Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
  • What is ransomware? Definition and complete guide - Ransomware is malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment.
  • What is red teaming? - Red teaming is the practice of rigorously challenging plans, policies, systems and assumptions with an adversarial approach.
  • What is role-based access control (RBAC)? - Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.
  • What is SAML (Security Assertion Markup Language)? - Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.
  • What is security automation? - Security automation uses technology to remove high-volume manual processes from security operations to detect cyberthreats, which saves time by integrating different workflows into repeatable processes.
  • What is security by design? - Security by design is an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices.
  • What is segregation of duties (SoD)? - Segregation of duties (SoD) is an internal control mechanism designed to prevent errors and fraud by ensuring at least two individuals are responsible for the separate parts of any task.
  • What is shared responsibility model? - A shared responsibility model is a cloud security framework that dictates the security obligations of a cloud computing provider and its users to ensure accountability.
  • What is SIEM (Security Information and Event Management)? - Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system.
  • What is SSH (Secure Shell) and How Does It Work? - SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network.
  • What is static application security testing (SAST)? - Static application security testing (SAST) is the process of analyzing and testing application source code for security vulnerabilities.
  • What is the CIA triad (confidentiality, integrity and availability)? - The CIA triad refers to confidentiality, integrity and availability, describing a model designed to guide policies for information security within an organization.
  • What is the Cybersecurity Information Sharing Act (CISA)? - The Cybersecurity Information Sharing Act (CISA) allows United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
  • What is the dark web (darknet)? - The dark web is an encrypted portion of the internet not visible to the general public via a traditional search engine such as Google.
  • What is the Mitre ATT&CK framework? - The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.
  • What is the Nessus vulnerability scanning platform? - Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources.
  • What is the RSA algorithm? - The RSA algorithm (Rivest-Shamir-Adleman) is a public key cryptosystem that uses a pair of keys for securing digital communication and transactions over insecure networks, such as the internet.
  • What is the Twofish encryption algorithm? - Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.
  • What is the zero-trust security model? - The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs.
  • What is threat intelligence? - Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization.
  • What is Transport Layer Security (TLS)? - Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.
  • What is two-factor authentication (2FA)? - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
  • What is unified endpoint management (UEM)? A complete guide - Unified endpoint management (UEM) is an approach to securing and controlling desktop computers, laptops, smartphones and tablets in a connected, cohesive manner from a single console.
  • What is unified threat management (UTM)? - Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.
  • white hat hacker - A white hat hacker -- or ethical hacker -- is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
  • Wi-Fi (802.11x standard) - Wi-Fi is a term for certain types of wireless local area networks (WLAN) that use specifications in the IEEE 802.
  • Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for computing devices equipped with wireless internet connections.
  • Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
  • Windows Defender Exploit Guard - Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.
  • Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
  • Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP.
  • Wireshark - Wireshark is a widely used network protocol analyzer that lets users capture and view the details of network traffic in real time.
  • X.509 certificate - An X.509 certificate is a digital certificate that uses the widely accepted international X.
  • zero-day vulnerability - A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it.
  • Zoombombing - Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app.