Browse Definitions :

Security

This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Anti-virus, antimalware

Terms related to spyware, including definitions about malware and words and phrases about online advertising, adware and online privacy.

  • firewall

    A firewall is software or firmware that prevents unauthorized access to a network.

  • industrial espionage

    Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage.

  • pharming

    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent.

View All Anti-virus, antimalware Definitions

Application security

Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.

  • What is a private cloud?

    Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.

  • meet-in-the-middle attack

    Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.

  • cyberwarfare

    The generally accepted definition of cyberwarfare is the use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.

View All Application security Definitions Back to Top

Authentication, access control

Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Amazon Cognito

    Amazon Cognito is an Amazon Web Services product that controls user authentication and access for mobile applications on internet-connected devices.

  • password cracking

    Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.

  • Extensible Authentication Protocol (EAP)

    The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.

View All Authentication, access control Definitions Back to Top

Malware

Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain.

View All Malware Definitions Back to Top

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • ping sweep (ICMP sweep)

    A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).

  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks -- and unavailable to other entities.

View All Network security Definitions Back to Top

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • ping sweep (ICMP sweep)

    A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks -- and unavailable to other entities.

  • What is a private cloud?

    Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.

View All Threat management Definitions Back to Top
SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • bare-metal cloud

    Bare-metal cloud is a public cloud service that offers dedicated hardware resources without any installed operating systems or ...

  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

Close