Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
  • PCI DSS merchant levels - Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.
  • Peltzman Effect - The Peltzman Effect is the net-zero effect on overall safety between the presence of safety precautions and people’s tendency to be less cautious in their presence.
  • Pen Testing as a Service (PTaaS) - Pen testing as a service (PTaaS) is a cloud service that provides information technology (IT) professionals with the resources they need to conduct and act upon point-in-time and continuous penetration tests.
  • performance testing - Performance testing is a testing measure that evaluates the speed, responsiveness and stability of a computer, network, software program or device under a workload.
  • personal health record (PHR) - A personal health record (PHR) is an electronic summary of health information that a patient maintains control of themselves, as opposed to their healthcare provider.
  • phishing - Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.
  • ping sweep (ICMP sweep) - A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).
  • plaintext - In cryptography, plaintext is usually ordinary readable text before it is encrypted into ciphertext or after it is decrypted.
  • post-quantum cryptography - Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.
  • principle of least privilege (POLP) - The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.
  • privacy compliance - Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation.
  • private CA (private PKI) - A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.
  • private certificate authority (CA) - Private CA stands for private certificate authority and is an enterprise specific certificate authority that functions like a publicly trusted CA but is exclusively run by or for the enterprise.
  • privileged identity management (PIM) - Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.
  • proof of concept (PoC) exploit - A proof of concept (PoC) exploit is a nonharmful attack against a computer or network.
  • proxy hacking - Proxy hacking is a cyber attack technique designed to supplant an authentic webpage in a search engine's index and search results pages to drive traffic to an imitation site.
  • Public-Key Cryptography Standards (PKCS) - Public-Key Cryptography Standards (PKCS) are a set of standard protocols, numbered from 1 to 15.
  • quantum key distribution (QKD) - Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.
  • RADIUS (Remote Authentication Dial-In User Service) - RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
  • rainbow table - A rainbow table is a password hacking tool that uses a precomputed table of reversed password hashes to crack passwords in a database.
  • RAT (remote access Trojan) - A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer.
  • raw device mapping - Raw device mapping (RDM) enables disk access in a virtual machine (VM) in the VMware server virtualization environment and allows a storage logical unit number (LUN) to be connected directly to a VM from the storage area network (SAN).
  • remote wipe - Remote wipe is a security feature that allows a network administrator or device owner to send a command that remotely deletes data from a computing device.
  • Report on Compliance (ROC) - A Report on Compliance (ROC) is a form that must be completed by all Level 1 Visa merchants undergoing a PCI DSS (Payment Card Industry Data Security Standard) audit.
  • return merchandise authorization (RMA) - An RMA (return merchandise authorization) is a numbered authorization provided by a mail-order or e-commerce merchant to permit the return of a product.
  • Rijndael - Rijndael (pronounced rain-dahl) is an Advanced Encryption Standard (AES) algorithm.
  • risk analysis - Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.
  • risk assessment framework (RAF) - A risk assessment framework (RAF) is a strategy for prioritizing and sharing information about the security risks to an information technology (IT) infrastructure.
  • role mining - Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise.
  • scareware - Scareware is a type of malware tactic used to manipulate victims into downloading or buying potentially malware-infested software.
  • screened subnet - A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces.
  • script kiddie - Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses.
  • secure access service edge (SASE) - Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native security technologies and delivers them as a single cloud service.
  • Secure Electronic Transaction (SET) - Secure Electronic Transaction (SET) is a system and electronic protocol to ensure the integrity and security of transactions conducted over the internet.
  • Secure File Transfer Protocol (SSH File Transfer Protocol) - SFTP is a term that refers to either Secure File Transfer Protocol or SSH File Transfer Protocol, and is a computing network protocol for accessing and managing files on remote systems.
  • Secure Sockets Layer certificate (SSL certificate) - A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.
  • Security Accounts Manager - The Security Accounts Manager (SAM) is a database file in the Microsoft Windows operating system that contains usernames and passwords.
  • security analytics - Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.
  • security audit - A security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to an established set of criteria.
  • security awareness training - Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.
  • security clearance - A security clearance is an authorization that allows access to information that would otherwise be forbidden.
  • security identifier (SID) - In the context of Windows computing and Microsoft Active Directory (AD), a security identifier (SID) is a unique value that is used to identify any security entity that the operating system (OS) can authenticate.
  • security incident - A security incident is an event that could indicate that an organization's systems or data have been compromised or that security measures put in place to protect them have failed.
  • security information management (SIM) - Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs and various other data sources.
  • security policy - A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets.
  • security theater - Security theater includes any measures taken by a company or security team to create an atmosphere of safety that may only achieve the appearance of heightened security.
  • security through obscurity - Security through obscurity (STO) is reliance upon secrecy in software development to minimize the chance that weaknesses may be detected and targeted.
  • security token - A security token is a physical or wireless device that provides two-factor authentication (2FA) for users to prove their identity in a login process.
  • Sender Policy Framework (SPF) - Sender Policy Framework (SPF) is a protocol designed to restrict who can use an organization's domain as the source of an email message.
  • sensitive information - Sensitive information is data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization.
  • session ID - A session ID, also called a session token, is a unique identifier that a web server assigns to a user for the duration of the current session.
  • shadow password file - A shadow password file, also known as /etc/shadow, is a system file in Linux that stores encrypted user passwords and is accessible only to the root user, preventing unauthorized users or malicious actors from breaking into the system.
  • Shared Key Authentication (SKA) - Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
  • shoulder surfing - Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.
  • single sign-on (SSO) - Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a username and password -- to access multiple applications.
  • single-factor authentication (SFA) - Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials.
  • smart card - A smart card is a physical card that has an embedded integrated chip that acts as a security token.
  • smart home - A smart home is a residence that uses internet-connected devices to enable the remote monitoring and management of appliances and systems, such as lighting and heating.
  • smishing (SMS phishing) - Smishing -- or Short Message Service (SMS) phishing -- is a social engineering tactic cybercriminals use to trick people into divulging sensitive information over text messages.
  • snooping - Snooping, in a security context, is unauthorized access to another person's or company's data.
  • Snort - Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch.
  • SOAR (security orchestration, automation and response) - SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.
  • social engineering penetration testing - Social engineering penetration testing is the practice of deliberately conducting typical social engineering scams on employees to ascertain the organization's level of vulnerability to this type of exploit.
  • software bill of materials (SBOM) - A software bill of materials (SBOM) is an inventory of all constituent components and software dependencies involved in the development and delivery of an application.
  • software-defined perimeter (SDP) - A software-defined perimeter, or SDP, is a security technique that controls access to resources based on identity and forms a virtual boundary around networked resources.
  • spear phishing - Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.
  • SQL injection (SQLi) - A SQL injection (SQLi) is a technique that attackers use to gain unauthorized access to a web application database by adding a string of malicious code to a database query.
  • stateful inspection - Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.
  • stealth virus - A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.
  • storage security - Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks and unavailable to other entities.
  • strong authentication - Although it is not a standardized term, with set criteria, strong authentication can be said to be any method of verifying the identity of a user or device that is intrinsically stringent enough to ensure the security of the system it protects by withstanding any attacks it is likely to encounter.
  • strong password - A strong password is one that is designed to be hard for a person or program to guess.
  • Structured Threat Information eXpression (STIX) - Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.
  • supercookie - A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits.
  • SYN flood attack - A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server.
  • SYN scanning - SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection.
  • Testing as a Service (TaaS) - Testing as a service (TaaS) is an outsourcing model in which testing activities associated with some of an organization's business activities are performed by a service provider rather than in-house employees.
  • threat actor - A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that affects -- or has the potential to affect -- an organization's security.
  • three-factor authentication (3FA) - Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories.
  • token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
  • tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
  • Top searches of 2008 - What were people searching the WhatIs.
  • Tor browser - The Tor (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis.
  • triage in IT - Triage is a term referring to the assignment of priority levels to tasks or individuals to determine the most effective order in which to deal with them.
  • trusted computing base (TCB) - A trusted computing base (TCB) is everything in a computing system that provides a secure environment for operations.
  • Trusted Platform Module (TPM) - A Trusted Platform Module (TPM) is a specialized chip on a device designed to secure hardware with cryptographic keys.
  • tunneling or port forwarding - Tunneling or port forwarding is the transmission of data intended for use only within a private -- usually corporate -- network through a public network in such a way that the public network's routing nodes are unaware that the transmission is part of a private network.
  • user account provisioning - User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system.
  • virtual appliance - Considered a software equivalent of a hardware device, a virtual appliance (VA) is a preconfigured software solution.
  • virtual firewall - A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.
  • virtual local area network hopping (VLAN hopping) - Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system.
  • virtual machine escape - A virtual machine escape is an exploit in which an attacker runs code on a VM that lets the operating system (OS) running within it break out and interact directly with the hypervisor.
  • virtualization-based security (VBS) - Virtualization-based security (VBS) is a technology that abstracts computer processes from the underlying operating system (OS) and, in some cases, hardware.
  • virus (computer virus) - A computer virus is a type of malware that attaches itself to a program or file.
  • virus hoax - A virus hoax is a false warning about a computer virus.
  • VUCA (volatility, uncertainty, complexity and ambiguity) - VUCA is an acronym that stands for volatility, uncertainty, complexity and ambiguity -- qualities that make a situation or condition difficult to analyze, respond to or plan for.
  • vulnerability (information technology) - A vulnerability, in information technology (IT), is a flaw in code or design that creates a potential point of security compromise for an endpoint or network.
  • vulnerability and patch management - Vulnerability management is a pro-active approach to managing network security.
  • vulnerability assessment - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.
  • vulnerability disclosure - Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware.