Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • G

    government Trojan

    A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly.

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

  • grid authentication

    Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of letters and numbers in rows and columns, the method is sometimes referred to as bingo card authentication.

  • H

    hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

  • hacktivism

    Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.

  • hardware security module (HSM)

    A hardware security module (HSM) is a physical device that provides extra security for sensitive data.

  • Hash-based Message Authentication Code (HMAC)

    Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.

  • Heartbleed

    Heartbleed is a vulnerability in some implementations of OpenSSL. Because OpenSSL is used by approximately 66% of all active websites on the Internet, many experts have called Heartbleed one of the worst security bugs in the history of the Internet.

  • homomorphic encryption

    Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.

  • honey monkey

    A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system expressly set up to attract and "trap" people who attempt to penetrate other people's computers... (Continued)

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.

  • hypervisor security

    Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.

  • I

    identity governance

    Identity governance is the policy-based centralized orchestration of user identity management and access control.

  • identity management (ID management)

    Identity management (ID management) is the organizational process for ensuring that individuals have the appropriate access to technology resources.

  • identity provider

    An identity provider (IdP) is a system component that provides an end user or internet-connected device with a single set of login credentials that ensures the entity is who or what it says it is across multiple platforms, applications and networks.

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book.

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.

  • incident response plan (IRP)

    An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.

  • incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.

  • Indicators of Compromise (IOC)

    Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.

  • information assurance

    Information assurance (IA) is the practice of protecting against and managing risk related to the use, storage and transmission of data and information systems.

  • information security (infosec)

    Information security, often shortened to infosec, is the practice, policies and principles to protect data and other kinds of information.

  • information-centric security

    Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.

  • inherence factor

    The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.

  • inherent risk

    Inherent risk is a category of threat that describes potential losses or pitfalls that exist before internal security controls or mitigating factors are implemented.

  • inline network device

    An inline network device is one that receives packets and forwards them to their intended destination.

  • insecure deserialization

    Insecure deserialization is a vulnerability in which an untrusted or unknown data is used to either inflict a denial of service attack (DoS attack), execute code, bypass authentication or further abuse the logic behind an application.

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • internal control

    An internal control is a business practice, policy or procedure that is established within an organization to create value or minimize risk.

  • International Data Encryption Algorithm (IDEA)

    The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.

  • International Information Systems Security Certification Consortium (ISC)2

    The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.

  • Internet Key Exchange (IKE)

    Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.

  • intrusion prevention system (IPS)

    An intrusion prevention system (IPS) is a network security and threat prevention tool.

  • IP spoofing

    Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from.

  • IPsec (Internet Protocol Security)

    IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.

  • ISO 27002 (International Organization for Standardization 27002)

    The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.

  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for risk management from the International Organization for Standardization.

  • ISSA (Information Systems Security Association)

    The Information Systems Security Association, commonly known as ISSA, is an international, nonprofit organization for information security professionals.

  • What is identity and access management? Guide to IAM

    Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.

  • What is integrated risk management (IRM)?

    Integrated risk management (IRM) is a set of coordinated business practices and supporting software tools that contribute to an organization's ability to understand and manage risk holistically across all departments and third-party dependencies.

  • J

    JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

  • jolt

    On the Internet, jolt is a denial of service (DoS) attack caused by a very large ICMP packet that is fragmented in such a way that the targeted machine is unable to reassemble it for use.

  • juice jacking

    Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device’s power supply passes over the same USB cable the connected device uses to sync data.

  • K

    Kerberos

    Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.

  • key fob

    A key fob is a small, programmable device that provides access to a physical object.

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer.

  • keystroke dynamics

    Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.

  • knowledge factor

    The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.

  • knowledge-based authentication (KBA)

    In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.

  • Kraken

    Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day. (Continued...)

  • L

    LEAP (Lightweight Extensible Authentication Protocol)

    LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

  • logic bomb

    A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.

  • logon (or login)

    In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.

  • Luhn algorithm (modulus 10)

    The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers.

  • NICE Framework

    The National Initiative for Cybersecurity Education Cybersecurity Workforce Framework (NICE Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.

  • M

    macro virus

    A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word.

  • madware

    Madware is a type of aggressive advertising that affects smartphones and tablets. The name, which is a portmanteau combining the words mobile and adware, was coined by the security vendor Symantec to describe a type of intrusive advertising that currently affects Android smartphones and tablets.

  • mail bomb

    A mail bomb is a form of a denial-of-service (DoS) attack designed to overwhelm an inbox or inhibit a server by sending a massive number of emails to a specific person or system.

  • malvertisement (malicious advertisement or malvertising)

    A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.

  • malware

    Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.

  • Malwarebytes software

    Malwarebytes is a cross-platform anti-malware program that detects and removes malware and other rogue software.

  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.

  • man-in-the-disk (MITD) attack

    Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.

  • mandatory access control (MAC)

    Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or device.

  • MD5

    The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

  • Melissa virus

    Melissa was a type of email virus that initially become an issue in early 1999.

  • Meltdown and Spectre flaws

    Meltdown and Spectre flaws are variations on vulnerabilities to most computer chips manufactured in the past 20 years that can gain access to data and information stored on the device.

  • memory-scraping malware

    Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes.

  • message authentication code (MAC)

    A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.

  • messaging security

    Messaging security is a subcategory of unified threat management (UTM) focused on securing and protecting an organization’s communication infrastructure.

  • metamorphic and polymorphic malware

    Metamorphic and polymorphic malware are two types of malicious software (malware) that can change their code as they propagate through a system.

  • Metamorphic virus

    A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.

  • micro VM (micro virtual machine)

    A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.

  • Microsoft Enhanced Mitigation Experience Toolkit (EMET)

    Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental security defenses to defend potentially vulnerable legacy and third-party applications.

  • Microsoft FIM (Microsoft Forefront Identity Manager)

    Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite.

  • Microsoft Schannel (Microsoft Secure Channel)

    The Microsoft Secure Channel or Schannel is a security package that facilitates the use of Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) encryption on Windows platforms.

  • Microsoft Security Essentials (MSE)

    Microsoft Security Essentials (MSE) is an antimalware software product made by Microsoft that provides protection for client computers against viruses, worms, Trojans, spyware and other malicious software on Windows XP, Windows Vista and Windows 7 systems.

  • MITRE ATT&CK framework

    The MITRE ATT&CK (pronounced 'miter attack') framework is a free, globally accessible service that provides comprehensive and up-to-date cyberthreat information to organizations looking to strengthen their cybersecurity strategies.

  • mobile authentication

    Mobile authentication is the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access.

  • multifactor token

    Multifactor tokens are security tokens that use more than one category of credential to confirm user authentication. The standard categories of authentication credentials are knowledge factors things that the user knows) inherence factors (things that the user is) and possession factors (things that the user has).

  • mutual authentication

    Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.

  • What is multifactor authentication and how does it work?

    Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.

  • Windows Defender Advanced Threat Protection (ATP)

    Windows Defender Advanced Threat Protection (ATP) is a Microsoft security solution that is designed to help enterprise-class organizations detect and respond to security threats.

  • N

    national identity card

    A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of September 11, 2001, many countries have discussed issuing national identity cards as a way to distinguish terrorists from the law-abiding population. (Continued)

  • National Security Agency (NSA)

    The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI).

  • network behavior anomaly detection (NBAD)

    Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.

  • network vulnerability scanning

    A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures.

  • next-generation firewall (NGFW)

    A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software.

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the internet.

  • NIST Cybersecurity Framework

    The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.

  • nonrepudiation

    Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.

  • North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)

    The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) plan is a set of standards aimed at regulating, enforcing, monitoring and managing the security of the Bulk Electric System (BES) in North America.

  • O

    obfuscation

    Obfuscation means to make something difficult to understand.

  • Occupational Safety and Health Administration (OSHA)

    Occupational Safety and Health Administration (OSHA) is a federal organization (part of the Department of Labor) that ensures safe and healthy working conditions for Americans by enforcing standards and providing workplace safety training.

  • OCSP (Online Certificate Status Protocol)

    OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources.

SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close