Skip to main content

2FA requires both knowledge (like a password) and something tangible (such as a hardware or software authentication system) to gain access to a protected computer system.

Learn More

Adaptive Authentication is a method for selecting the right authentication factors depending on a user's risk profile and tendencies - it adapts the authentication type to each situation.

Learn More

AI is technology that appears to emulate human behavior in that it can continually learn and draw its own conclusions (even based on novel or abstract concepts), engage in natural dialog with people, and / or replace people in the execution of more complex (non-routine) tasks.

Learn More

Application containerization enables a logical packaging system in which applications can be abstracted from the environment (including the operating system) in which they actually run.

Learn More

APTs are highly sophisticated and prolonged computer hacking processes that often target a specific entity for business or political motives.

Learn More

An ASV is an organization deploying security services and tools (sometimes called an ASV scan solution) to conduct external vulnerability scanning services to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2.

Learn More

MITRE’s National Cybersecurity Federally Funded Research and Development Centers (FFRDC’s) Adversarial Tactic, Techniques, and Common Knowledge (ATT&CK) repository of collected cybersecurity data.

Learn More

BAS tools automate the simulation of advanced adversarial activities to help expose gaps to be remediated before a real attacker can exploit the same gaps to cause damage.

Learn More

Big Data describes new structures and techniques being applied to harness - and distill insight from - massive quantities of data.

Learn More

A growing list of records, called blocks, linked using cryptography. It is a decentralized, distributed and public digital ledger that is used to record transactions across many computers in a way that the record can’t be altered retroactively without additionally changing all successive blocks and the consent of the network.

Learn More

A botnet (combination of 'robot' and 'network') is a collection of internet-connected devices, such as PCs, servers, mobile devices and IoT devices that are controlled as a group.

Learn More

Browser isolation removes the browsing process from the end user's desktop and moves it to a dedicated browser server (or cloud-based browser service) to confine related security threats.

Learn More

C2 is often used by attackers to retain communications with compromised systems within a target network.

Learn More

According to Gartner, a CARTA mindset allows enterprises to make decisions based on risk and trust. Decisions must continuously adapt, security responses must continuously adapt, and thus Risk and Trust must continuously adapt.

Learn More

CASB describes technology platforms that help organizations better secure the use of cloud delivered applications (SaaS) and infrastructure.

Learn More

CIS is a non-profit organization that develops Configuration Policy Benchmarks that allow businesses to improve security and compliance programs and postures.

Learn More

Cloud-Delivered Security is security technologies designed to protect critical infrastructure, applications, and data delivered as-a-service from the cloud as opposed to being installed and maintained on-prem.

Learn More

CMDB provides the ability to log devices that move in and out of an environment, which facilitates easier targeting and patching of any potential security vulnerabilities.

Learn More

CoBiT is an IT management framework first developed in 1996 published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA) to help businesses develop, organize and implement strategies around information management and governance.

Learn More

COPPA requires that the operators of websites or online services directed to children under a certain age must provide notice on the site and obtain verifiable parental consent before collecting data

Learn More

Cryptocurrency is a digital asset / virtual currency designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets.

Learn More

Cryptomining is a system by which "miners" contribute computer processing power and get paid in cryptocurrency to validate blockchain transactions.  In its malicious form, Cryptojacking is where hackers take control of a victim's computing resources to secretly mine cryptocurrency for their own benefit.

Learn More

CTI is based on a collection of intelligence using Open Source Intelligence (OSINT), Social Media Intelligence (SCOMINT), Human Intelligence (HUMINT), technical intelligence or intelligence from the deep and dark web.

Learn More

CVE is a program launched by MITRE, a nonprofit that operates federal government-sponsored research and development centers, to identify and catalog vulnerabilities in software or firmware into a free “dictionary” for organizations to use as a resource to improve their security.

Learn More

CWPP is a term developed by Gartner to describe an emerging category of technology solutions primarily used to secure server workloads in public cloud Infrastructure as a Service (IaaS) environments.

Learn More

Cybersecurity Ratings describe the strength of an organization's cybersecurity posture based on a calculated rating and/or score.

Learn More

DAG is a data security technology that allows enterprises to gain visibility to sensitive unstructured data that exists across the organization, and enforce policies to control access to that data.

Learn More

The Dark Web is the part of the World Wide Web that is only accessible by means of special software, allowing users and website operators to remain somewhat more anonymous.  

Learn More

DAST is a security solution used to uncover vulnerabilities in software during its running state, including when it is actually deployed in production. 

Learn More

DDoS is a form of cyber attack in which multiple compromised systems work together to disrupt an online service, server, or network by overwhelming the target with malicious traffic. 

Learn More

Deception Platforms are designed to lure in bad actors in order to collect intelligence about the their tactics and intentions to improve other preventative security controls in real time.

Learn More

DevOps is a software development methodology that combines software development with information technology operations.

Learn More

DevSecOps has emerged as an enterprise application development best practice that embraces the inherent agility benefits of DevOps, but recognizes that the security organization needs to be integrated as an early participant in the DevOps process.

Learn More

DLP is a technology and business process designed to detect and prevent violations to corporate policies regarding the use, storage, and transmission of sensitive data.

Learn More

Dwell Time represents the length of time a cyber attacker has free reign in an environment from the time they get in until they are eradicated.

Learn More

EDR solutions record key activity of endpoints and provide security analysts with necessary information to conduct both reactive and proactive threat investigations.

Learn More

Encryption is a method in which plaintext or other data is converted from readable form to an encoded version that can only be decrypted with a decryption key.

Learn More

In 2012, FEDRamp began providing guidance to government and corporate organizations offering a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Learn More

Fileless Attacks inject malicious code into RAM memory and exploit approved applications on targeted devices to achieve their objectives and thwart detection.

Learn More

FISMA provides a framework to ensure comprehensive measures are taken to secure federal information and assets.

Learn More

FWaaS is an emerging method to deliver select firewall functionality as a cloud service as opposed to the more traditional hardware-based firewall platforms.

Learn More

GDPR sets strict rules regarding the collection and processing for Personally Identifiable Information for citizens of the EU. 

Learn More

GBLA, more commonly known for its authors (Gramm-Leach-Bliley Act) includes provisions to protect consumers’ personal financial information held by financial institutions.

Learn More

GRC is an organization's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management, and corporate compliance with regard to regulatory requirements.

Learn More

Hardware authentication is an approach to user authentication that relies on a dedicated physical device (such as a token) held by an authorized user, in addition to a basic password, to grant access to computer resources.

Learn More

The goal of HIPAA is to enable the movement of health information among health-related organizations in a protected manner.

Learn More

HITRUST is a United States non-profit that has established a Common Security Framework (CSF) (in collaboration with healthcare, technology and information security leaders) that can be used by any organization that creates, accesses, stores or exchanges sensitive and/or regulated data.

Learn More

IAM is the processes, technology, and people used to create, manage, authenticate, control, and remove the permissions a user (internal, external, and customer) has to corporate technology resources. 

Learn More

IAST is an emerging application security testing approach which combines elements of both of its more established siblings in SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing).

Learn More

IGA is a component of an Identity Access Management (IAM) program that ensures only the right users are getting access to the right applications at the right time.  

Learn More

Insider Threat represents a threat to the systems and protected data of an organization that emanates from the people within the organization or trusted third parties.

Learn More

IOCs are clues to compromise or pieces of forensic data, system log entries or files, that can be considered unusual and may identify potentially malicious activity on a system or network.

Learn More

IoT represents a rapidly growing class of non-traditional computing devices that are connected to the internet to drive some sort of intelligent operation.

Learn More

IRM is a new approach to risk management that integrates risk activities from across an organization to enable better and more sustainable strategic decision making.

Learn More

ISO 27000 is an internationally-recognized standard of good practice for information security, ISO/IEC 27001 specifies an Information Security Management System (ISMS) a suite of activities concerning the management of information risks into an overarching management framework through which the organization identifies, analyzes and addresses its information risks. 

Learn More

MDR is an outsourced service that leverages external experts to make the security benefits of tools such as EDR and proactive threat hunting accessible to customers of all maturity levels.   

Learn More

Microsegmentation is an emerging IT security best practice of implementing granular isolation (segmentation) policies between data center workloads.

Learn More

Machine Learning is considered to be a subset of artificial intelligence (AI), and is currently the most common application of AI.

Learn More

MSS are security service functions that have been outsourced to an external service provider (such as management of security tools, threat management, incident response, and forensics).

Learn More

An MSSP is an IT service provider that performs any number of cybersecurity related activities for its clients on an outsourced basis.

Learn More

MTTD is the average length of time it takes a cybersecurity team to discover incidents in their environment. 

Learn More

MTTR is the amount of time it takes an organization to neutralize an identified threat or failure within their network environment.

Learn More

NIST CSF is a non-regulatory agency and a physical sciences laboratory of the United States Department of Commerce. The organization states its mission is "To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."  

Learn More

NTA and NBA are fairly similar terms that describe technologies that use advanced analytics, machine learning, and rule-based techniques to detect suspicious activity on enterprise networks.  

Learn More

OT represents systems that are used to monitor and manage the manufacturing equipment or industrial process assets of an organization.

Learn More

OWASP is an open-source community project turned non-profit organization that provides unbiased and practical, cost-effective information about computer and Internet applications.

Learn More

PAM polices privileged accounts (how administrators login to critical IT resources they must manage). Since access rights associated with admin privileges are high level, they are often the target of cyber attacks and must be uniquely secured.

Learn More

Patching is a modification to software, or the underlying computer system, designed to fix a security vulnerability or a a performance issue (bug), or add new features.

Learn More

PCI compliance, usually refers to the PCI Data Security Standard (DSS) which is an information security standard for organizations that handle branded credit cards from the major card companies.

Learn More

Penetration Testing, sometimes called ethical hacking or shortened to pen test, is an authorized attack performed to evaluate a system or application in order to find exploitable vulnerabilities so they can be proactively remediated.  

Learn More

Phishing is a fraudulent attempt to trick individuals into divulging sensitive information (usernames, passwords and banking details) by pretending to be a trusted source, often through an email communication.

Learn More

PII represents information about a person that can identify them such as date of birth, social security number, credit card numbers and street address. 

Learn More

PKI consists of a set of roles, hardware, software, policies, processes, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. 

Learn More

QSA is a PCI Security Standards Council designation applied to individuals who meet specific information security education requirements, have taken the appropriate training from the PCI Security Standards Council, are employees of a Qualified Security Assessor (QSA) company approved PCI security and auditing firm, and will be performing PCI compliance assessments as they relate to the protection of credit card data.

Learn More

Ransomware is a type of malicious software, or malware, that is designed to deny access to, or "lock," a computer system until a sum of money (ransom) is paid.

Learn More

RASP is a term popularized by Gartner to describe an emerging application security technology.

Learn More

Red Team is an independent group that challenges an organization to improve its security effectiveness by assuming an adversarial role or point of view. 

Learn More

SAST is a security solution used to uncover vulnerabilities in software during its static (not-running) state by analyzing such things as its source code, byte code or binary code.

Learn More

SDLC is a framework used to detail commonly accepted discrete phases -- and associated requirements -- that comprise the full software development process. 

Learn More

SDN is an approach to computer networking in the LAN or data center of an enterprise that uses software to abstract the underlying network elements and to logically centralize network intelligence and control.

Learn More

This is a method of integrating and streamlining workflows across disparate tools to improve both security analyst efficiency and threat detection and response.

Learn More

An emerging cloud computing paradigm that allows application developers to focus on building applications and services without having to worry about the underlying server resources.

Learn More

Shadow IT, also called Stealth IT or Client IT, is hardware or software used within organizations without explicit organizational approval.

Learn More

SIEM is a software tool that allows security operations teams to identify potential incidents by consolidating and correlating log data from many other tools in the environment.

Learn More

SOAR is a term developed by Gartner to describe technology platforms that aggregate security intelligence and context from disparate systems, and apply machine intelligence to streamline (or even completely automate) the incident detection and response process.

Learn More

A SOC is a formalized function in a company that is staffed with domain experts (either in-house or outsourced) and focuses on preventing, detecting, analyzing, and responding to cybersecurity incidents.  

Learn More

SOX is a federal law that established sweeping auditing and financial regulations for public companies.

Learn More

SQLi is a type of application exploit called a code injection technique, in which an attacker adds malicious Structured Query Language (SQL) code to a web form input box to get access to resources.

Learn More

SSO is a user access and session authentication service that allows users to use a single set of login credentials (e.g., name and password) to access multiple applications. 

Learn More

SWIFT is a global member-owned cooperative and the world’s leading provider of secure financial messaging services, it enables secure, seamless and automated financial communication between users.

Learn More

Threat Hunting is the process of proactively and continuously searching networks to detect and isolate advanced threats that have evaded existing security solutions. 

Learn More

TLS is successor technology to the popular SSL (Secure Socket Layer) standard of encryption between a user browser and internet transactions.  

Learn More

TPRM is the process of analyzing and controlling risks presented to an organization, its data, operations and finances by parties OTHER than the organization itself.

Learn More

These are systems that apply advanced analytics including machine learning to establish a baseline for the behavior of various users and/or entities (in this case, technology elements such as servers, applications, network traffic, databases, etc.) interacting with a corporate network.

Learn More

XSS is a computer security vulnerability normally found in web applications that allows attackers to inject client-side scripts into benign and trusted websites.

Learn More

Zero Trust is an information security model based on the principle of maintaining strict access controls by not trusting anyone or any action by default, even those already inside the network perimeter. Each transaction is evaluated for need and risk.

Learn More