Browse Definitions :

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

THR - ZOO

  • threat actor - A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security.
  • threat hunter (cybersecurity threat analyst) - A threat hunter, also called a cybersecurity threat analyst, is a security professional or managed service provider (MSP) that proactively uses manual or machine-assisted techniques to detect security incidents that may elude the grasp of automated systems.
  • threat ignorance - Threat ignorance is a concept used by security professionals to determine the level of vulnerability a company or user’s computer or system has to an attack.
  • threat intelligence (cyber threat intelligence) - Threat intelligence, also known as cyber threat intelligence (CTI), is organized, analyzed and refined information about current or potential attacks that could negatively affect an organization.
  • threat intelligence feed (TI feed) - A threat intelligence feed is an ongoing stream of data related to potential or current threats to an organization’s security.
  • threat intelligence service (TI service) - A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization.
  • tiger team - In the computer industry, a tiger team is a group of programmers or users who volunteer or are hired to expose errors or security holes in new software or to find out why a computer network's security is being broken.
  • token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
  • tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
  • topsite - A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.
  • Tor browser - The Tor (the onion routing) browser is a web browser designed for encrypted, anonymous web surfing and protection against traffic analysis.
  • Total Information Awareness (TIA) - Total Information Awareness (TIA) is the name of a massive U.
  • transitive trust - Transitive trust is a two-way relationship automatically created between parent and child domains in a Microsoft Active Directory forest.
  • Transport Layer Security (TLS) - Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications.
  • triage - Triage is the procedure of assigning levels of priority to tasks or individuals to determine the most effective order in which to deal with them.
  • trigraph - A trigraph is a three-character replacement for a special or nonstandard character in a text file.
  • troubleshooting - Troubleshooting is a systematic approach to problem solving that is often used to find and correct issues with complex machines, electronics, computers and software systems.
  • TrueCrypt - TrueCrypt is a cross-platform open source program for file and full disk encryption (FDE).
  • Trusted Cloud Initiative - The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and practices.
  • trusted computing - Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications.
  • trusted computing base (TCB) - The trusted computing base (TCB) is everything in a computing system that provides a secure environment.
  • Trusted Computing Group (TCG) - The Trusted Computing Group (TCG) is a not-for-profit organization that was formed in 2003 to define, develop and promote security specifications for computers and networks.
  • Trusted Platform Module (TPM) - A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication.
  • Turtle Firewall - Turtle Firewall is an open source firewall program written in Perl that supports Linux Kernels 2.
  • two-factor authentication (2FA) - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
  • Twofish - Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.
  • UK Government Connect Secure Extranet (GCSX) - The UK Government Connect Secure Extranet (GCSX) is a secure WAN that allows officials at local public-sector organisations to interact and share data privately and securely with central government departments.
  • unified endpoint management (UEM) - Unified endpoint management (UEM) is an approach to securing and controlling desktop computers, laptops, smartphones and tablets in a connected, cohesive manner from a single console.
  • unified threat management (UTM) - A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.
  • URL poisoning (location poisoning) - URL poisoning, also known as location poisoning, is a method of tracking Web user behavior by adding an identification (ID) number to the page address (Uniform Resource Locator) line of the Web browser when a user visits a particular site.
  • user account provisioning - User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system.
  • user profile - In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.
  • van Eck phreaking - Van Eck phreaking is a form of electronic eavesdropping that reverse engineers the electromagnetic fields (EM fields) produced by a computing device.
  • Verizon Data Breach Investigations Report (DBIR) - The Verizon Data Breach Investigations Report (DBIR) is an annual publication that provides data from and analysis of information security incidents, with a specific focus on data breaches.
  • Verizon VERIS (Vocabulary for Event Recording and Incident Sharing) Framework - The VERIS (Vocabulary for Event Recording and Incident Sharing) Framework is a taxonomy that standardizes how security incidents are described and categorized.
  • virtual browser - A virtual browser is a browser that is logically isolated from the underlying computer's operating system (OS).
  • virtual firewall - A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.
  • virtual honeypot - A virtual honeypot is software that emulates a vulnerable system or network to attract intruders and study their behavior.
  • virtual machine escape - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.
  • virtual NAS - Virtual NAS is a virtual machine (VM) that acts as a file server for network-attached storage (NAS).
  • virtualization-based security (VBS) - Virtualization-based security (VBS) is technology that abstracts computer processes from the underlying operating system and, in some cases, hardware.
  • virus (computer virus) - A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works.
  • virus hoax - A virus hoax is a false warning about a computer virus.
  • VLAN hopping (virtual local area network hopping) - VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.
  • VMware Horizon Application Manager - VMware Horizon Application Manager, also known as Horizon App Manager, is an enterprise service for managing access to software.
  • VMware Identity Manager - VMware Identity Manager is an Identity as a Service (IDaaS) offering that provides single sign-on (SSO) capabilities and user-based controls for web, cloud and mobile applications.
  • voice logger - A voice logger is a device or program used to record audio information from telephones, radios, microphones and other sources for storage on a computer's hard drive or removable media.
  • voiceprint - A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.
  • vomit - Vomit (spelled all lower-case) is a Unix software utility that takes IP telephony packets captured by another Unix tool, tcpdump, and reassembles them into a Wave file that can be listened to over a computer's speakers.
  • VUCA (volatility, uncertainty, complexity and ambiguity) - VUCA is an acronym that stands for volatility, uncertainty, complexity and ambiguity, a combination of qualities that, taken together, characterize the nature of some difficult conditions and situations.
  • vulnerability (information technology) - A vulnerability, in information technology (IT), is a flaw in code or design that creates a potential point of security compromise for an endpoint or network.
  • vulnerability and patch management - Vulnerability management is a pro-active approach to managing network security.
  • vulnerability assessment (vulnerability analysis) - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary knowledge, awareness and risk background to understand the threats to its environment and react appropriately.
  • vulnerability disclosure - Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.
  • vulnerability management - Vulnerability management is a pro-active approach to managing network security through reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.
  • vulnerability management planning - Vulnerability management planning is a comprehensive approach to the development of a continuous and repetitive system of practices and processes designed to identify, analyze and address flaws in hardware or software that could serve as attack vectors.
  • vulnerability scanner - A vulnerability scanner is a program that performs the diagnostic phase of a vulnerability analysis, also known as vulnerability assessment.
  • WannaCry ransomware - The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system.
  • war dialer - A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.
  • war driving (access point mapping) - War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere.
  • Web filter - A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.
  • web server security - Web server security is the protection of information assets that can be accessed from a Web server.
  • Web Services Trust Language (WS-Trust) - Web Services Trust Language (WS-Trust) is a specification that uses the secure messaging mechanisms of WS-Security to facilitate trust relationships in diverse Web service environments.
  • What is BCDR? Business continuity and disaster recovery guide - Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
  • What is cybersecurity? Everything you need to know - Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.
  • white hat - A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
  • Wi-Fi (802.11x standard) - Wi-Fi is the popular term for high-frequency wireless local area network (WLAN) technology and a standard that has gained acceptance in many companies as an alternative to a wired LAN.
  • Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for users of computing devices equipped with wireless internet connections, or Wi-Fi.
  • wide-area file services (WAFS) - Wide-area file services (WAFS) is a storage technology that makes it possible to access a remote data center as though it were local.
  • Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
  • WikiScanner - WikiScanner is a free, Web-based database application that tracks the source IP addresses of computers used to edit anonymous Wikipedia entries.
  • wildcard certificate - A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.
  • Wingate - Wingate is a product that allows people on a small home network or a larger business network to share and control access to the Internet through a single computer connection.
  • Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
  • Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is the security level for Wireless Application Protocol (WAP) applications.
  • Wireshark - Wireshark is an open source tool for analyzing packets and profiling network traffic.
  • X.509 certificate - An X.509 certificate is a digital certificate that uses the widely accepted international X.
  • zero-day exploit - A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.
  • zombie computer (zombie bot) - A zombie (also known as a bot) is a computer that a remote attacker has accessed and set up to forward transmissions (including spam and viruses) to other computers on the Internet.
  • zoo - A zoo is a collection of viruses and worms that exist only in virus and anti-virus labs.

-ADS BY GOOGLE

SearchCompliance

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance framework

    A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with...

SearchSecurity

  • Trojan horse (computing)

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, ...

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable ...

  • DNS over HTTPS (DoH)

    DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a ...

SearchHealthIT

  • telemedicine (telehealth)

    Telemedicine is the remote delivery of healthcare services, such as health assessments or consultations, over the ...

  • Project Nightingale

    Project Nightingale is a controversial partnership between Google and Ascension, the second largest health system in the United ...

  • medical practice management (MPM) software

    Medical practice management (MPM) software is a collection of computerized services used by healthcare professionals and ...

SearchDisasterRecovery

SearchStorage

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification and is used in internally mounted ...

  • kilobyte (KB or Kbyte)

    A kilobyte (KB or Kbyte) is a unit of measurement for computer memory or data storage used by mathematics and computer science ...

  • virtual memory

    Virtual memory is a memory management capability of an operating system (OS) that uses hardware and software to allow a computer ...

Close