Browse Definitions :

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

THR - ZOO

  • threat actor - A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security.
  • threat hunter (cybersecurity threat analyst) - A threat hunter, also called a cybersecurity threat analyst, is a security professional or managed service provider (MSP) that proactively uses manual or machine-assisted techniques to detect security incidents that may elude the grasp of automated systems.
  • threat ignorance - Threat ignorance is a concept used by security professionals to determine the level of vulnerability a company or user’s computer or system has to an attack.
  • threat intelligence (cyber threat intelligence) - Threat intelligence, also known as cyber threat intelligence (CTI), is organized, analyzed and refined information about current or potential attacks that could negatively affect an organization.
  • threat intelligence feed (TI feed) - A threat intelligence feed is an ongoing stream of data related to potential or current threats to an organization’s security.
  • threat intelligence service (TI service) - A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization.
  • tiger team - In the computer industry, a tiger team is a group of programmers or users who volunteer or are hired to expose errors or security holes in new software or to find out why a computer network's security is being broken.
  • token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
  • tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
  • topsite - A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.
  • Tor browser - The Tor (the onion routing) browser is a web browser designed for encrypted, anonymous web surfing and protection against traffic analysis.
  • Total Information Awareness (TIA) - Total Information Awareness (TIA) is the name of a massive U.
  • transitive trust - Transitive trust is a two-way relationship automatically created between parent and child domains in a Microsoft Active Directory forest.
  • Transport Layer Security (TLS) - Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications.
  • triage - Triage is the procedure of assigning levels of priority to tasks or individuals to determine the most effective order in which to deal with them.
  • trigraph - A trigraph is a three-character replacement for a special or nonstandard character in a text file.
  • troubleshooting - Troubleshooting is a systematic approach to problem solving that is often used to find and correct issues with complex machines, electronics, computers and software systems.
  • TrueCrypt - TrueCrypt is a cross-platform open source program for file and full disk encryption (FDE).
  • Trusted Cloud Initiative - The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and practices.
  • trusted computing - Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications.
  • trusted computing base (TCB) - The trusted computing base (TCB) is everything in a computing system that provides a secure environment.
  • Trusted Computing Group (TCG) - The Trusted Computing Group (TCG) is a not-for-profit organization that was formed in 2003 to define, develop and promote security specifications for computers and networks.
  • Trusted Platform Module (TPM) - A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication.
  • Turtle Firewall - Turtle Firewall is an open source firewall program written in Perl that supports Linux Kernels 2.
  • two-factor authentication (2FA) - Two-factor authentication (2FA) is a verification process in which the user provides two different authentication factors to prove their identity.
  • Twofish - Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.
  • UK Government Connect Secure Extranet (GCSX) - The UK Government Connect Secure Extranet (GCSX) is a secure WAN that allows officials at local public-sector organisations to interact and share data privately and securely with central government departments.
  • unified endpoint management (UEM) - Unified endpoint management (UEM) is an approach to securing and controlling desktop computers, laptops, smartphones and tablets in a connected, cohesive manner from a single console.
  • unified threat management (UTM) - A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.
  • URL poisoning (location poisoning) - URL poisoning, also known as location poisoning, is a method of tracking Web user behavior by adding an identification (ID) number to the page address (Uniform Resource Locator) line of the Web browser when a user visits a particular site.
  • user account provisioning - User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system.
  • user profile - In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.
  • van Eck phreaking - Van Eck phreaking is a form of electronic eavesdropping that reverse engineers the electromagnetic fields (EM fields) produced by a computing device.
  • Verizon Data Breach Investigations Report (DBIR) - The Verizon Data Breach Investigations Report (DBIR) is an annual publication that provides data from and analysis of information security incidents, with a specific focus on data breaches.
  • Verizon VERIS (Vocabulary for Event Recording and Incident Sharing) Framework - The VERIS (Vocabulary for Event Recording and Incident Sharing) Framework is a taxonomy that standardizes how security incidents are described and categorized.
  • virtual browser - A virtual browser is a browser that is logically isolated from the underlying computer's operating system (OS).
  • virtual firewall - A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.
  • virtual honeypot - A virtual honeypot is software that emulates a vulnerable system or network to attract intruders and study their behavior.
  • virtual machine escape - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.
  • virtual NAS - Virtual NAS is a virtual machine (VM) that acts as a file server for network-attached storage (NAS).
  • virtualization-based security (VBS) - Virtualization-based security (VBS) is technology that abstracts computer processes from the underlying operating system and, in some cases, hardware.
  • virus (computer virus) - A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works.
  • virus hoax - A virus hoax is a false warning about a computer virus.
  • VLAN hopping (virtual local area network hopping) - VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.
  • VMware Horizon Application Manager - VMware Horizon Application Manager, also known as Horizon App Manager, is an enterprise service for managing access to software.
  • VMware Identity Manager - VMware Identity Manager is an Identity as a Service (IDaaS) offering that provides single sign-on (SSO) capabilities and user-based controls for web, cloud and mobile applications.
  • voice logger - A voice logger is a device or program used to record audio information from telephones, radios, microphones and other sources for storage on a computer's hard drive or removable media.
  • voiceprint - A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.
  • vomit - Vomit (spelled all lower-case) is a Unix software utility that takes IP telephony packets captured by another Unix tool, tcpdump, and reassembles them into a Wave file that can be listened to over a computer's speakers.
  • VUCA (volatility, uncertainty, complexity and ambiguity) - VUCA is an acronym that stands for volatility, uncertainty, complexity and ambiguity, a combination of qualities that, taken together, characterize the nature of some difficult conditions and situations.
  • vulnerability (information technology) - A vulnerability, in information technology (IT), is a flaw in code or design that creates a potential point of security compromise for an endpoint or network.
  • vulnerability and patch management - Vulnerability management is a pro-active approach to managing network security.
  • vulnerability assessment (vulnerability analysis) - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.
  • vulnerability disclosure - Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.
  • vulnerability management - Vulnerability management is a pro-active approach to managing network security through reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.
  • vulnerability management planning - Vulnerability management planning is a comprehensive approach to the development of a continuous and repetitive system of practices and processes designed to identify, analyze and address flaws in hardware or software that could serve as attack vectors.
  • vulnerability scanner - A vulnerability scanner is a program that performs the diagnostic phase of a vulnerability analysis, also known as vulnerability assessment.
  • WannaCry ransomware - The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system.
  • war dialer - A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.
  • war driving (access point mapping) - War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere.
  • Web filter - A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.
  • web server security - Web server security is the protection of information assets that can be accessed from a Web server.
  • Web Services Trust Language (WS-Trust) - Web Services Trust Language (WS-Trust) is a specification that uses the secure messaging mechanisms of WS-Security to facilitate trust relationships in diverse Web service environments.
  • What is BCDR? Business continuity and disaster recovery guide - Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
  • What is cybersecurity? Everything you need to know - Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.
  • What is identity and access management? Guide to IAM - Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.
  • white hat - A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
  • Wi-Fi (802.11x standard) - Wi-Fi is the popular term for high-frequency wireless local area network (WLAN) technology and a standard that has gained acceptance in many companies as an alternative to a wired LAN.
  • Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for users of computing devices equipped with wireless internet connections, or Wi-Fi.
  • wide-area file services (WAFS) - Wide-area file services (WAFS) is a storage technology that makes it possible to access a remote data center as though it were local.
  • Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
  • WikiScanner - WikiScanner is a free, Web-based database application that tracks the source IP addresses of computers used to edit anonymous Wikipedia entries.
  • wildcard certificate - A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.
  • Wingate - Wingate is a product that allows people on a small home network or a larger business network to share and control access to the Internet through a single computer connection.
  • Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
  • Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is the security level for Wireless Application Protocol (WAP) applications.
  • Wireshark - Wireshark is an open source tool for analyzing packets and profiling network traffic.
  • X.509 certificate - An X.509 certificate is a digital certificate that uses the widely accepted international X.
  • zero-day exploit - A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.
  • zombie computer (zombie bot) - A zombie (also known as a bot) is a computer that a remote attacker has accessed and set up to forward transmissions (including spam and viruses) to other computers on the Internet.
  • zoo - A zoo is a collection of viruses and worms that exist only in virus and anti-virus labs.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close