Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Anti-virus, antimalware
Terms related to spyware, including definitions about malware and words and phrases about online advertising, adware and online privacy.
-
cache poisoning (DNS poisoning, web cache poisoning)
Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.
-
spyware
Spyware is software that is installed on a computing device without the user's knowledge. Spyware can be difficult to detect; often, the first indication a user has that a computing device has been infected with spyware is a noticeable reduction in processor or network connection speeds and in the case of mobile devices -- data usage and battery life.
-
mobile malware
Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
Application security
Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.
-
Web application firewall (WAF)
A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are especially useful to companies that provide products or services over the Internet.
-
man-in-the-disk (MITD) attack
Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.
-
mobile application vetting
Mobile application vetting is a process that app developers take to verify the compliance of mobile applications with a specified security requirement or standard.
Authentication, access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
man-in-the-disk (MITD) attack
Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.
-
orphan account
An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.
-
software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
Malware
Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.
-
fileless malware attack
A fileless malware attack is a type of malicious attack a hacker can use to leverage applications already installed in a computer.
-
Gen V attack (5th generation cyberattack)
Gen V attack is a 5th generation cyberattack that is typically defined by the threat level and sophistication of the attack, including very large data breaches.
-
cryptomining malware
Cryptomining malware is a form of malware that takes over a computer or mobile device's resources and uses them to perform cryptocurrency mining, a process of verifying cryptocurrency transactions using complex mathematical formulas also known as cryptojacking.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
event
An event, in a computing context, is an action or occurrence that can be identified by a program and has significance for system hardware or software.
-
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message.
-
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming... (Continued)
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
fileless malware attack
A fileless malware attack is a type of malicious attack a hacker can use to leverage applications already installed in a computer.
-
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message.
-
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming... (Continued)