Browse Definitions :

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

802 - COM

  • 802.11x - 802.11x refers to a group of evolving wireless local area network (WLAN) standards that are under development as elements of the IEEE 802.
  • AAA server (authentication, authorization, and accounting) - An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.
  • ACF2 or CA-ACF2 (Access Control Facility) - ACF2 (more formally, CA-ACF2; the ACF stands for Access Control Facility) is a set of programs from Computer Associates that enable security on mainframes.
  • acoustical infection - Acoustic infection is a type of malware that uses a compromised computer’s sound card and speakers to send data using a covert ultrasonic acoustical mesh network.
  • active attack - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
  • active defense - An active defense is the use of offensive actions to outmaneuver an adversary and make an attack more difficult and to carry out.
  • active man-in-the-middle attack (MitM) - Active man-in-the-middle (MitM) is an attack method that allows an intruder to access sensitive information by intercepting and altering communications between the user of a public network and a requested website.
  • active reconnaissance - Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather information about vulnerabilities.
  • ad fraud botnet - An ad fraud botnet is a distributed network of computers controlled by a botmaster to defraud advertisers.
  • adaptive security - Adaptive security is an approach to safeguarding systems and data by recognizing threat-related behaviors rather than the files and code used by virus definitions.
  • address space layout randomization (ASLR) - Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.
  • advanced evasion technique (AET) - An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system.
  • advanced persistent threat (APT) - An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.
  • air gapping (air gap attack) - Air gapping is a security measure that involves physically isolating a computer or network and preventing it from establishing an external connection.
  • Alice and Bob - Alice and Bob are commonly-used names for participants in security scenarios that involve cryptography.
  • alternate data stream (ADS) - An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.
  • Anna Kournikova virus VBS.SST - The Anna Kournikova VBS.
  • Anonymous - Anonymous is a loosely organized hacktivist collective created to promote free speech, unimpeded access to information, and transparency in government and corporate activities.
  • anti-money laundering software (AML) - Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions.
  • antispoofing - Antispoofing is a technique for countering spoofing attacks on a computer network.
  • antivirus software (antivirus program) - Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.
  • application blacklisting - Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.
  • application whitelisting - Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.
  • asymmetric cyber attack - An asymmetric cyber attack refers to cyberwarfare that inflicts a proportionally large amount of damage compared to the resources used by targeting the victim's most vulnerable security measure.
  • ATM black box attack - An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.
  • ATM jackpotting - ATM jackpotting is the exploitation of physical and software vulnerabilities in automated banking machines that result in the machines dispensing cash.
  • attack surface analysis - An organization's attack surface includes all the exploitable vulnerabilities in its hardware, software, connections and even its employees, in the form of social engineering.
  • attack vector - An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.
  • authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.
  • authentication ticket or ticket-granting ticket (TGT) - An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process.
  • authentication, authorization, and accounting (AAA) - Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
  • authorization - Authorization is the process of giving someone permission to do or have something.
  • Automated Clearing House fraud (ACH fraud) - ACH fraud is the theft of funds through the Automated Clearing House financial transaction network.
  • backdoor (computing) - A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.
  • backscatter spam - Backscatter spam, also called misdirected bounce spam or NDR spam, is a strategy for sending unsolicited email messages that takes advantage of the fact that certain types of mail transfer agent (MTA) programs return the entire message to the sender when a recipient's email address is invalid.
  • BadBIOS - BadBIOS is a BIOS-level Trojan that can affect Windows, Macintosh, Linux and BSD systems.
  • Bayesian filter - A Bayesian filter is a program that uses Bayesian logic, also called Bayesian analysis, to evaluate the header and content of an incoming e-mail message and determine the probability that it constitutes spam.
  • beaming - In infrared transmission, beaming is the communication of data between wireless devices using a beam of infrared light.
  • behavior blacklisting - Behavior blacklisting is a security method based on detecting specified suspicious actions on the part of software or human agents and blocking access accordingly.
  • behavior whitelisting - Behavior whitelisting is a security method in which permissable actions within a given system are specified and all others are blocked.
  • biometric payment - Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.
  • BIOS attack - A BIOS attack is an exploit that infects the BIOS with malicious code and is persistent through reboots and attempts to reflash the firmware.
  • BIOS rootkit - A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration.
  • BIOS rootkit attack - A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code.
  • BitLocker - BitLocker is an operating system-level extension to Vista that combines on-disk encryption and special key management techniques.
  • black hat - Black hat refers to a hacker who breaks into a computer system or network with malicious intent.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.
  • block cipher - A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.
  • blockchain economy - The blockchain economy is a scenario and potential future environment in which the technology replaces current monetary systems, potentially on a global basis.
  • Blowfish - Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.
  • blue bomb (WinNuke) - A "blue bomb" (also known as "WinNuke") is a technique for causing the Windows operating system of someone you're communicating with to crash or suddenly terminate.
  • blue pill rootkit - The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources.
  • BlueKeep (CVE-2019-0708) - BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.
  • bluesnarfing - Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
  • boot sector virus - A boot sector virus is malware that infects the computer storage sector where startup files are found.
  • bot herder - A bot herder is a hacker that seeks out vulnerable computers and infects them so that they can be controlled as a botnet.
  • bot worm - A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers.
  • botnet - A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner.
  • botnet sinkhole - A botnet sinkhole is a target machine used by researchers to gather information about a particular botnet.
  • botnet topology - A botnet topology is the network structure by which botnet interconnections are organized.
  • browser hijacker (browser hijacking) - A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.
  • brushing scam - A brushing scam is an exploit in which a vendor ships a package to an unwitting receiver who hadn’t ordered it and then submits positive reviews that are supposedly from the verified owner.
  • brute force attack - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
  • buffer overflow - A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold.
  • buffer underflow - Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the temporary holding space during information transfer, the buffer, is fed at a lower rate than it is being read from.
  • bug bounty program - A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for finding errors in software.
  • Bugbear - Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers.
  • burner phone - A burner is an inexpensive mobile phone that is designed for temporary use, after which it may be discarded.
  • business email compromise (BEC, man-in-the-email attack) - A business email compromise (BEC) is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity in order to commit fraud .
  • business logic attack - A business logic attack is an exploit that takes advantage of a flaw in programming managing the exchange of information between a user interface and the application's supporting database.
  • cache poisoning (DNS poisoning, web cache poisoning) - Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.
  • can you hear me? (telephone voice signature scam) - "Can you hear me?" is a telephone scam in which a perpetrator creates an audio recording of the victim saying the word "yes" by asking a question that will most likely be answered affirmatively.
  • capacitive scanner - A capacitive scanner is a fingerscanning device that uses an array of capacitive proximity sensors, along with a microcomputer and associated electronic signal processing circuits, to create and store a digital image of a human fingerprint.
  • car hacking - Car hacking is the manipulation of the code in a car's electronic control unit (ECU) to exploit a vulnerability and gain control of other ECU units in the vehicle.
  • card skimming - Card skimming is the theft of credit and debit card data and PIN numbers when the user is at an automated teller machine (ATM) or point of sale (POS).
  • card verification value (CVV) - Card verification value (CVV) is a combination of features used in credit, debit and automated teller machine (ATM) cards for the purpose of establishing the owner's identity and minimizing the risk of fraud.
  • card-not-present fraud (card-not-present transaction) - Card-not-present (CNP) fraud is the unauthorized use of a payment card to conduct a card-not-present transaction when the cardholder cannot or does not physically present the card at the time of the transaction.
  • certificate authority (CA) - A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key.
  • Certificate Revocation List (CRL) - A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted.
  • certification - In information technology as in other fields such as teaching, accounting, and acupuncture, certification is a formal process of making certain that an individual is qualified in terms of particular knowledge or skills.
  • Certified Information Systems Security Professional (CISSP) - Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².
  • chaos engineering - Chaos engineering is the process of testing a distributed computing system to ensure that it can withstand unexpected disruptions.
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • cipher - In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.
  • cipher block chaining (CBC) - Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.
  • ciphertext - Ciphertext is encrypted text transformed from plaintext using an encryption algorithm.
  • ciphertext feedback (CFB) - Ciphertext feedback (CFB) is a mode of operation for a block cipher.
  • CISP-PCI (Cardholder Information Security Program - Payment Card Industry Data Security Standard) - CISP (Cardholder Information Security Program) and PCI (Payment Card Industry Data Security Standard) are specifications developed and used by credit card companies for the purpose of ensuring and enhancing the privacy and security of financial data.
  • Class C2 - Class C2 is a security rating established by the U.
  • clickjacking (user-interface or UI redressing and IFRAME overlay) - Clickjacking (also known as user-interface or UI redressing and IFRAME overlay) is an exploit in which malicious coding is hidden beneath apparently legitimate buttons or other clickable content on a website.
  • clipboard hijack attack - A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.
  • cloud cartography - Cloud cartography is a scheme for pinpointing the physical locations of Web servers hosted on a third-party cloud computing service.
  • cloud security - Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyberthreats and cyber attacks.
  • CloudAV - CloudAV is a program that combines multiple antivirus applications and scans user files over a network of servers.
  • COBIT - COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.
  • cognitive hacking - Cognitive hacking is a cyberattack that seeks to manipulate the perception of people by exploiting their psychological vulnerabilities.
  • cognitive security - Cognitive security is the application of AI technologies patterned on human thought processes to detect threats and protect physical and digital systems.
  • cold boot attack - A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.
SearchCompliance
  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud data management

    Cloud data management is a way to manage data across cloud platforms, either with or instead of on-premises storage.

Close