Technical Glossary

A

  • Access Control: Mechanisms or policies that restrict access to information systems and data to authorized users only.
  • ACL (Access Control List): A list of permissions specifying which users or systems can access an object and what operations they can perform.
  • AI (Artificial Intelligence): The simulation of human intelligence in machines that can learn, reason, and make decisions.
  • API (Application Programming Interface): A set of tools and protocols that allow different software applications to communicate.
  • APT (Advanced Persistent Threat): A prolonged and targeted cyberattack where an intruder gains and maintains unauthorized access to a network.
  • Application Control: A security practice that restricts unauthorized applications from executing on a device or network, allowing only approved software.

B

  • Backup: Creating a copy of data to restore in case of data loss or system failure.
  • Blockchain: A decentralized digital ledger used to record transactions securely and transparently.
  • Botnet: A network of infected devices controlled by a malicious actor to perform coordinated attacks.
  • BYOD (Bring Your Own Device): A policy allowing employees to use personal devices for work-related tasks.

C

  • CIA Triad: The core principles of cybersecurity: Confidentiality, Integrity, and Availability.
  • Cloud Computing: The delivery of computing services, such as storage, servers, and applications, over the internet.
  • Cloud Native: Applications designed to run optimally in cloud environments using technologies like containers and microservices.
  • CISO (Chief Information Security Officer): A senior executive responsible for an organization's information security.
  • Compliance: Adherence to laws, regulations, and standards like HIPAA, GDPR, PCI DSS, or GLBA.
  • Containerization: A method of packaging applications and their dependencies into isolated units for consistent deployment.
  • CSF (Cybersecurity Framework): A guideline developed by NIST for managing and improving cybersecurity practices.

D

  • Data Encryption: The process of converting data into a coded format to prevent unauthorized access.
  • Database: An organized collection of data stored electronically for easy access and management.
  • DevOps: A collaborative approach combining development and operations teams to streamline software delivery.
  • DDoS (Distributed Denial of Service): An attack where multiple systems flood a targeted resource, rendering it unavailable.
  • Disaster Recovery: A strategy to restore IT systems and data after a catastrophic event.

E

  • EDR (Endpoint Detection and Response): A security solution that monitors and detects threats on endpoints and provides tools for investigation and remediation.
  • Elasticity: The ability of cloud systems to scale resources up or down dynamically based on demand.
  • Endpoint: Any device connected to a network, such as laptops, smartphones, or IoT devices.
  • Encryption: Encoding information to prevent unauthorized access.
  • Exploit: A piece of software or code that takes advantage of vulnerabilities in a system.

F

  • Firewall: A security device or software that monitors and controls incoming and outgoing network traffic.
  • Forensics: The practice of analyzing digital systems and data to investigate security incidents.
  • FTP (File Transfer Protocol): A standard network protocol for transferring files between systems.

G

  • GRC (Governance, Risk Management, and Compliance): A framework aligning IT operations with business objectives, managing risks, and ensuring compliance.
  • GDPR (General Data Protection Regulation): A European Union regulation governing data privacy and protection.
  • GLBA (Gramm-Leach-Bliley Act): A U.S. law requiring financial institutions to protect the confidentiality and integrity of customer information.

H

  • Hashing: A process of converting data into a fixed-length string to verify integrity without revealing the original data.
  • HIPAA (Health Insurance Portability and Accountability Act): U.S. regulation to protect the privacy and security of healthcare data.
  • Hybrid Cloud: A cloud environment combining private and public cloud features to optimize flexibility and scalability.
  • Honeypot: A decoy system designed to lure and analyze cyber attackers.

I

  • IAM (Identity and Access Management): A framework of tools and policies ensuring that only authorized users have access to the resources they need.
  • IAAS (Infrastructure as a Service): A cloud computing model delivering virtualized computing resources over the internet.
  • Incident Response: The process of identifying, managing, and mitigating cybersecurity incidents.
  • IoT (Internet of Things): A network of interconnected devices that communicate and share data.
  • ISO 27001: An international standard for managing information security.

J

  • JWT (JSON Web Token): A compact, URL-safe token used for securely transmitting information between parties.

K

  • Kubernetes: An open-source platform for managing containerized applications across multiple hosts.
  • Keylogging: A malicious practice of recording keystrokes to capture sensitive information like passwords.

L

  • Least Privilege: A principle of granting users only the access necessary to perform their jobs.
  • Load Balancer: A tool that distributes network or application traffic across multiple servers to improve performance and reliability.
  • Log Management: Collecting, storing, and analyzing logs to monitor system activity.

M

  • MFA (Multi-Factor Authentication): A security method requiring multiple forms of verification to access a system.
  • Malware: Malicious software, such as viruses, worms, or ransomware, designed to harm systems.
  • Microservices: A design approach where an application is built as a collection of small, loosely coupled services.

N

  • NIST (National Institute of Standards and Technology): A U.S. organization developing cybersecurity standards and guidelines.
  • NIST CSF (Cybersecurity Framework): A guideline for managing and improving cybersecurity practices.
  • Network Security: Practices and tools to protect the integrity and usability of a network and its data.

O

  • On-Premises: Refers to IT systems and infrastructure that are physically located within an organization's facilities.
  • OSINT (Open Source Intelligence): Information collected from publicly available sources for security or investigative purposes.

P

  • PaaS (Platform as a Service): A cloud computing model that provides a platform for developers to build and deploy applications.
  • Penetration Testing (Pen Testing): Simulated cyberattacks to identify vulnerabilities in a system.
  • Phishing: A tactic used to trick individuals into revealing sensitive information through fraudulent communications.
  • PCI DSS (Payment Card Industry Data Security Standard): A set of security standards for protecting payment card data.

Q

  • Quarantine: Isolating infected files or systems to prevent further damage.

R

  • Ransomware: Malware that encrypts a victim's data and demands payment for decryption.
  • Risk Assessment: Identifying and evaluating risks to determine their impact on an organization.
  • Rollback: Reverting a system or application to a previous state after a failed update or change.

S

  • SAAS (Software as a Service): A cloud computing model where software is delivered over the internet on a subscription basis.
  • SIEM (Security Information and Event Management): Tools that analyze security alerts and logs to detect potential threats.
  • SOC (Security Operations Center): A centralized team responsible for monitoring and managing security incidents.
  • SOX (Sarbanes-Oxley Act): U.S. regulation establishing requirements for financial reporting and data security.

T

  • Threat Hunting: Proactively searching for cyber threats within a network.
  • Two-Factor Authentication (2FA): A security measure requiring two forms of identification to access a system.

U

  • UEBA (User and Entity Behavior Analytics): Monitoring user behaviors to detect anomalies and potential threats.

V

  • VPN (Virtual Private Network): A tool encrypting internet traffic to secure communications.
  • Vulnerability: A weakness in a system that can be exploited by an attacker.

W

  • Whitelisting: Allowing only approved applications, users, or IP addresses to access a system.
  • Worm: A type of malware that self-replicates and spreads across networks.

X

  • XDR (Extended Detection and Response): A security solution integrating data from multiple sources to detect and respond to threats.

Y

  • YAML (Yet Another Markup Language): A data serialization format often used for configuration files.

Z

  • Zero-Day: A vulnerability that is exploited before it is known or patched.
  • Zero Trust: A security model assuming no entity inside or outside a network is inherently trustworthy.