Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • I

    insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • integrated risk management (IRM)

    Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.

  • International Data Encryption Algorithm (IDEA)

    The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.

  • International Information Systems Security Certification Consortium (ISC)2

    (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates.

  • intrusion prevention system (IPS)

    An intrusion prevention system (IPS) is a cybersecurity tool that examines network traffic to identify potential threats and automatically take action against them.

  • IP spoofing

    Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from.

  • ISO 27002 (International Organization for Standardization 27002)

    The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.

  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.

  • What is an intrusion detection system (IDS)?

    An intrusion detection system monitors (IDS) network traffic for suspicious activity and sends alerts when such activity is discovered.

  • What is identity and access management? Guide to IAM

    No longer just a good idea, IAM is a crucial piece of the cybersecurity puzzle. It's how an organization regulates access to information and meets its compliance obligations.

  • What is identity governance and administration (IGA)?

    Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.

  • What is identity threat detection and response (ITDR)?

    Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure.

  • What is incident response? A complete guide

    Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.

  • What is Internet Key Exchange (IKE)?

    Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).

  • What is IPsec (Internet Protocol Security)?

    IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.

  • J

    juice jacking

    Juice jacking is a security exploit in which an infected USB charging station is used to compromise devices that connect to it.

  • K

    key fob

    A key fob is a small, programmable device that provides access to a physical object.

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.

  • knowledge-based authentication

    Knowledge-based authentication (KBA) is an authentication method in which users are asked to answer at least one secret question.

  • What is Kerberos and how does it work?

    Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.

  • L

    LEAP (Lightweight Extensible Authentication Protocol)

    LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

  • logic bomb

    A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.

  • logon (or login)

    In computing, a logon is a procedure that enables an entity to access a secure system such as an operating system, application, service, website or other resource.

  • Luhn algorithm (modulus 10)

    The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers.

  • M

    macro virus

    A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word.

  • mail bomb

    A mail bomb is a form of a denial-of-service (DoS) attack designed to overwhelm an inbox or inhibit a server by sending a massive number of emails to a specific person or system.

  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.

  • mandatory access control (MAC)

    Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.

  • MD5

    The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

  • Melissa virus

    Melissa was a type of email virus that initially become an issue in early 1999.

  • message authentication code (MAC)

    A message authentication code (MAC) is a cryptographic checksum applied to a message in network communication to guarantee its integrity and authenticity.

  • messaging security

    Messaging security is a subcategory of unified threat management, or UTM, focused on securing and protecting an organization's communication infrastructure.

  • metamorphic and polymorphic malware

    Metamorphic and polymorphic malware are two types of malicious software (malware) that can change their code as they propagate through a system.

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or originality of checks and other paper documents.

  • Microsoft Defender for Endpoint (formerly Windows Defender ATP)

    Microsoft Defender for Endpoint -- formerly Microsoft Defender Advanced Threat Protection or Windows Defender ATP -- is an endpoint security platform designed to help enterprise-class organizations prevent, detect and respond to security threats.

  • Microsoft Schannel (Microsoft Secure Channel)

    The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms.

  • mobile authentication

    Mobile authentication is the verification of a user's identity via a mobile device using one or more authentication methods for secure access.

  • mutual authentication

    Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.

  • What is a micro VM (micro virtual machine)?

    A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.

  • What is machine identity management?

    Machine identity management focuses on the machines connected to and accessing resources on a network.

  • What is malware? Prevention, detection and how attacks work

    Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server.

  • What is multifactor authentication?

    Multifactor authentication (MFA) is an IT security technology that requires multiple sources of unique information from independent categories of credentials to verify a user's identity for a login or other transaction.

  • What is MXDR, and do you need it?

    Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment.

  • What is the Mitre ATT&CK framework?

    The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.

  • N

    national identity card

    A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity.

  • network vulnerability scanning

    Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points.

  • NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

    The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the internet.

  • NIST Cybersecurity Framework

    The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk.

  • nonrepudiation

    Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.

  • North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)

    The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) plan is a set of standards aimed at regulating, enforcing, monitoring and managing the security of the Bulk Electric System (BES) in North America.

  • What is a next-generation firewall (NGFW)?

    A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software.

  • What is the NSA and how does it work?

    The National Security Agency (NSA) is a federal government surveillance and intelligence agency that's part of the U.S. Department of Defense and is managed under the authority of the director of national intelligence (DNI).

  • O

    Occupational Safety and Health Administration (OSHA)

    The Occupational Safety and Health Administration (OSHA) is responsible for protecting worker health and safety in the United States.

  • OCSP (Online Certificate Status Protocol)

    OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources.

  • one-time pad

    In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.

  • one-time password

    A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single transaction or login one-time password session.

  • Open Source Hardening Project

    The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal systems in the U.S. run on open source software, the security of these applications is crucial... (Continued)

  • Open System Authentication (OSA)

    Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.

  • operational risk

    Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations.

  • orphan account

    An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.

  • out-of-band authentication

    Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password.

  • What is obfuscation and how does it work?

    Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program.

  • What is OPSEC (operations security)?

    OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.

  • P

    PA-DSS (Payment Application Data Security Standard)

    Payment Application Data Security Standard (PA-DSS) is a set of requirements intended to help software vendors develop secure payment applications for credit card transactions.

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization.

  • passphrase

    A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember and difficult to crack.

  • password manager

    A password manager is a technology tool that helps internet users create, save, manage and use passwords across different online services.

  • password salting

    Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them.

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software.

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit.

  • PCI assessment

    A PCI assessment is an audit of the 12 credit card transaction compliance requirements required by the Payment Card Industry Data Security Standard.

  • PCI compliance

    PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.

  • PCI DSS merchant levels

    Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.

  • Pegasus malware

    Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram.

  • pen testing (penetration testing)

    A penetration test, also called a pen test or ethical hacking, is a cybersecurity technique that organizations use to identify, test and highlight vulnerabilities in their security posture.

  • personally identifiable information (PII)

    Personally identifiable information (PII) is any data that could potentially identify a specific individual.

  • phishing

    Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.

  • plaintext

    In cryptography, plaintext is usually ordinary readable text before it is encrypted into ciphertext or after it is decrypted.

  • Plundervolt

    Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).

  • possession factor

    The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software token.

  • post-quantum cryptography

    Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.

  • principle of least privilege (POLP)

    The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.

  • privacy impact assessment (PIA)

    A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.

  • private CA (private PKI)

    A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.

  • privilege creep

    Privilege creep is the gradual accumulation of access rights beyond what individuals need to do their job.

  • privileged identity management (PIM)

    Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.

  • proof of concept (PoC) exploit

    A proof of concept (PoC) exploit is a nonharmful attack against a computer or network. PoC exploits are not meant to cause harm, but to show security weaknesses within software.

  • Protected Extensible Authentication Protocol (PEAP)

    Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.

  • Public-Key Cryptography Standards (PKCS)

    Public-Key Cryptography Standards (PKCS) are a set of standard protocols, numbered from 1 to 15.

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • What is a pass-the-hash attack?

    A pass-the-hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network.

  • What is a password?

    A password is a string of characters used to verify the identity of a user during the authentication process.

  • What is a potentially unwanted program (PUP)?

    A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it.

  • What is a private key?

    A private key, also known as a secret key, is a variable in cryptography used with an algorithm to encrypt or decrypt data.

  • What is a proxy firewall?

    A proxy firewall is a network security system that protects network resources by filtering messages at the application layer.

  • What is a public key and how does it work?

    In cryptography, a public key is a large numerical value that is used to encrypt data.

  • What is a public key certificate?

    A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.

  • What is password cracking?

    Password cracking is the process of using an application program to identify an unknown or forgotten password that allows access to a computer or network resource.

  • What is passwordless authentication?

    Passwordless authentication allows a user to sign into a service without using a password. This is often done using certificates, security tokens, one-time passwords (OTPs) or biometrics.