Get started

Two Factor and Multifactor Authentication Strategies

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading

• access list (AL)

  An access list (AL) is a list of permissions used in physical and information technology (IT) security to control who is allowed contact with a corporate asset.  The asset can be a building, a room or a computer file.  Continue Reading

• Microsoft FIM (Microsoft Forefront Identity Manager)

  Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite. Continue Reading

• Enterprise mobile device security 2012

  SearchSecurity.com's editors surveyed nearly 500 enterprise security professionals on mobile device security in the enterprise. Continue Reading

• Computer Fraud and Abuse Act (CFAA)

  The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization. Continue Reading

• Definitions to Get Started

  • encryption
  • X.509 certificate
  • directory traversal
  • malware

  • man in the browser (MitB)
  • Patch Tuesday
  • parameter tampering
  • SYN flood attack

  View All Definitions

• Zeus Trojan (Zbot)

  Zeus, also known as Zbot, is a malware toolkit that allows a cybercriminal to build his own Trojan Horse. A Trojan Horse is programming that appears to be legitimate but actually hides an attack.Continue Reading

• memory-scraping malware

  Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes.Continue Reading

• Occupational Safety and Health Administration (OSHA)

  Occupational Safety and Health Administration (OSHA) is a federal organization (part of the Department of Labor) that ensures safe and healthy working conditions for Americans by enforcing standards and providing workplace safety training.Continue Reading

• differential power analysis (DPA)

  A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.Continue Reading

• information-centric security

  Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.Continue Reading

• Trusted Cloud Initiative

  The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and ...Continue Reading

• Cloudburst VM escape

  Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware ...Continue Reading

• Soc 3 (Service Organization Control 3)

  A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls in security, availability, processing integrity, confidentiality or privacy.Continue Reading

• Soc 2 (Service Organization Control 2)

  A Service Organization Control 2 (Soc 2) reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy.Continue Reading

• PCI DSS 2.0

  PCI DSS 2.0 (Payment Card Industry Data Security Standard Version 2.0) is the second version of the Payment Card Industry Data Security Standard (PCI DSS).Continue Reading

• PCI Security Standards Council

  The PCI Security Standards Council is an organization created by the major credit card companies in an effort to better protect credit card holder data.Continue Reading

• PCI QSA

  Payment Card Industry Qualified Security Assessor (PCI QSA) is a designation conferred by the PCI Security Standards Council to individuals it deems qualified to perform PCI assessments and consulting servicesContinue Reading

• PCI policy

  A PCI policy is a type of security policy that covers how an organization addresses the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS).Continue Reading

• Security School: Data breach prevention strategies

  In this lesson, expert Nick Lewis establishes a baseline data breach prevention strategy every enterprise should have in place.Continue Reading

• ENISA (European Network and Information Security Agency)

  The European Network and Information Security Agency (ENISA) is a European Union (EU) agency dedicated to preventing and addressing network security and information security problems.Continue Reading

• Technical Guide on SIM

  Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting.Continue Reading

• RSA Conference 2012 to feature cloud computing, mobile threats

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• RSA Conference 2012: Special Conference Coverage

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• Security School: Network content monitoring must-haves

  In this new lesson, expert Mike Chapple explores how to best prioritize and strategize for data protection investments to protect key content.Continue Reading

• Duqu (W32.Duqu)

  Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.Continue Reading

• enterprise security governance

  Enterprise security governance is a company's strategy to reduce risk by protecting systems and information, as well as its execution of that strategy.Continue Reading

• homomorphic encryption

  Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without ...Continue Reading

• social media policy

  A social media policy (also called a social networking policy)  is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person.Continue Reading

• TDL-4 (TDSS or Alureon)

  TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.Continue Reading

• application blacklisting

  Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or ...Continue Reading

• malvertisement (malicious advertisement or malvertising)

  A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.Continue Reading

• blue pill rootkit

  The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources. Joanna Rutkowska, a security researcher for Singapore-based IT security firm COSEINC, developed the Blue Pill rootkit as proof-of-concept malware, ...Continue Reading

• Common Weakness Enumeration (CWE)

  Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)Continue Reading

• internal control

  An internal control is a business practice, policy or procedure that is established within an organization to create value or minimize risk.Continue Reading

• BIOS rootkit attack

  A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code. A BIOS rootkit is programming that enables remote administration.Continue Reading

• BIOS rootkit

  A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS ...Continue Reading

• authentication, authorization, and accounting (AAA)

  Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading

• wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.Continue Reading

• privilege escalation attack

  A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.Continue Reading

• domain rotation

  Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist...Continue Reading

• user account provisioning

  User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading

• advanced evasion technique (AET)

  An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection systemContinue Reading

• Pwn2Own

  Pwn2Own is an annual hacking competition sponsored by security vendor TippingPoint and held at the CanSecWest security conference.Continue Reading

• alternate data stream (ADS)

  An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.Continue Reading

• endpoint fingerprinting

  Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems,...Continue Reading

• bot worm

  A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that...Continue Reading

• Security as a Service (SaaS)

  Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided ...Continue Reading

• Qualified Security Assessor (QSA)

  A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance.Continue Reading

• FAQ: An introduction to the ISO 31000 risk management standard

  Learn more about ISO 31000:2009, a new risk management standard: It's plainly written, short, process-oriented and relevant reading for anyone dealing with risk.Continue Reading

• national identity card

  A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of ...Continue Reading

• government Trojan

  A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals ...Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.Continue Reading

• Same Origin Policy (SOP)

  The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integrity of information.Continue Reading

• Operation Phish Phry

  Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities.Continue Reading

• data masking

  Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. The purpose is to protect the actual data while having a ...Continue Reading

• RAT (remote access Trojan)

  A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the...Continue Reading

• FERPA (Family Educational Rights and Privacy Act of 1974)

  FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.Continue Reading

• Class C2

  Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.Continue Reading

• honey monkey

  A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system ...Continue Reading

• LEAP (Lightweight Extensible Authentication Protocol)

  LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 ...Continue Reading

• PEAP (Protected Extensible Authentication Protocol)

  PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local ...Continue Reading

• phlashing

  Phlashing is a permanent denial of service (PDoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable... (Continued)Continue Reading

• password hardening

  Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process.Continue Reading

• keystroke dynamics

  Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)Continue Reading

• anti-money laundering software (AML)

  Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)Continue Reading

• DNS rebinding attack

  DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works on widely-used routers such as D-Link and Linksys and could, in fact, target any device that uses a...Continue Reading

• Kraken

  Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam ...Continue Reading

• Open Source Hardening Project

  The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal...Continue Reading

• finger vein ID

  Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)Continue Reading

• role mining

  Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading

• PAN truncation (primary account number)

  PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued)Continue Reading

• Rock Phish

  Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit ...Continue Reading

• JavaScript hijacking

  JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)Continue Reading

• defense in depth

  Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)Continue Reading

• phreak

  A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.Continue Reading

• user profile

  In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.Continue Reading

• logon (or login)

  In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading

• cloaking

  Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

• Cisco Certified Security Professional (CCSP)

  A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

• digest authentication

  Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

• trusted computing

  Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

• Quiz: Who Done IT? A Murder Mystery

  How to take the quiz: - After reading the question, click on the answer that you think is correctContinue Reading

• blended threat

  A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  Continue Reading

• Klez

  Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading

• CRAM (challenge-response authentication mechanism)

  CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).Continue Reading

• MICR (magnetic ink character recognition)

  MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.Continue Reading

• trigraph

  A trigraph is a three-character replacement for a special or nonstandard character in a text file.Continue Reading

• Electronic Signatures in Global and National Commerce Act (e-signature bill)

  The Electronic Signatures in Global and National Commerce Act (often referred to as the e-signature bill) specifies that in the United States, the use of a digital signature is as legally valid as a traditional signature written in ink on paper.Continue Reading

• set

  A set is a group or collection of objects or numbers, considered as an entity unto itself. SET is also an acronym for Secure Electronic Transaction.Continue Reading

• executable

  In computers, to execute a program is to run the program in the computer, and, by implication, to start it to run.Continue Reading

• globbing

  Globbing is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network. A wildcard is a symbol that can stand for one or more characters...Continue Reading

• sudo (superuser do)

  Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and ...Continue Reading

• Bugbear

  Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.Continue Reading

• signature file

  A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.Continue Reading

• vandal

  A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.Continue Reading

• jolt

  On the Internet, jolt is a denial of service (DoS) attack caused by a very large ICMP packet that is fragmented in such a way that the targeted machine is unable to reassemble it for use.Continue Reading

• probe

  In telecommunications generally, a probe is an action taken or an object used for the purpose of learning something about the state of the network.Continue Reading

• An introduction to SSH2

  Learn about the differences between SSH1 and SSH2 and why you should consider upgrading.Continue Reading