search engines and can only be accessed using specialized software, such as the TOR browser.

    Data leak: The accidental or intentional release of sensitive information to unauthorized parties.

    Data loss prevention (DLP): A security strategy designed to prevent the unauthorized release of sensitive information.

    Data mining: The process of extracting useful information or patterns from large datasets.

    Denial of service (DoS) attack: An attempt to make a computer or network resource unavailable to its intended users by overwhelming it with traffic or requests.

    Distributed denial of service (DDoS) attack: A type of DoS attack in which the attacker uses a network of compromised devices to flood the target system with traffic, making it unavailable to legitimate users.

    DNS Leak: It is a security flaw in which the DNS details are sent to the ISP (Internet Service Provider) despite using VPN services to conceal


    Encoding: The process of converting data into a form that can be transmitted or stored.

    EDR: End Point Response is a security solution that helps to secure endpoints in a network through data analytics, behavior analysis, recording and storing every activity, and providing contextual information and suggestions.

    Encryption: The process of encoding data or communication in a way that makes it unreadable to anyone except the intended recipient.

    Endpoint security: Measures designed to protect individual devices, such as computers or smartphones, from cyber threats.

    ERP: Enterprise Resource Planning (ERP) helps businesses automate various processes and centralize them in a single system. It is a software product.

    Exploit: A piece of software, code, or technique that takes advantage of a vulnerability in a computer system or application.


    Firewall: A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.


    Golden Ticket Attack: It is a type of attack where an attacker forges valid Kerberos Ticket Granting Tickets (KTGTs), gaining access to the respective Active Directory Domain, mainly by exploiting the Microsoft Kerberos authentication protocol.


    Hacking: The unauthorized access or manipulation of a computer or network.

    Hash function: A mathematical function that converts an input (called a "message") into a fixed-size output (called a "hash value" or "digest") that has the following properties: it is nearly impossible to generate the same hash value for two different messages, and it is nearly impossible to recreate the original message from the hash value.

    Honeypot: A computer system or network that is specifically set up to attract and trap attackers in order to study their methods and techniques.


    Identity theft: The unauthorized use of someone's personal information, such as their name, social security number, or credit card details, for fraudulent purposes.

    Internet of things (IoT) security: Measures designed to protect connected devices and networks from cyber threats.

    Intrusion detection system (IDS): A security system that monitors network traffic for signs of security breaches or cyber attacks.


    Kerbroasting Attack: Related to the Kerberos authentication, the malware masquerades as an account user and seeks an encrypted password via a ticket in this post-exploitation attack. The attackers use this ticket to steal the credentials (in plain text) and use them to gain unfretted system access.

    Key logger: A type of software that records every keystroke made on a computer, often used by attackers to capture login credentials or other sensitive information.


    Lateral Movement: Technique used by bad actors to move further deeper into the network after gaining initial access.


    Malware: Short for "malicious software," this refers to any software designed to harm or exploit a computer or network.

    MSP: Often, businesses run short of time and budget to have everything in-house. That's where Managed Service Providers (MSP) comes into the picture, providing technical, infrastructural, and maintenance assistance, among others.


    Network security: Measures designed to protect the confidentiality, integrity, and availability of a network and its resources from cyber threats.


    Pass-the-hash Attack: A technique in which attackers obtain the password hash and use it for authentication. It is often done by scraping the system’s active memory.

    Password cracking: The process of attempting to guess or recover a password, often using specialized software or brute force attacks.

    Patch: A piece of software designed to update or fix problems with a computer program or system.

    Penetration testing: A type of security testing in which a team of security professionals simulates a cyber attack on a system or network to identify vulnerabilities and assess the organization's defenses.

    Phishing: A type of cyber attack in which the attacker attempts to trick the victim into giving away sensitive information, such as login credentials or financial information, by disguising themselves as a legitimate entity.

    Polymorphic Virus: These are file infectors capable of encrypting their codes using different encryption keys every time and are experts in avoiding detection.

    Privacy: The right to be free from unauthorized or unwanted collection, use, and disclosure of personal information.


    Ransomware: A type of malware that encrypts a victim's files, making them inaccessible until a ransom is paid to the attacker to decrypt them.

    REST: Representational State Transfer – an architecture that helps systems communicate and connect on the web by providing standards.

    Rootkit: A type of malware that is designed to gain stealthy and persistent access to a system by installing itself at the root level of the operating system.

    RUM: Real User Monitoring – a tool that collects and analyses user actions, performance, and backend resources to give administrators insights to improve their current products.


    SAML: The Acronym stands for Security Assertion Markup Language. It helps in credential sharing between IdP (identity providers) and SP (Service Providers)

    Sandbox: A security feature that allows software to be tested in a controlled environment without affecting the rest of the system.

    Scareware: A type of malware that uses social engineering to scare users and manipulate them to visit infected/spoofed websites or download malware-infected software.

    Security information and event management (SIEM): A security management system that combines the capabilities of security information management (SIM) and security event management (SEM).

    Social engineering: A type of cyber attack that relies on manipulating people rather than exploiting technical vulnerabilities.

    Spam: Unsolicited and often unwanted email messages, typically sent in large quantities.

    Spyware: Software that is installed on a computer without the user's knowledge and collects information about their online activities.

    SSL Certificate: Acronym for Security Socket Layer, it is a technology that establishes an encrypted link that is established between the server and a client


    Two-factor authentication (2FA): An additional layer of security that requires the user to provide a second form of authentication, such as a code sent to their phone, in addition to their password.

    Trojan: A type of malware that disguises itself as a legitimate program but performs malicious actions when executed.


    Virus: A type of malware that replicates itself and spreads to other computers or devices.

    Vulnerability: A weakness in a system or network that can be exploited by an attacker.

    Vulnerability management: The process of identifying, prioritizing, and mitigating vulnerabilities in a computer system or network.


    White hat: A term used to describe a cybersecurity professional or researcher who uses their skills and knowledge for ethical purposes.

    Worm: A type of malware that spreads from one computer to another by exploiting vulnerabilities in networked systems.


    Zero-day vulnerability: A vulnerability in a system or software that is unknown to the vendor and can be exploited by an attacker before it has been patched.

    Zero Trust: A strategic approach that assumes breach, implements least privilege access and explicitly verifies every authentication and connection. A zero-trust approach is critical in securing networks.

Full Name*
Phone Number*
Official E-mail*