Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • R

    What is risk appetite?

    Risk appetite is the amount of risk an organization is willing to take in pursuit of objectives it deems have value.

  • What is risk management and why is it important?

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • S

    Same Origin Policy (SOP)

    The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integrity of information.

  • sandbox (software testing and security)

    A sandbox is an isolated testing environment that enables users to run programs or open files without affecting the application, system or platform on which they run.

  • screened subnet

    A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces.

  • script kiddie

    Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses.

  • Secure Electronic Transaction (SET)

    Secure Electronic Transaction (SET) is a system and electronic protocol to ensure the integrity and security of transactions conducted over the internet.

  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

  • Securities and Exchange Commission (SEC)

    The Securities and Exchange Commission (SEC) is the U.S. government agency that oversees the nation's securities industry.

  • security

    Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.

  • security analytics

    Security analytics is an approach to cybersecurity that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.

  • Security as a Service (SaaS)

    Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided in-house by an external organization.

  • Security Assertion Markup Language (SAML)

    Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.

  • security awareness training

    Security awareness training is a formal process for educating employees and third-party stakeholders, like contractors and business partners, how to protect an organization's computer systems, along with its data, people and other assets, from internet-based threats or criminals.

  • security clearance

    A security clearance is an authorization that allows access to information that would otherwise be forbidden.

  • security debt

    Security debt is a variant of technical debt that occurs when organizations do not invest enough money or resources into security efforts upfront. The term compares the pressures of monetary debt with the long-term burden developers and IT teams face when security shortcuts are taken.

  • security identifier (SID)

    In the context of Windows computing and Microsoft Active Directory (AD), a security identifier (SID) is a unique value that is used to identify any security entity that the operating system (OS) can authenticate.

  • security information and event management (SIEM)

    Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system.

  • security information management (SIM)

    Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs and various other data sources.

  • security operations center (SOC)

    A security operations center (SOC) is a command center facility for a team of IT professionals with expertise in information security who monitors, analyzes and protects an organization from cyber attacks.

  • security policy

    A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets.

  • security posture

    Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyber threats.

  • security token

    A security token is a physical or digital device that provides two-factor authentication for a user to prove their identity in a login process.

  • self-sovereign identity

    Self-sovereign identity (SSI) is a model for managing digital identities in which an individual or business has sole ownership over the ability to control their accounts and personal data. 

  • Sender Policy Framework (SPF)

    Sender Policy Framework (SPF) is a protocol designed to restrict who can use an organization's domain as the source of an email message.

  • session key

    A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.

  • set

    A set is a group or collection of objects or numbers, considered as an entity unto itself. SET is also an acronym for Secure Electronic Transaction.

  • shadow password file

    A shadow password file, also known as /etc/shadow, is a system file in Linux that stores encrypted user passwords and is accessible only to the root user, preventing unauthorized users or malicious actors from breaking into the system.

  • Shared Assessments Program

    Shared Assessments is a third party risk membership program that provides organizations with a way to obtain a detailed report about a service provider's controls (people, process and procedures) and a procedure for verifying that the information in the report is accurate.

  • Shared Key Authentication (SKA)

    Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.

  • shared secret

    A shared secret is data known to only the two entities involved in a communication so that either party's possession of that data can be provided as proof of identity for authentication.

  • Shellshock

    Shellshock is the common name for a coding vulnerability found in the Bash shell user interface that affects Unix-based operating systems, including Linux and Mac OS X, and allows attackers to remotely gain complete control of a system.

  • shoulder surfing

    Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.

  • side-channel attack

    A side-channel attack is a security exploit that aims to gather information from or influence the program execution of a system by measuring or exploiting indirect effects of the system or its hardware -- rather than targeting the program or its code directly.

  • signature analysis

    Signature analysis has two meanings. It can involve scrutinizing human signatures in order to detect forgeries and it can be a troubleshooting technique in which an AC signal with a specific waveform is applied across a component.

  • signature file

    A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.

  • single sign-on (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications.

  • single-factor authentication (SFA)

    Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.

  • smart card

    A smart card is a physical card that has an embedded integrated chip that acts as a security token.

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data.

  • SOAR (security orchestration, automation and response)

    SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events without human assistance.

  • SOC 1 (System and Organization Controls 1)

    System and Organization Controls 1, or SOC 1 (pronounced "sock one"), aims to control objectives within a SOC 1 process area and documents internal controls relevant to an audit of a user entity's financial statements.

  • Soc 2 (Service Organization Control 2)

    A Service Organization Control 2 (Soc 2) reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy.

  • Soc 3 (Service Organization Control 3)

    A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls in security, availability, processing integrity, confidentiality or privacy.

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain.

  • social media policy

    A social media policy (also called a social networking policy)  is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person.

  • soft token

    A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display.

  • spam filter

    A spam filter is a program used to detect unsolicited, unwanted and virus-infected emails and prevent those messages from getting to a user's inbox.

  • spam trap

    A spam trap is an email address that is used to identify and monitor spam email.

  • spear phishing

    Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.

  • speculative risk

    Speculative risk is a category of risk that can be taken on voluntarily and will either result in a profit or loss. 

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • SSAE 16

    The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), for redefining and updating how service companies report on compliance controls.

  • SSL (secure sockets layer)

    Secure sockets layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.

  • SSL certificate (Secure Sockets Layer certificate)

    A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser.

  • SSL checker (secure socket layer checker)

    An SSL checker (Secure Sockets Layer checker) is a tool that helps an organization verify proper installation of an SSL certificate on a Web server to ensure it is valid, trusted and will work properly for its users.

  • SSL VPN (Secure Sockets Layer virtual private network)

    An SSL VPN is a type of virtual private network (VPN) that uses the Secure Sockets Layer (SSL) protocol -- or, more often, its successor, the Transport Layer Security (TLS) protocol -- in standard web browsers to provide secure, remote access VPN capability.

  • stealth virus

    A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.

  • STIX (Structured Threat Information eXpression)

    STIX (Structured Threat Information eXpression) is an XML programming language that allows cybersecurity threat data to be shared.

  • stream cipher

    A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.

  • strong cryptography

    Strong cryptography is used by most governments around the world to protect communications. It involves secreted and encrypted communication that is not amenable to cryptographic analysis.

  • Stuxnet

    The Stuxnet worm is a rootkit exploit that targets supervisory control and data acquisition (SCADA) systems.

  • sudo (superuser do)

    Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and arguments.

  • supercookie

    A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a user's internet browsing history and habits.

  • supply chain attack

    A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain.

  • SYN flood attack

    A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server.

  • systemic risk

    Systemic risk is a category of risk that describes threats to a system, market or economic segment.

  • What is SecOps? Everything you need to know

    SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC.

  • What is steganography?

    Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.

  • T

    TAN (transaction authentication number)

    A transaction authentication number (TAN) is a type of single-use password used for an online banking transaction in conjunction with a standard ID and password. TANs are often in a list made by a financial institution and sent to the owner of the account.

  • TDL-4 (TDSS or Alureon)

    TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.

  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.

  • three-factor authentication (3FA)

    Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledge, possession and inherence categories.

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to computer systems.

  • timing attack

    A timing attack looks at how long it takes a system to do something and allows the attacker, through statistical analysis, to learn enough about the system to find the decryption key needed to gain access to it.

  • tokenization

    Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.

  • total risk

    Total risk is an assessment that identifies all of the risk factors, including potential internal and external threats and liabilities, associated with pursuing a specific plan or project or buying or selling an investment.

  • Transport Layer Security (TLS)

    Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.

  • TrickBot malware

    A TrickBot is malware designed to steal banking information.

  • trigraph

    A trigraph is a three-character replacement for a special or nonstandard character in a text file.

  • Trojan horse (computing)

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.

  • TrueCrypt

    TrueCrypt is a cross-platform open source program for file and full disk encryption (FDE).

  • Trusted Cloud Initiative

    The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and practices.

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)

  • trusted computing base (TCB)

    A trusted computing base (TCB) is everything in a computing system that provides a secure environment for operations.

  • two-factor authentication (2FA)

    Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.

  • two-step verification

    Two-step verification requires the sequential use of two authentication methods to verify that someone or something is who or what they are declared to be. In contrast with two-factor authentication processes, the methods in two-step verification can belong to the same category of authentication factors.

  • Twofish

    Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.

  • U

    unified threat management (UTM)

    Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.

  • United States Secret Service (USSS)

    The United States Secret Service (USSS) is a federal law enforcement agency mandated by Congress to carry out two sets of primary objectives: provide protection for designated sites and events as well as national and visiting leaders, and preserve the integrity of the U.S. economy by safeguarding the nation's financial infrastructure and payment systems.

  • unknowable risk

    An unknowable risk is a potential threat to an organization's processes that is not known and cannot be quantified or controlled.

  • user account provisioning

    User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of access to software and data is is consistent and simple to administer.

  • user authentication

    User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a human-to-machine transfer of credentials during interactions on a network to confirm a user's authenticity.

  • user behavior analytics (UBA)

    User behavior analytics (UBA) is a process in which security teams use monitoring tools to track, collect and assess the network activities of all individuals accessing those system to detect potentially malicious activity.

  • user profile

    In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.

  • USGCB (United States Government Configuration Baseline)

    The United States Government Configuration Baseline, or USGCB, is a government-wide initiative that provides guidance on information security configuration best practices for IT products leveraged by federal agencies.

  • V

    vandal

    A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.

  • Verizon Data Breach Investigations Report (DBIR)

    The Verizon Data Breach Investigations Report (DBIR) is an annual publication that provides data from and analysis of information security incidents, with a specific focus on data breaches.

  • Verizon VERIS (Vocabulary for Event Recording and Incident Sharing) Framework

    The VERIS (Vocabulary for Event Recording and Incident Sharing) Framework is a taxonomy that standardizes how security incidents are described and categorized.

  • virtual firewall

    A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.

SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close