Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Anti-virus, antimalware
Terms related to spyware, including definitions about malware and words and phrases about online advertising, adware and online privacy.
-
spyware
Spyware is software that is installed on a computing device without the user's knowledge. Spyware can be difficult to detect; often, the first indication a user has that a computing device has been infected with spyware is a noticeable reduction in processor or network connection speeds and in the case of mobile devices -- data usage and battery life.
-
mobile malware
Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
-
Google Titan
Google Titan is a security chip designed to protect computers from firmware-based rootkits and other malware-infecting firmware. Titan as a key element in Google's security and allows the company to boast that security for its Google Cloud Platform services goes to the hardware root of trust level.
Application security
Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.
-
software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
-
one-time password (OTP)
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.
-
log analytics
Log analytics is the assessment of a recorded set of information from one or more events, captured from a computer, network, application operating system (OS) or other IT ecosystem component.
Authentication, access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
-
mimikatz
Mimikatz is an open source malware program used by hackers and penetration testers to gather credentials on Windows computers.
-
one-time password (OTP)
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.
Malware
Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.
-
ATM black box attack
An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.
-
mobile malware
Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
-
ransomware as a service (RaaS)
Ransomware as a service (RaaS) is the offering of pay-for-use malware created for extortion over stolen or encrypted data, known as ransomware.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
brute force attack
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
-
steganography
Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.
-
PCI DSS merchant levels
Merchant levels are used by the payment card industry (PCI) to determine risk levels and determine the appropriate level of security for their businesses. Specifically, merchant levels determine the amount of assessment and security validation that is required for the merchant to pass PCI DSS assessment.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
brute force attack
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
-
ATM black box attack
An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.
-
steganography
Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.