Cybersecurity Dictionary

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

2FA (2-factor authentication) and MFA (multi-factor authentication)

2FA requires both knowledge (like a password) and something tangible (such as a hardware or software authentication system) to gain access to a protected computer system.

Learn More

Adaptive Authentication

Adaptive Authentication is a method for selecting the right authentication factors depending on a user's risk profile and tendencies - it adapts the authentication type to each situation.

Learn More

AI is technology that appears to emulate human behavior in that it can continually learn and draw its own conclusions (even based on novel or abstract concepts), engage in natural dialog with people, and / or replace people in the execution of more complex (non-routine) tasks.

Learn More

AI - Data Protection

AI data protection refers to the measures to protect individuals’ privacy and confidential data risks posed by AI and related technologies.

Learn More

AI - Governance

AI governance involves a set of processes, tools and frameworks that guide the ethical development, and deployment of AI technologies. These processes and frameworks must also align with the organization’s vision, strategy, principles, policies and standards.

Learn More

AI - Privacy

AI privacy addresses the critical need to protect individual data and sensitive information collected, stored and used by AI systems and related technologies.

Learn More

AI - Risk Management

AI risk management refers to the process of diagnosing and mitigating the potential risks associated with AI and related technologies. It involves the use of a combination of tools, principles and frameworks to measure risks and implement solutions to minimize them.

Learn More

AI - Security

AI security encompasses the policies, technologies and practices designed to protect AI systems and data from malicious use by both internal and external threat actors.

Learn More

Antivirus

Antivirus (AV) software is a computer program or set of programs that seek, detect, prevent and/or remove software viruses and malware (like worms, trojans and adware).

Learn More

APT - Advanced Persistent Threats

APTs are highly sophisticated and prolonged computer hacking processes that often target a specific entity for business or political motives.

Learn More

ASV - Approved Scanning Vendor for PCI

An ASV is an organization deploying security services and tools (sometimes called an ASV scan solution) to conduct external vulnerability scanning services to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2.

Learn More

BAS - Breach and Attack Simulation Tools

BAS tools automate the simulation of advanced adversarial activities to help expose gaps to be remediated before a real attacker can exploit the same gaps to cause damage.

Learn More

Big Data

Big Data describes new structures and techniques being applied to harness - and distill insight from - massive quantities of data.

Learn More

Blockchain

A growing list of records, called blocks, linked using cryptography. It is a decentralized, distributed and public digital ledger that is used to record transactions across many computers in a way that the record can’t be altered retroactively without additionally changing all successive blocks and the consent of the network.

Learn More

Bot/Botnet

A botnet (combination of 'robot' and 'network') is a collection of internet-connected devices, such as PCs, servers, mobile devices and IoT devices that are controlled as a group.

Learn More

Browser Isolation

Browser isolation removes the browsing process from the end user's desktop and moves it to a dedicated browser server (or cloud-based browser service) to confine related security threats.

Learn More

Brute Force Attack

A brute force attack is a trial and error method for attempting to crack a password, username or data encryption key. The term comes from the fact that the approach relies on intensive effort (“brute force”) rather than employing more sophisticated techniques.

Learn More

Business Email Compromise (BEC)

Business email compromise (BEC) is a form of phishing where a criminal attempts to get a worker, customer or vendor to send money or disclose private information by sending a phony email that appears to be coming from a trusted company figure.

Learn More

C2 - Command and Control

C2 is often used by attackers to retain communications with compromised systems within a target network.

Learn More

CARTA - Continuous Adaptive Risk and Trust Assessment

According to Gartner, a CARTA mindset allows enterprises to make decisions based on risk and trust. Decisions must continuously adapt, security responses must continuously adapt, and thus Risk and Trust must continuously adapt.

Learn More

CASB - Cloud Access Security Broker

CASB describes technology platforms that help organizations better secure the use of cloud delivered applications (SaaS) and infrastructure.

Learn More

CCPA (California Consumer Privacy Act)

The California Consumer Privacy Act (CCPA) is a law aimed at enhancing online privacy and consumer protection for California residents. Signed into law in 2018, CCPA is effective as of January 1, 2020. The CCPA seeks to assure Californians the right to know what personally identifiable information (PII) is being collected, to know whether the data is sold or disclosed and to whom, to control/prevent sale or disclosure of the PII and to request deletion of PII by a business.

Learn More

Center for Internet Security (CIS) Critical Security Controls

CIS is a non-profit organization that develops Configuration Policy Benchmarks that allow businesses to improve security and compliance programs and postures.

Learn More

CIA Triad

CIA is an acronym for confidentiality, integrity and availability. Confidentiality assures information is accessible only by authorized parties; integrity makes sure information is reliable; and availability ensures data is readily accessible to the organization as it works to address its business requirements.

Learn More

CISO (Chief Information Security Officer)

The Chief Information Security Officer (CISO) is a senior executive responsible for an organization’s information and data security. In this evolving role CISOs develop and run enterprise-wide processes aimed at reducing IT and business risk as well as assuring regulatory compliance. The position has historically been tasked with a predominately technical mission, but recently more sophisticated companies have begun relying on the CISO for strategic insights about how to best enable digital transformation initiates.

Learn More

Cloud Security Posture Management (CSPM)

Cloud Security Posture Management (CSPM) concentrates on security assessment and compliance monitoring for workloads in public cloud environments. It can be used to provide a unified view across disparate cloud environments.

Learn More

Cloud-Delivered Security

Cloud-Delivered Security is security technologies designed to protect critical infrastructure, applications, and data delivered as-a-service from the cloud as opposed to being installed and maintained on-prem.

Learn More

CMDB - Configuration Management Database

CMDB provides the ability to log devices that move in and out of an environment, which facilitates easier targeting and patching of any potential security vulnerabilities.

Learn More

CoBiT - Control Objectives for Information and Related Technologies

CoBiT is an IT management framework first developed in 1996 published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA) to help businesses develop, organize and implement strategies around information management and governance.

Learn More

Containers

A container is a software unit that packages code so applications can run quickly across multiple environments. Containerization allows applications to be developed once and easily deployed across virtually any environment regardless of operating system, virtual machine or bare metal, on-prem data centers or public cloud.

Learn More

COPPA Children's Online Privacy Protection Act

COPPA requires that the operators of websites or online services directed to children under a certain age must provide notice on the site and obtain verifiable parental consent before collecting data.

Learn More

COSO - Committee of Sponsoring Organizations of the Treadway Commission

COSO is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence.

Learn More

Cryptocurrency

Cryptocurrency is a digital asset / virtual currency designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets.

Learn More

Cryptomining / Cryptojacking

Cryptomining is a system by which "miners" contribute computer processing power and get paid in cryptocurrency to validate blockchain transactions.  In its malicious form, Cryptojacking is where hackers take control of a victim's computing resources to secretly mine cryptocurrency for their own benefit.

Learn More

CTI - Cyber Threat Intelligence

CTI is based on a collection of intelligence using Open Source Intelligence (OSINT), Social Media Intelligence (SCOMINT), Human Intelligence (HUMINT), technical intelligence or intelligence from the deep and dark web.

Learn More

CVE - Common Vulnerabilities and Exposures

CVE is a program launched by MITRE, a nonprofit that operates federal government-sponsored research and development centers, to identify and catalog vulnerabilities in software or firmware into a free “dictionary” for organizations to use as a resource to improve their security.

Learn More

CWPP - Cloud Workload Protection Platform

CWPP is a term developed by Gartner to describe an emerging category of technology solutions primarily used to secure server workloads in public cloud Infrastructure as a Service (IaaS) environments.

Learn More

Cyber Insurance

Cyber insurance offers protection in the event an organization is victimized by a cyber attack.

Learn More

Cybersecurity Ratings

Cybersecurity Ratings describe the strength of an organization's cybersecurity posture based on a calculated rating and/or score.

Learn More

DAG - Data Access Governance

DAG is a data security technology that allows enterprises to gain visibility to sensitive unstructured data that exists across the organization, and enforce policies to control access to that data.

Learn More

Dark Web

The dark web is the part of the world wide web that is only accessible by means of special software, allowing users and website operators to remain somewhat more anonymous.

Learn More

DAST - Dynamic Application Security Testing

DAST is a security solution used to uncover vulnerabilities in software during its running state, including when it is actually deployed in production.

Learn More

Data Breach

A data breach occurs when sensitive, protected, private or confidential information is stolen, copied, viewed or conveyed to an unauthorized/untrusted party or environment. Motivations for such attacks vary and include financial gain (personal or organizational), socio-political goals (hacktivism) and state-sponsored espionage.

Learn More

Data Forensics / Forensic Data Analysis (FDA)

Data forensics – also known as forensic data analysis (FDA) – refers to the study of digital data and the investigation of cybercrime. FDA may focus on mobile devices, computers, servers and other storage devices, and it typically involves the tracking and analysis of data passing through a network.

Learn More

Data Lake

Data lakes are centralized repositories for storing large amounts of raw data, including system data and data for reporting and advanced analytics. They may contain structured, semi-structured and unstructured data as well as images, audio and video.

Learn More

Data Protection

Data protection is the process of preserving valuable information against theft, loss or errors occurring in the storage and transmission process.

Learn More

DDI (DNS, DHCP, IPAM)

DDI solutions (DNS, DHCP and IP address management) provide organizations with tools to efficiently manage IP address management (IPAM), as well as DNS and DHCP services management across the network. Many enterprises still manage IPAM manually, a process that’s time-consuming, error-prone and difficult to update.

Learn More

DDoS - Distributed Denial of Service

A DDoS is a form of cyberattack in which multiple compromised systems work together to disrupt an online service, server or network by overwhelming the target with malicious traffic.

Learn More

Deception Platforms

Deception platforms are designed to lure bad actors in order to collect intelligence about the their tactics and intentions to improve other preventative security controls in real time.

Learn More

DevOps

DevOps is a software development methodology that combines software development with information technology operations.

Learn More

DevSecOps

DevSecOps has emerged as an enterprise application development best practice that embraces the inherent agility benefits of DevOps, but recognizes that the security organization needs to be integrated as an early participant in the DevOps process.

Learn More

DLP - Data Loss Prevention

Data loss prevention (DLP) is a technology and business process designed to detect and prevent violations to corporate policies regarding the use, storage and transmission of sensitive data.

Learn More

Dwell Time

Dwell time represents the length of time a cyberattacker has free rein in an environment, from the time they get in until they are eradicated.

Learn More

Edge Computing

Edge computing is an open IT architecture model that distributes computation and data storage toward the “edge” of the network. Data is processed by the device itself or by a local computer or server, rather than being transmitted to a centralized data-processing warehouse. Since the edge is where data is generated, the practice improves network response and saves bandwidth.

Learn More

EDR - Endpoint Detection and Response

EDR solutions record key activity of endpoints and provide security analysts with necessary information to conduct both reactive and proactive threat investigations.

Learn More

Encryption

Encryption dates back millennia. Much more advanced forms exist today that are virtually unbreakable. Learn more on the Optiv Cybersecurity Dictionary!

Learn More

Endpoint Security

Endpoint security applies threat prevention, detection and response capabilities to the multitude of devices that interact with corporate networks. Endpoints can include computers, tablets, mobile devices, point-of-sale (POS) systems and IoT devices.

Learn More

FEDRamp - The Federal Risk and Authorization Management Program

In 2012, FEDRamp began providing guidance to government and corporate organizations offering a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.

Learn More

Fileless Attacks

Fileless attacks inject malicious code into RAM memory and exploit approved applications on targeted devices to achieve their objectives and thwart detection.

Learn More

Firewall

Firewalls are network security devices or systems that monitor and regulate network traffic (incoming and outgoing) based on defined security rules.

Learn More

FISMA - Federal Information Security Management Act of 2002

FISMA provides a framework to ensure comprehensive measures are taken to secure federal information and assets.

Learn More

FWaaS - Firewall as-a-Service

FWaaS is an emerging method to deliver select firewall functionality as a cloud service as opposed to the more traditional hardware-based firewall platforms.

Learn More

GDPR - General Data Protection Regulation

GDPR sets strict rules regarding the collection and processing of personally identifiable information for citizens of the EU.

Learn More

GLBA - Gramm-Leach-Bliley

GBLA, more commonly known for its authors (Gramm-Leach-Bliley Act) includes provisions to protect consumers’ personal financial information held by financial institutions.

Learn More

Hacker

A hacker is someone who uses technical expertise to solve computing challenges. The term may refer to any skilled programmer – including “ethical hackers” – but in common contemporary usage, it typically signifies a cybercriminal.

Learn More

Hardware Authentication

Hardware authentication is an approach to user authentication that relies on a dedicated physical device (such as a token) held by an authorized user, in addition to a basic password, to grant access to computer resources.

Learn More

HIPAA - Health Insurance Portability and Accountability Act

The goal of HIPAA is to enable the movement of health information among health-related organizations in a protected manner.

Learn More

HITRUST - The Health Information Trust Alliance

HITRUST is a United States nonprofit that has established a common security framework (CSF) (in collaboration with healthcare, technology and information security leaders), which can be used by any organization that creates, accesses, stores or exchanges sensitive and/or regulated data.

Learn More

Honeypot

Honeypots are computers or computer systems that mimic potential cyberattack targets for the purpose of detecting intrusions and building threat intelligence by analyzing the tactics, techniques and procedures of the malicious actors.

Learn More

IAM - Identity and Access Management

IAM represents the processes, technology and people used to create, manage, authenticate, control and remove user (internal, external or customer) permission to corporate technology resources.

Learn More

IAST - Interactive Application Security Testing

IAST is an emerging application security testing approach that combines elements of its more established siblings in SAST (static application security testing) and DAST (dynamic application security testing).

Learn More

IGA - Identity Governance and Admin

Identity governance and administration (IGA) is a component of an identity access management (IAM) program that ensures only the right users are getting access to the right applications at the right time.

Learn More

Incident Management

Cybersecurity incident management is the real-time process of identifying, managing, monitoring and analyzing computer and network security threats or incidents (which may include anything from attempted intrusions to successful compromises/data breaches) and responding appropriately.

Learn More

Indicator of Compromise (IOC)

IOCs are clues to compromise (pieces of forensic data, system log entries or files) that can be considered unusual and may identify potentially malicious activity on a system or network.

Learn More

Insider Risk

Insider Risk encompasses anyone in or outside your organization with access to anything of value that can cause harm if compromised. Learn more at Optiv!

Learn More

Integrated Risk Management (IRM)/Governance Risk and Compliance (GRC)

IRM is an approach to risk management that integrates risk activities from across an organization to enable better and more sustainable strategic decision making.

Learn More

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

The key difference between IDS and IPS lies in “detection” vs. “prevention.” Intrusion Detection Systems (IDS) monitor and scrutinize network traffic for known cyberattack signatures. Intrusion Prevention Systems (IPS), which reside between the internal network and external networks (like the internet), reject incoming traffic when it indicates a recognized security threat profile.

Learn More

IoT - Internet Of Things

IoT represents a rapidly growing class of nontraditional computing devices that are connected to the internet to drive some sort of intelligent operation.

Learn More

IR - Incident Response

IR represents the actions a company takes to manage the aftermath of a security breach or cyberattack.

Learn More

ISO 27000

ISO 27000 is an internationally recognized standard of good practice for information security. ISO/IEC 27001 specifies an information security management system (ISMS) that incorporates with an overarching management framework through which an organization can identify, analyze and address its information risks.

Learn More

Key Risk Indicator (KRI)

Key risk indicator metrics articulate an organization’s level of risk and allow security and business leaders to track how the risk profile is evolving. For instance, cybersecurity operations can use metrics that analyze the threats and vulnerabilities reported by various tools.

Learn More

Lateral movement

Lateral movement describes a common cyberattack technique where intruders, having gained initial access to a network, move through the system “sideways” (or “east-west”), looking to escalate their privileges to access high-value targets.

Learn More

Least Privilege

The principle of least privilege restricts users or processes from being granted access rights in excess of those specifically required for the performance of their defined tasks.

Learn More

Malware

Malware (short for “malicious software”) describes any software developed for the purpose of infiltrating, damaging, disabling or seizing control of computers, computer systems, mobile devices and networks.

Learn More

MDR - Managed Detection and Response

MDR is an outsourced service that leverages external experts to make the security benefits of tools such as EDR and proactive threat hunting accessible to customers of all maturity levels.

Learn More

Medjacking

Medjacking – or medical device hijacking – refers to the hacking a critical medical device. Many devices currently in use – anything that’s linked to a wireless network – is potentially susceptible, and the hundreds of at-risk technologies include MRI systems and implantables like pacemakers and insulin pumps.

Learn More

Micro-Segmentation

Micro-segmentation is an emerging IT security best practice of implementing granular isolation (segmentation) policies between data center workloads.

Learn More

MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge)

MITRE’s National Cybersecurity Federally Funded Research and Development Centers (FFRDC’s) Adversarial Tactic, Techniques, and Common Knowledge (ATT&CK) repository of collected cybersecurity data.

Learn More

ML - Machine Learning

Machine learning is considered to be a subset of artificial intelligence (AI), and is currently the most common application of AI.

Learn More

MSS - Managed Security Services

Managed security services are security service functions that have been outsourced to an external service provider (such as management of security tools, threat management, incident response and forensics)

Learn More

MSSP - Managed Security Service Provider

An MSSP is an IT service provider that performs any number of cybersecurity related activities for its clients on an outsourced basis.

Learn More

MTTD - Mean Time to Detect

MTTD is the average length of time it takes a cybersecurity team to discover incidents in their environment.

Learn More

MTTR - Mean Time to Respond/Remediate

MTTR is the amount of time it takes an organization to neutralize an identified threat or failure within their network environment.

Learn More

NAC - Network Access Control

NAC is a security technology that provides visibility and control of devices accessing a corporate network.

Learn More

Network Security

Network security comprises the technologies, policies and practices dedicated to monitoring, preventing and responding to illegal, malicious and unauthorized attempts to penetrate and compromise computer networks.

Learn More

NIST CSF - National Institute of Standards and Technology Cybersecurity Framework

NIST is a non-regulatory agency and a physical sciences laboratory of the United States Department of Commerce. The vision of the NIST CSF is to become the world's leader in creating critical measurement solutions and promoting equitable standards.

Learn More

NTA (Network Traffic Analysis) and NBA (Network Behavior Analysis)

NTA and NBA are fairly similar terms that describe technologies that use advanced analytics, machine learning and rule-based techniques to detect suspicious activity on enterprise networks.

Learn More

NYDFS Cybersecurity Regulation (New York Department of Financial Services)

The NYDFS Cybersecurity Regulation (23 NYCRR 500) comprises a new set of New York Department of Financial Services rules imposing strict digital security requirements on financial institutions, such as banks, mortgage companies and insurance firms. Additionally, NYCRR applies to unregulated third parties working with regulated companies. Under NYCRR affected organizations must implement a detailed cybersecurity plan, articulate wide-ranging policies and establish/operate a cybersecurity incident reporting system.

Learn More

OT/ICS/SCADA - Operational Technology, Industrial Control Systems and Supervisory Control and Data Acquisition Systems

OT represents systems that are used to monitor and manage the manufacturing equipment or industrial process assets of an organization.

Learn More

OWASP - Open Web Application Security Project

OWASP is an open-source community project turned nonprofit organization that provides unbiased and practical, cost-effective information about computer and internet applications.

Learn More

PAM - Privileged Access Management

PAM polices privileged accounts (how administrators log in to critical IT resources they must manage). Since access rights associated with admin privileges are high level, they're often the target of cyberattacks and must be uniquely secured.

Learn More

Patch Management

The patch management process keeps computer systems and applications up to date by routinely obtaining, testing and deploying appropriate code changes (patches) to address vulnerabilities. A good patch management process also coordinates workflow between IT and security teams and tracks deployment status.

Learn More

Patching

Patching is a modification to software, or the underlying computer system, designed to fix a security vulnerability or a a performance issue (bug), or add new features.

Learn More

PCI and PCI DSS -The Payment Card Industry Data Security Standard

PCI compliance, usually refers to the PCI Data Security Standard (DSS), which is an information security standard for organizations that handle branded credit cards from the major card companies.

Learn More

Penetration Testing

Penetration testing, sometimes called ethical hacking or shortened to pen test, is an authorized attack performed to evaluate a system or application in order to find exploitable vulnerabilities so they can be proactively remediated.

Learn More

PFI - PCI Forensic Investigator

PCI forensic investigators (PFIs) help uncover cardholder data compromise and when and how it may have occurred.

Learn More

Phishing

Phishing is a fraudulent attempt to trick individuals into divulging sensitive information (usernames, passwords and banking details) by pretending to be a trusted source, often through an email communication.

Learn More

PII - Personally Identifiable Information

PII represents information about a person that can identify them such as date of birth, social security number, credit card numbers and street address.

Learn More

PIPEDA (Personal Information Protection and Electronic Documents Act)

IRM is an approach to risk management that integrates risk activities from across an organization to enable better and more sustainable strategic decision making.

Learn More

PKI - Public Key Infrastructure

PKI consists of a set of roles, hardware, software, policies, processes and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.

Learn More

QSA - Qualified Security Assessor for PCI

A QSA is a PCI Security Standards Council designation applied to individuals who: meet specific information security education requirements; have taken the appropriate training from the PCI Security Standards Council; are employees of a Qualified Security Assessor (QSA) company approved PCI security and auditing firm, and; will be performing PCI compliance assessments as they relate to the protection of credit card data.

Learn More

Ransomware

Ransomware is an exploit where cyber criminals lock users out of their own system and hold it hostage for payment. Learn more on our cybersecurity dictionary!

Learn More

RASP - Runtime Application Self-Protection

RASP is a term popularized by Gartner to describe an emerging application security technology.

Learn More

Red Team

A red team refers to an independent group that challenges an organization to improve its security effectiveness by assuming an adversarial role or point of view.

Learn More

Responsible AI

Responsible AI involves the development and usage of AI systems in a way that is ethical, safe and in compliance with legal requirements. It involves a set of principles that takes into account the transparency, fairness, accountability, inclusiveness, privacy, reliability and safety of the AI systems.

Learn More

ROC - Report on Compliance for PCI

The ROC form must be completed by all Level 1 Visa merchants undergoing a PCI DSS (Payment Card Industry Data Security Standard) audit.

Learn More

SAML (Security Assertion Markup Language)

Security Assertion Markup Language is an open-standard that makes possible the exchange of authentication and authorization data between parties (such as between service and identity providers).

Learn More

SAST - Static Application Security Testing

SAST is a security solution used to uncover vulnerabilities in software during its static (not-running) state by analyzing such things as its source code, byte code or binary code.

Learn More

SD-WAN (Software-Defined WAN)

SD-WAN has found application within enterprises that have a significant branch office footprint to simplify the deployment and management of network services across its many locations.

Learn More

SDLC - Software Development Lifecycle

SDLC is a framework used to detail commonly accepted discrete phases -- and associated requirements -- that comprise the full software development process.

Learn More

SDN (Software Defined Networking)

SDN is an approach to computer networking in the LAN or data center of an enterprise that uses software to abstract the underlying network elements and to logically centralize network intelligence and control.

Learn More

Secure Access Service Edge (SASE)

SASE (pronounced sassy) is a new term coined by Gartner to describe the convergence of the WAN edge and network security.

Learn More

Secure AI

Secure AI is a lifecycle that encompasses expert business advice as well as solution design, build, implementation and operationalization. Core elements include responsible AI principles to support ethical choices, attention to AI TRiSM (trust, risk and security management) and built-in AI system safeguards to protect models and data.

Learn More

Security Orchestration

This is a method of integrating and streamlining workflows across disparate tools to improve both security analyst efficiency and threat detection and response.

Learn More

Serverless

Serverless is an emerging cloud computing paradigm in which the provider runs the server and manages allocation of machine resources.

Learn More

Shadow IT

Shadow IT, also called Stealth IT or Client IT, is hardware or software used within organizations without explicit organizational approval.

Learn More

Shift Left

In the world of software application development, “shift-left” is a concept that promotes the value of integrating security into the software development lifecycle as early as possible.

Learn More

SIEM - Security Information and Event Management

SIEM is a software tool that allows security operations teams to identify potential incidents by consolidating and correlating log data from many other tools in the environment.

Learn More

SOAR - Security Orchestration, Automation and Response

SOAR is a term developed by Gartner to describe technology platforms that aggregate security intelligence and context from disparate systems, and apply machine intelligence to streamline (or even completely automate) the incident detection and response process.

Learn More

SOC - Security Operation Center

A SOC is a formalized function in a company that is staffed with domain experts (either in-house or outsourced) and focuses on preventing, detecting, analyzing and responding to cybersecurity incidents.

Learn More

SOC 2

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 requires establishment and adherence to policies and procedures surrounding the security, availability, processing, integrity and confidentiality of customer data. More specifically, SOC 2 ensures that cybersecurity measures reflect up-to-date cloud requirements.

Learn More

Social Engineering

Within the cybersecurity context, social engineering describes an attempt to manipulate people into divulging confidential information or performing actions inimical to the interests of them or their organizations.

Learn More

Software Composition Analysis

Software composition analysis (SCA) tools help reduce vulnerabilities created by software development teams using open source software (OSS) elements.

Learn More

Software Defined Perimeter/Zero Trust Network Access (SDP/ZTNA)

A software-defined perimeter is a scalable, cloud-native security framework designed to narrowly segment access to networks and systems by establishing one-to-one connections between users and required resources. SDPs are built on user identities, not IP addresses, and employ Zero Trust principles to limit network access and reduce the attack surface.

Learn More

SOX - Sarbanes Oxley

SOX is a federal law that established sweeping auditing and financial regulations for public companies.

Learn More

SQLi - SQL Injection

SQLi is a type of application exploit called a code injection technique, in which an attacker adds malicious Structured Query Language (SQL) code to a web form input box to get access to resources.

Learn More

SSL/TLS (Secure Sockets Layer/ Transport Layer Security)

Secure Sockets Layer (SSL), the most widely used cryptography protocol in internet history, was designed to provide communications security over a computer network.

Learn More

SSO - Single Sign On

SSO is a user access and session authentication service that allows users to use a single set of login credentials (e.g., name and password) to access multiple applications.

Learn More

SWIFT - Society for Worldwide Interbank Financial Telecommunication

SWIFT is a global member-owned cooperative and the world’s leading provider of secure financial messaging services, it enables secure, seamless and automated financial communication between users.

Learn More

Threat Hunting

Threat hunting is the process of proactively and continuously searching networks to detect and isolate advanced threats that have evaded existing security solutions.

Learn More

Tokenization

Tokenization is a process that secures important data by replacing it with unique identifiers containing essential information (but in a form that doesn’t threaten its security).

Learn More

TPRM - Third Party Risk Management

TPRM is the process of analyzing and controlling risks presented to an organization, its data, operations and finances by parties OTHER than the organization itself.

Learn More

TTPs - Tactics, Techniques, and Procedures

TTPs define how hackers orchestrate and manage attacks.

Learn More

UEBA (User and Entity Behavior Analytics) and UBA (User Behavior Analytics)

These are systems that apply advanced analytics including machine learning to establish a baseline for the behavior of various users and/or entities (in this case, technology elements such as servers, applications, network traffic, databases, etc.) interacting with a corporate network.

Learn More