Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
holistic security - Holistic security is an approach that seeks to integrate all the elements designed to safeguard an organization, considering them as a complex and interconnected system.
homomorphic encryption - Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.
Honey Encryption - Honey Encryption is a security tool that makes it difficult for an attacker who is carrying out a brute force attack to know if he has correctly guessed a password or encryption key.
honey monkey - A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet.
honeynet - A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.
Honeynet Project - The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing.
honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.
host intrusion prevention systems (HIPS) - A host intrusion prevention system (HIPS) is a security method that relies on third-party software tools to monitor network traffic and system activities for anomalous code behavior to identify and prevent malicious activities.
hot site and cold site - A hot site is a commercial disaster recovery service that allows a business to continue computer and network operations in the event of a computer or equipment disaster.
hotword - Hotword is an audio listening module included with Google Chrome and Chromium, the open source version of the browser.
htaccess - .htaccess is the default name for a file that is used to indicate who can or cannot access the contents of a specific file directory from the Internet or an intranet.
HTTPS (HTTP over SSL or HTTP Secure) - HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering.
hypervisor security - Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.
identity chaos (password chaos) - Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.
Identity Ecosystem - Identity Ecosystem, more formally known as the National Strategy for Trusted Identities in Cyberspace, is a proposal from the United States federal government to improve identity authentication on the Internet and make online transactions safer.
identity governance - Identity governance is the policy-based centralized orchestration of user identity management and access control.
identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.
IFrame (Inline Frame) - The IFrame HTML element is often used to insert content from another source, such as an advertisement, into a Web page.
IISP (Institute of Information Security Professionals) - The IISP (Institute of Information Security Professionals) is a London-based professional membership association who describes its purpose as: "to set the standard for professionalism in information security, and to speak with an independent and authoritative voice on the subject.
IM worm - An IM worm is self-replicating malicious code that spreads in instant messaging networks.
in the wild - According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.
incident - An incident is an occurrence where a service or component fails to provide a feature or service that it was designed to deliver.
incident response - Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.
incident response plan (IRP) - An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.
incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
information security (infosec) - Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.
information-centric security - Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.
Infranet Initiative - The Infranet Initiative is a collaborative effort to develop a high-performance universal public network that would serve as a supplement to the Internet for businesses and other high-demand users.
initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
insider threat - Insider threat is a category of risk posed by humans who have access to an organization's physical or digital assets.
integer overflow - Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.
integrated threat management - Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels.
intelligence (intel) - According to the FBI, intelligence is both the information itself and the processes used to collect and analyze it.
intelligent video - Intelligent video is digital video technology integrated with analytical software.
Internet Key Exchange (IKE) - The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.
intrusion detection system (IDS) - An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
inverse mapping - Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.
IP camera - An IP camera is a networked digital video camera that transmits data over a Fast Ethernet link.
IP Spoofing - IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.
IP surveillance - IP surveillance is a digitized and networked version of closed-circuit television (CCTV).
IPsec (Internet Protocol Security) - IPsec, also known as the Internet Protocol Security or IP Security protocol, defines the architecture for security services for IP network traffic.
iptables - Iptables is a generic table structure that defines rules and commands as part of the netfilter framework that facilitates Network Address Translation (NAT), packet filtering, and packet mangling in the Linux 2.
iris recognition - Iris recognition is a method of identifying people based on unique patterns within the ring-shaped region surrounding the pupil of the eye.
IT incident report - An IT incident report is documentation of an event that has disrupted the normal operation of some IT system (or that had the potential to do so) and how that situation was handled.
IT systems management - Systems management is the administration of the information technology systems in an enterprise data center.
IT/OT convergence - IT/OT convergence is the integration of information technology (IT) systems with operational technology (OT) systems.
ITIL v3 - ITIL v3 is the third version of the Information Technology Infrastructure Library, a globally recognized collection of best practices for managing information technology (IT).
journaling file system - A journaling file system is a fault-resilient file system in which data integrity is ensured because updates to directories and bitmaps are constantly written to a serial log on disk before the original disk log is updated.
Kerberos - Kerberos is the authentication protocol used by most operating systems.
key - In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.
key chain - A key chain is a series of keys that can be created to help ensure secure communication between routers in a network.
key fob - A key fob is a small, programmable hardware device that provides access to a physical object.
key string - A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.
key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.
keystroke dynamics - Keystroke dynamics are the patterns of rhythm and timing created when a person types.
kiosk mode (Windows assigned access) - Kiosk mode is specialized function that allows Microsoft Windows to provide a single application for users signing on as guests or generic authorized users while preventing access to other files, data and functionality of the operating system and computer.
knowledge process outsourcing (KPO) - Knowledge process outsourcing (KPO) is the allocation of relatively high-level tasks to an outside organization or a different group within the same organization.
knowledge-based authentication (KBA) - In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.
known unknown - A known unknown is information whose existence you are aware of but that is not in your possession.
law of unintended consequences - The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.
live capture - Live capture is the act or method of gathering biometric data from an individual while the individual is physically present.
local wipe - Local wipe, also known as auto-wipe, is deletion of a device's data which is initiated by software on the device itself, rather than through remote administration.
locked down device (LDD) - A locked down device (LDD) is a mobile device, typically a smartphone, that is shipped by a vendor with the ability to accept only the SIM card that originally came with it.
log management - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
logic bomb - A logic bomb, sometimes referred to as slag code, is a string of malicious code used to cause harm to a network when the programmed conditions are met.
Lookout Mobile Security - Lookout Mobile Security is an antimalware, data backup and remote management app for smartphones and tablets.
LUN masking - LUN masking is a further constraint added to zoning, subdividing access to the port so that only LUNs authorized to access a specific server can access the corresponding port.
Malware Analysis Report (MAR) - Malware Analysis Report (MAR) is a document that relates the functionality and effects of a given piece of malware.
man-in-the-middle attack (MitM) - A man-in-the-middle attack is one in which the attacker secretly intercepts and relays messages between two parties who think they are communicating directly with each other.
managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
Managed security service provider (MSSP) - A managed security service provider (MSSP) is an IT service provider that provides an organization with some amount of cybersecurity monitoring and management, which may include virus and spam blocking, intrusion detection, firewalls and virtual private network (VPN) management.
mandatory access control (MAC) - Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.