Technical Glossary
A
- Access Control: Mechanisms or policies that restrict access to information systems and data to authorized users only.
- ACL (Access Control List): A list of permissions specifying which users or systems can access an object and what operations they can perform.
- AI (Artificial Intelligence): The simulation of human intelligence in machines that can learn, reason, and make decisions.
- API (Application Programming Interface): A set of tools and protocols that allow different software applications to communicate.
- APT (Advanced Persistent Threat): A prolonged and targeted cyberattack where an intruder gains and maintains unauthorized access to a network.
- Application Control: A security practice that restricts unauthorized applications from executing on a device or network, allowing only approved software.
B
- Backup: Creating a copy of data to restore in case of data loss or system failure.
- Blockchain: A decentralized digital ledger used to record transactions securely and transparently.
- Botnet: A network of infected devices controlled by a malicious actor to perform coordinated attacks.
- BYOD (Bring Your Own Device): A policy allowing employees to use personal devices for work-related tasks.
C
- CIA Triad: The core principles of cybersecurity: Confidentiality, Integrity, and Availability.
- Cloud Computing: The delivery of computing services, such as storage, servers, and applications, over the internet.
- Cloud Native: Applications designed to run optimally in cloud environments using technologies like containers and microservices.
- CISO (Chief Information Security Officer): A senior executive responsible for an organization's information security.
- Compliance: Adherence to laws, regulations, and standards like HIPAA, GDPR, PCI DSS, or GLBA.
- Containerization: A method of packaging applications and their dependencies into isolated units for consistent deployment.
- CSF (Cybersecurity Framework): A guideline developed by NIST for managing and improving cybersecurity practices.
- CUI (Controlled Unclassified Information): Is information created or possessed by the government or other entities (e.g., contractors, universities, other designated partners) on behalf of the Federal Government, that is defined as sensitive within the CUI Registry and DOI policy.
D
- Data Encryption: The process of converting data into a coded format to prevent unauthorized access.
- Database: An organized collection of data stored electronically for easy access and management.
- DevOps: A collaborative approach combining development and operations teams to streamline software delivery.
- DDoS (Distributed Denial of Service): An attack where multiple systems flood a targeted resource, rendering it unavailable.
- Disaster Recovery: A strategy to restore IT systems and data after a catastrophic event.
E
- EDR (Endpoint Detection and Response): A security solution that monitors and detects threats on endpoints and provides tools for investigation and remediation.
- Elasticity: The ability of cloud systems to scale resources up or down dynamically based on demand.
- Endpoint: Any device connected to a network, such as laptops, smartphones, or IoT devices.
- Encryption: Encoding information to prevent unauthorized access.
- Exploit: A piece of software or code that takes advantage of vulnerabilities in a system.
F
- Firewall: A security device or software that monitors and controls incoming and outgoing network traffic.
- Forensics: The practice of analyzing digital systems and data to investigate security incidents.
- FTP (File Transfer Protocol): A standard network protocol for transferring files between systems.
G
- GRC (Governance, Risk Management, and Compliance): A framework aligning IT operations with business objectives, managing risks, and ensuring compliance.
- GDPR (General Data Protection Regulation): A European Union regulation governing data privacy and protection.
- GLBA (Gramm-Leach-Bliley Act): A U.S. law requiring financial institutions to protect the confidentiality and integrity of customer information.
H
- Hashing: A process of converting data into a fixed-length string to verify integrity without revealing the original data.
- HIPAA (Health Insurance Portability and Accountability Act): U.S. regulation to protect the privacy and security of healthcare data.
- Hybrid Cloud: A cloud environment combining private and public cloud features to optimize flexibility and scalability.
- Honeypot: A decoy system designed to lure and analyze cyber attackers.
I
- IAM (Identity and Access Management): A framework of tools and policies ensuring that only authorized users have access to the resources they need.
- IAAS (Infrastructure as a Service): A cloud computing model delivering virtualized computing resources over the internet.
- Incident Response: The process of identifying, managing, and mitigating cybersecurity incidents.
- IoT (Internet of Things): A network of interconnected devices that communicate and share data.
- ISO 27001: An international standard for managing information security.
J
- JWT (JSON Web Token): A compact, URL-safe token used for securely transmitting information between parties.
K
- Kubernetes: An open-source platform for managing containerized applications across multiple hosts.
- Keylogging: A malicious practice of recording keystrokes to capture sensitive information like passwords.
L
- Least Privilege: A principle of granting users only the access necessary to perform their jobs.
- Load Balancer: A tool that distributes network or application traffic across multiple servers to improve performance and reliability.
- Log Management: Collecting, storing, and analyzing logs to monitor system activity.
M
- MFA (Multi-Factor Authentication): A security method requiring multiple forms of verification to access a system.
- Malware: Malicious software, such as viruses, worms, or ransomware, designed to harm systems.
- Microservices: A design approach where an application is built as a collection of small, loosely coupled services.
N
- NIST (National Institute of Standards and Technology): A U.S. organization developing cybersecurity standards and guidelines.
- NIST CSF (Cybersecurity Framework): A guideline for managing and improving cybersecurity practices.
- Network Security: Practices and tools to protect the integrity and usability of a network and its data.
O
- On-Premises: Refers to IT systems and infrastructure that are physically located within an organization's facilities.
- OSINT (Open Source Intelligence): Information collected from publicly available sources for security or investigative purposes.
P
- PaaS (Platform as a Service): A cloud computing model that provides a platform for developers to build and deploy applications.
- Penetration Testing (Pen Testing): Simulated cyberattacks to identify vulnerabilities in a system.
- Phishing: A tactic used to trick individuals into revealing sensitive information through fraudulent communications.
- PCI DSS (Payment Card Industry Data Security Standard): A set of security standards for protecting payment card data.
Q
- Quarantine: Isolating infected files or systems to prevent further damage.
R
- Ransomware: Malware that encrypts a victim's data and demands payment for decryption.
- Risk Assessment: Identifying and evaluating risks to determine their impact on an organization.
- Rollback: Reverting a system or application to a previous state after a failed update or change.
S
- SAAS (Software as a Service): A cloud computing model where software is delivered over the internet on a subscription basis.
- SIEM (Security Information and Event Management): Tools that analyze security alerts and logs to detect potential threats.
- SOC (Security Operations Center): A centralized team responsible for monitoring and managing security incidents.
- SOX (Sarbanes-Oxley Act): U.S. regulation establishing requirements for financial reporting and data security.
T
- Threat Hunting: Proactively searching for cyber threats within a network.
- Two-Factor Authentication (2FA): A security measure requiring two forms of identification to access a system.
U
- UEBA (User and Entity Behavior Analytics): Monitoring user behaviors to detect anomalies and potential threats.
V
- VPN (Virtual Private Network): A tool encrypting internet traffic to secure communications.
- Vulnerability: A weakness in a system that can be exploited by an attacker.
W
- Whitelisting: Allowing only approved applications, users, or IP addresses to access a system.
- Worm: A type of malware that self-replicates and spreads across networks.
X
- XDR (Extended Detection and Response): A security solution integrating data from multiple sources to detect and respond to threats.
Y
- YAML (Yet Another Markup Language): A data serialization format often used for configuration files.
Z
- Zero-Day: A vulnerability that is exploited before it is known or patched.
- Zero Trust: A security model assuming no entity inside or outside a network is inherently trustworthy.