Browse Definitions :

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

802 - COM

  • 802.11x - 802.11x refers to a group of evolving wireless local area network (WLAN) standards that are under development as elements of the IEEE 802.
  • AAA server (authentication, authorization, and accounting) - An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.
  • ACF2 or CA-ACF2 (Access Control Facility) - ACF2 (more formally, CA-ACF2; the ACF stands for Access Control Facility) is a set of programs from Computer Associates that enable security on mainframes.
  • acoustical infection - Acoustic infection is a type of malware that uses a compromised computer’s sound card and speakers to send data using a covert ultrasonic acoustical mesh network.
  • active attack - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
  • active defense - An active defense is the use of offensive actions to outmaneuver an adversary and make an attack more difficult and to carry out.
  • active man-in-the-middle attack (MitM) - Active man-in-the-middle (MitM) is an attack method that allows an intruder to access sensitive information by intercepting and altering communications between the user of a public network and a requested website.
  • active reconnaissance - Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather information about vulnerabilities.
  • ad fraud botnet - An ad fraud botnet is a distributed network of computers controlled by a botmaster to defraud advertisers.
  • adaptive security - Adaptive security is an approach to safeguarding systems and data by recognizing threat-related behaviors rather than the files and code used by virus definitions.
  • address space layout randomization (ASLR) - Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.
  • advanced evasion technique (AET) - An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system.
  • advanced persistent threat (APT) - An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period of time.
  • air gapping (air gap attack) - Air gapping is a security measure that involves physically isolating a computer or network and preventing it from establishing an external connection.
  • Alice and Bob - Alice and Bob are commonly-used names for participants in security scenarios that involve cryptography.
  • alternate data stream (ADS) - An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.
  • Anna Kournikova virus VBS.SST - The Anna Kournikova VBS.
  • Anonymous - Anonymous is a loosely organized hacktivist collective created to promote free speech, unimpeded access to information, and transparency in government and corporate activities.
  • anti-money laundering software (AML) - Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions.
  • antispoofing - Antispoofing is a technique for countering spoofing attacks on a computer network.
  • antivirus software (antivirus program) - Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.
  • application blacklisting - Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.
  • application whitelisting - Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.
  • asymmetric cyber attack - An asymmetric cyber attack refers to cyberwarfare that inflicts a proportionally large amount of damage compared to the resources used by targeting the victim's most vulnerable security measure.
  • ATM black box attack - An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.
  • ATM jackpotting - ATM jackpotting is the exploitation of physical and software vulnerabilities in automated banking machines that result in the machines dispensing cash.
  • attack surface - An attack surface is defined as the total number of all possible entry points for unauthorized access into any system.
  • attack surface analysis - An organization's attack surface includes all the exploitable vulnerabilities in its hardware, software, connections and even its employees, in the form of social engineering.
  • attack vector - An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.
  • authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it says it is.
  • authentication ticket or ticket-granting ticket (TGT) - An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process.
  • authentication, authorization, and accounting (AAA) - Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
  • authorization - Authorization is the process of giving someone permission to do or have something.
  • Automated Clearing House fraud (ACH fraud) - ACH fraud is the theft of funds through the Automated Clearing House financial transaction network.
  • Automated Fingerprint Identification System (AFIS) - The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.
  • backdoor (computing) - A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.
  • backscatter spam - Backscatter spam, also called misdirected bounce spam or NDR spam, is a strategy for sending unsolicited email messages that takes advantage of the fact that certain types of mail transfer agent (MTA) programs return the entire message to the sender when a recipient's email address is invalid.
  • BadBIOS - BadBIOS is a BIOS-level Trojan that can affect Windows, Macintosh, Linux and BSD systems.
  • Bayesian filter - A Bayesian filter is a program that uses Bayesian logic, also called Bayesian analysis, to evaluate the header and content of an incoming e-mail message and determine the probability that it constitutes spam.
  • behavior blacklisting - Behavior blacklisting is a security method based on detecting specified suspicious actions on the part of software or human agents and blocking access accordingly.
  • behavior whitelisting - Behavior whitelisting is a security method in which permissable actions within a given system are specified and all others are blocked.
  • biometric payment - Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.
  • biometric verification - Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.
  • biometrics - Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.
  • BIOS attack - A BIOS attack is an exploit that infects the BIOS with malicious code and is persistent through reboots and attempts to reflash the firmware.
  • BIOS rootkit - A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration.
  • BIOS rootkit attack - A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code.
  • BitLocker - BitLocker is an operating system-level extension to Vista that combines on-disk encryption and special key management techniques.
  • black hat hacker - A black hat hacker has been historically used to describe one who has malicious intent -- such as theft of information, fraud or disrupting systems -- but increasingly, more specific terms are being used to describe those people.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.
  • block cipher - A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.
  • blockchain economy - The blockchain economy is a scenario and potential future environment in which the technology replaces current monetary systems, potentially on a global basis.
  • Blowfish - Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.
  • blue pill rootkit - The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources.
  • BlueKeep (CVE-2019-0708) - BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.
  • bluesnarfing - Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
  • boot sector virus - A boot sector virus is malware that infects the computer storage sector where startup files are found.
  • bot herder - A bot herder is a hacker that seeks out vulnerable computers and infects them so that they can be controlled as a botnet.
  • bot worm - A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers.
  • botnet - A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner.
  • botnet sinkhole - A botnet sinkhole is a target machine used by researchers to gather information about a particular botnet.
  • botnet topology - A botnet topology is the network structure by which botnet interconnections are organized.
  • browser hijacker (browser hijacking) - A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.
  • brushing scam - A brushing scam is an exploit in which a vendor ships a package to an unwitting receiver who hadn’t ordered it and then submits positive reviews that are supposedly from the verified owner.
  • brute-force attack - A brute-force attack is a trial-and-error method used by application programs to decode login information and encryption keys to use them to gain unauthorized access to systems.
  • buffer overflow - A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold.
  • buffer underflow - Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the temporary holding space during information transfer, the buffer, is fed at a lower rate than it is being read from.
  • bug bounty program - A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for finding errors in software.
  • Bugbear - Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers.
  • burner phone - A burner is an inexpensive mobile phone that is designed for temporary use, after which it may be discarded.
  • business email compromise (BEC, man-in-the-email attack) - A business email compromise (BEC) is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity in order to commit fraud .
  • business logic attack - A business logic attack is an exploit that takes advantage of a flaw in programming managing the exchange of information between a user interface and the application's supporting database.
  • cache poisoning - Cache poisoning is a type of cyber attack in which attackers insert fake information into a domain name system (DNS) cache or web cache for the purpose of harming users.
  • can you hear me? (telephone voice signature scam) - "Can you hear me?" is a telephone scam in which a perpetrator creates an audio recording of the victim saying the word "yes" by asking a question that will most likely be answered affirmatively.
  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) - A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs.
  • car hacking - Car hacking is the manipulation of the code in a car's electronic control unit (ECU) to exploit a vulnerability and gain control of other ECU units in the vehicle.
  • card skimming - Card skimming is the theft of credit and debit card data and PIN numbers when the user is at an automated teller machine (ATM) or point of sale (POS).
  • card verification value (CVV) - Card verification value (CVV) is a combination of features used in credit, debit and automated teller machine (ATM) cards for the purpose of establishing the owner's identity and minimizing the risk of fraud.
  • card-not-present fraud (card-not-present transaction) - Card-not-present (CNP) fraud is the unauthorized use of a payment card to conduct a card-not-present transaction when the cardholder cannot or does not physically present the card at the time of the transaction.
  • certificate authority (CA) - A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates.
  • certificate revocation list (CRL) - A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their actual or assigned expiration date.
  • certification - In information technology as in other fields such as teaching, accounting, and acupuncture, certification is a formal process of making certain that an individual is qualified in terms of particular knowledge or skills.
  • Certified Information Systems Security Professional (CISSP) - Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².
  • chaos engineering - Chaos engineering is the process of testing a distributed computing system to ensure that it can withstand unexpected disruptions.
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • cipher - In cryptography, a cipher is an algorithm for encrypting and decrypting data.
  • cipher block chaining (CBC) - Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.
  • ciphertext - Ciphertext is encrypted text transformed from plaintext using an encryption algorithm.
  • ciphertext feedback (CFB) - Ciphertext feedback (CFB) is a mode of operation for a block cipher.
  • Class C2 - Class C2 is a security rating established by the U.
  • clickjacking (user-interface or UI redressing and IFRAME overlay) - Clickjacking (also known as user-interface or UI redressing and IFRAME overlay) is an exploit in which malicious coding is hidden beneath apparently legitimate buttons or other clickable content on a website.
  • clipboard hijack attack - A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.
  • cloud cartography - Cloud cartography is a scheme for pinpointing the physical locations of Web servers hosted on a third-party cloud computing service.
  • cloud security - Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyberthreats and cyber attacks.
  • CloudAV - CloudAV is a program that combines multiple antivirus applications and scans user files over a network of servers.
  • COBIT - COBIT is an IT governance framework for businesses wanting to implement, monitor and improve IT management best practices.
  • cognitive hacking - Cognitive hacking is a cyberattack that seeks to manipulate the perception of people by exploiting their psychological vulnerabilities.
  • cognitive security - Cognitive security is the application of AI technologies patterned on human thought processes to detect threats and protect physical and digital systems.
  • cold boot attack - A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.
COM - FIR
Back to Top
SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Melissa virus

    Melissa was a type of email virus that initially become an issue in early 1999.

  • biometric payment

    Biometric payment is a point-of-sale (POS) technology that uses biometric authentication physical characteristics to identify the...

  • Twofish

    Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • hard disk drive (HDD)

    A computer hard disk drive (HDD) is a non-volatile data storage device.

  • Remote Direct Memory Access (RDMA)

    Remote Direct Memory Access (RDMA) is a technology that enables two networked computers to exchange data in main memory without ...

  • storage (computer storage)

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

Close