null Definitions
- 
			T	
			What is threat modeling?Threat modeling is the systematic process of identifying threats to and vulnerabilities in software applications, and then defining countermeasures to mitigate those threats and vulnerabilities to better protect business processes, networks, systems and data. 
- 
			What is TLS (Transport Layer Security)? Definition & UsesTransport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. 
- 
			What is triple extortion ransomware?Triple extortion ransomware is a type of ransomware attack in which a cybercriminal extorts their victim multiple times -- namely by encrypting data, exposing exfiltrated data and then threatening an additional third attack vector. 
- 
			What is two-factor authentication (2FA)?Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves. 
- 
			U	
			user account provisioningUser account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of access to software and data is is consistent and simple to administer. 
- 
			What is unified threat management (UTM)?Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. 
- 
			What is user authentication?User authentication refers to the process of verifying the identity of a user attempting to gain access to a computer network, system or device. This process runs in the background and can be done through different means, such as asking the user to enter a password, provide a PIN or provide a fingerprint. 
- 
			What is user behavior analytics (UBA)?User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems. 
- 
			V	
			virtual firewallA virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment. 
- 
			virtual local area network hopping (VLAN hopping)Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system. 
- 
			virus (computer virus)A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an infected system and it often propagates to other systems, much like a biological virus spreads from host to host. 
- 
			virus hoaxA virus hoax is a false warning about a computer virus. 
- 
			voice squattingVoice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced. 
- 
			vulnerability assessmentA vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures. 
- 
			vulnerability disclosureVulnerability disclosure is the practice of reporting security flaws in computer software or hardware. 
- 
			What is a virtual CISO (vCISO)? Does your business need one?The virtual chief information security officer (vCISO) is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis. 
- 
			What is a virtual CISO (vCISO)? Does your business need one?The virtual chief information security officer is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis. 
- 
			What is vulnerability management? Definition, process and strategyVulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems. 
- 
			W	
			walled gardenOn the internet, a walled garden is an environment that controls the user's access to network-based content and services. 
- 
			WebAuthn APIThe Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web applications authenticate users without storing their passwords on servers. 
- 
			What is a watering hole attack?A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. 
- 
			What is a web application firewall (WAF)? WAF explainedA web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats. 
- 
			What is a whaling attack (whaling phishing)?A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive information from a company. 
- 
			What is the WannaCry ransomware attack?WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS). 
- 
			What is WPA3 (Wi-Fi Protected Access 3)?WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance. WPA3 is the latest updated implementation of WPA2, which has been in use since 2004. 
- 
			white hat hackerA white hat hacker -- or ethical hacker -- is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks. 
- 
			Wi-Fi PineappleA Wi-Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests. 
- 
			Windows Defender Exploit GuardMicrosoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users. 
- 
			Wired Equivalent Privacy (WEP)Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b. 
- 
			WLAN Authentication and Privacy Infrastructure (WAPI)WLAN Authentication and Privacy Infrastructure (WAPI) is a wireless local area network security standard officially supported by the Chinese government. 
- 
			X	
			X.509 certificateAn X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate. 
- 
			Y	
			YubiKeyYubiKey is a security token that enables users to add a second authentication factor to online services from tier 1 vendor partners, including Google, Amazon, Microsoft and Salesforce. 
- 
			Z	
			What is the zero-trust security model?The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs. 
- 
			zero-day vulnerabilityA zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it. 
- 
			ZoombombingZoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app. 
- 
				
			What is network detection and response (NDR)?Network detection and response (NDR) technology continuously scrutinizes network traffic to identify suspicious activity and potentially disrupt an attack.