Browse Definitions :

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

CIP - EAV

  • cipher - In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.
  • cipher block chaining (CBC) - Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block).
  • ciphertext - Ciphertext is encrypted text transformed from plaintext using an encryption algorithm.
  • ciphertext feedback (CFB) - Ciphertext feedback (CFB) is a mode of operation for a block cipher.
  • CISP-PCI (Cardholder Information Security Program - Payment Card Industry Data Security Standard) - CISP (Cardholder Information Security Program) and PCI (Payment Card Industry Data Security Standard) are specifications developed and used by credit card companies for the purpose of ensuring and enhancing the privacy and security of financial data.
  • Class C2 - Class C2 is a security rating established by the U.
  • clickjacking (user-interface or UI redressing and IFRAME overlay) - Clickjacking (also known as user-interface or UI redressing and IFRAME overlay) is an exploit in which malicious coding is hidden beneath apparently legitimate buttons or other clickable content on a website.
  • clipboard hijack attack - A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.
  • cloud cartography - Cloud cartography is a scheme for pinpointing the physical locations of Web servers hosted on a third-party cloud computing service.
  • CloudAV - CloudAV is a program that combines multiple antivirus applications and scans user files over a network of servers.
  • COBIT - COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.
  • cocooning - Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.
  • cognitive hacking - Cognitive hacking is a cyberattack that seeks to manipulate the perception of people by exploiting their psychological vulnerabilities.
  • cognitive security - Cognitive security is the application of AI technologies patterned on human thought processes to detect threats and protect physical and digital systems.
  • cold boot attack - A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.
  • COMINT (communications intelligence) - Communications intelligence (COMINT) is information gathered from the communications of individuals, including telephone conversations, text messages and various types of online interactions.
  • command injection - Command injection is the insertion of HTML code into dynamically generated output by a malevolent hacker (also known as a cracker) seeking unauthorized access to data or network resources.
  • command-and-control server (C&C server) - A command and control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware.
  • Common Vulnerabilities and Exposures (CVE) - Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.
  • Common Weakness Enumeration (CWE) - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Computer Security Incident Response Team (CSIRT) - A Computer Security Incident Response Team (CSIRT) is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity-related emergencies.
  • computer worm - A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality, integrity, and availability (CIA triad) - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
  • consumer privacy (customer privacy) - Consumer privacy, also known as customer privacy, involves the handling and protection of the sensitive personal information provided by customers in the course of everyday transactions.
  • Content Protection for Removable Media (CPRM) - Content Protection for Removable Media (CPRM) is a hardware-based technology designed to enforce copy protection restrictions through built-in mechanisms in storage media that would prevent unauthorized file copying.
  • cookie poisoning - On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.
  • corporate area network (CAN) - A corporate area network (CAN) is a separate, protected portion of a corporation's intranet.
  • counterintelligence - Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions.
  • covert redirect - Covert redirect is a security flaw that allows attackers to exploit an open redirect vulnerability.
  • cracker - A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.
  • CRAM (challenge-response authentication mechanism) - CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).
  • credential stuffing - Credential stuffing is the practice of using stolen login information from one account to gain access to accounts on a number of sites through automated login.
  • credential theft - Credential theft is a type of cybercrime that involves stealing the proof of identity of the victim, which can be either an individual or a business.
  • critical infrastructure security - Critical infrastructure security is the area of concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of a given nation, its economy, and the public’s health and/or safety.
  • cryptographic checksum - A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use, typically related to cryptographic communication or information technology.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes so that only those for whom the information is intended can read and process it.
  • cryptojacking - Cryptojacking is the surreptitious and unauthorized use of a computer for the resource and power-demanding requirements of cryptocurrency mining.
  • cryptology - Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptoperiod (key lifetime or a validity period) - A cryptoperiod (sometimes called a key lifetime or a validity period) is a specific time span during which a cryptographic key setting remains in effect.
  • CVSS (Common Vulnerability Scoring System) - The CVSS (Common Vulnerability Scoring System) rates the severity of software vulnerabilities so organizations are able to prioritize mitigation.
  • cyber attribution - Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.
  • Cyber Intelligence Sharing and Protection Act of 2011 (CISPA) - The Cyber Intelligence Sharing and Protection Act (CISPA) of 2011 is a proposed United States federal law that would allow for the sharing of Web data between the government and technology companies.
  • cyber resilience - Cyber resilience is a concept that refers to the security that goes beyond defense and prevention to focus on response and resilience in moments of crisis.
  • Cyber Storm - Cyber Storm is the name of a simulated attack exercise conducted by the U.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • cyberheist - A cyberheist is the online version of the classic bank heist, in which a criminal or criminals hold up or break into a bank to get away with a large sum of money quickly.
  • cybersecurity insurance (cybersecurity liability insurance) - Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.
  • cyberwarfare - Cyberwarfare is computer- or network-based conflict involving politically motivated attacks by a nation-state on another nation-state.
  • daisy chain - A daisy chain is an interconnection of computer devices, peripherals, or network nodes in series, one after another.
  • DAT USB drive - A DAT USB drive is a tape drive with digital audio tape (DAT) that can be plugged into a Universal Serial Bus (USB) connection as a simple and relatively low-cost way to back up data routinely, especially on servers.
  • data availability - Data availability is a term used by some computer storage manufacturers and storage service providers (SSPs) to describe products and services that ensure that data continues to be available at a required level of performance in situations ranging from normal through "disastrous.
  • data breach - A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion.
  • data breach response plan - A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur.
  • Data Encryption Standard (DES) - The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.
  • data encryption/decryption IC - A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data key - In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas call for.
  • Data Security Council of India (DSCI) - The Data Security Council of India (DSCI) is a not-for-profit organization created to promote the country as a secure destination for information technology (IT) outsourcing.
  • data splitting - Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • deception technology - Deception technology is a class of security tools and techniques designed to prevent an attacker who has already entered the network from doing damage.
  • decipher - All three terms - decipher, decrypt, and decode - mean to convert ciphertext into the original, unencrypted plaintext.
  • defense in depth - Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise.
  • Defense Message System (DMS) - The Defense Message System (DMS) is a secure X.
  • deniable encryption - Deniable encryption is a type of cryptography that allows an encrypted text to be decrypted in two or more ways, depending on which decryption key is used.
  • deperimeterization - In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.
  • depository - A depository is a file or set of files in which data is stored for the purpose of safekeeping or identity authentication.
  • device attack - A device attack is an exploit in which the attacker takes advantage of a vulnerable device to gain network access.
  • DevSecOps - SecOps is a management approach that connects security and operations teams, similar to how DevOps unifies software developers and operations professionals.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password.
  • differential power analysis (DPA) - A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digest authentication - Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller.
  • digital footprint - A digital footprint, sometimes called a digital dossier, is the body of data that exists as a result of actions and communications online that can in some way be traced back to an individual.
  • digital profiling - Digital profiling is the process of gathering and analyzing information about an individual that exists online.
  • Digital Signature Standard (DSS) - Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.
  • Digital Silhouettes - Digital Silhouettes is the trademarked name that Predictive Networks has given to user profiles that are established through gathered click stream data and artificial intelligence (AI) processes.
  • directory harvest attack (DHA) - A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.
  • directory traversal - Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident.
  • distributed denial of service (DDoS) attack - A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ (networking) - In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks -- usually the public internet.
  • DNS attack - A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system (DNS).
  • DNS rebinding attack - DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • DomainKeys - DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain.
  • dongle - A dongle (pronounced DONG-uhl) is a mechanism for ensuring that only authorized users can copy or use specific software applications, especially very expensive programs.
  • double blind test - Double blind test is an experiment where both the subject and observer are unaware that the exercise in practice is a test.
  • doxing - Doxing is the act of gathering information about a target individual or organization and making it public.
  • doxware (extortionware) - Doxware, also known as extortionware, is an exploit in which the attacker accesses the target's sensitive data and threatens to publish it if the victim does not meet his demands.
  • drive-by pharming - Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data.
  • drive-by spamming - Drive-by spamming is a variation of drive-by hacking in which the perpetrators gain access to a vulnerable wireless local area network (WLAN) and use that access to send huge volumes of spam.
  • DSO exploit (data source object exploit) - A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.
  • dumb network - A dumb network is one that provides the physical interconnection between nodes but not much processing to support signaling.
  • Duqu (W32.Duqu) - Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.
  • dynamic packet filter - A dynamic packet filter is a firewall facility that can monitor the state of active connections and use this information to determine which network packets to allow through the firewall.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close