Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.- social engineering penetration testing - Social engineering pen testing is designed to test employees' adherence to the security policies and practices defined by management.
- spambot - A spambot is an automated system that sends unwanted, unsolicited messages to users, known as spam.
- spear phishing - Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.
- spyware - Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.
- SS7 attack - An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking.
- stack overflow - A stack overflow is a type of buffer overflow error that occurs when a computer program tries to use more memory space in the call stack than has been allocated to that stack.
- stateful inspection - Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.
- stealth virus - A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.
- storage security - Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks and unavailable to other entities.
- stream cipher - A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.
- strong password - A strong password is one that is designed to be hard for a person or program to guess.
- Structured Threat Information eXpression (STIX) - Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.
- supply chain attack - A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain.
- supply chain security - Supply chain security is the part of supply chain management that focuses on the risk management of external suppliers, vendors, logistics and transportation.
- SYN flood attack - A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server.
- SYN scanning - SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection.
- tailgating (piggybacking) - Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises.
- threat actor - A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security.
- threat detection and response (TDR) - Threat detection and response (TDR) is the process of identifying potential threats and reacting to them before they impact the business.
- threat intelligence (cyber threat intelligence) - Threat intelligence, also known as cyber threat intelligence (CTI), is information collected from various sources about current or potential attacks that threaten an organization.
- threat modeling - Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.
- timing attack - A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.
- token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
- tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
- Top 10 spyware threats - The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool.
- Tor browser - The Tor (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis.
- Transport Layer Security (TLS) - Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.
- TrickBot malware - TrickBot is sophisticated modular malware that started as a banking Trojan but has evolved to support many different types of attacks, including ransomware.
- Trojan horse - In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.
- trusted computing base (TCB) - A trusted computing base (TCB) is everything in a computing system that provides a secure environment for operations.
- Trusted Platform Module (TPM) - A Trusted Platform Module (TPM) is a specialized chip on a device designed to secure hardware with cryptographic keys.
- tunneling or port forwarding - Tunneling or port forwarding is the transmission of data intended for use only within a private -- usually corporate -- network through a public network in such a way that the public network's routing nodes are unaware that the transmission is part of a private network.
- two-factor authentication (2FA) - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
- Twofish - Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.
- unified threat management (UTM) - Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.
- USB Killer - USB Killer is a device that connects to USB drives and delivers a surge which can damage or destroy unprotected hardware.
- user behavior analytics (UBA) - User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems.
- virtual local area network hopping (VLAN hopping) - Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system.
- virtual machine escape - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.
- virus (computer virus) - A computer virus is a type of malware that attaches itself to a program or file.
- virus hoax - A virus hoax is a false warning about a computer virus.
- virus signature (virus definition) - A virus signature, also known as a 'virus definition,' is a piece of code with a unique binary pattern that identifies a computer virus or family of viruses.
- vishing (voice or VoIP phishing) - Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities.
- voice squatting - Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced.
- vulnerability assessment - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.
- vulnerability disclosure - Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware.
- vulnerability management - Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.
- WannaCry ransomware - WannaCry ransomware is a cyber attack that spreads by exploiting vulnerabilities in the Windows operating system.
- war driving (access point mapping) - War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks (WLANs) while driving around a city or elsewhere.
- watering hole attack - A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.
- Web bug (Web beacon) - A Web bug, also known as a Web beacon, is a file object (usually a graphic image such as a transparent GIF) that is placed on a Web page or in an e-mail message to monitor user behavior.
- whaling attack (whaling phishing) - A whaling attack, also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company.
- What is a private cloud? - Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.
- What is incident response? A complete guide - Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.
- What is ransomware? How it works and how to remove it - Ransomware is a type of malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment.
- What is SecOps? Everything you need to know - SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC.
- white hat hacker - A white hat hacker -- or ethical hacker -- is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
- Wi-Fi (802.11x standard) - Wi-Fi is a term for certain types of wireless local area networks (WLAN) that use specifications in the IEEE 802.
- Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for computing devices equipped with wireless internet connections.
- Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
- Windows Defender Exploit Guard - Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.
- wipe - Wipe, in a computing context, means to erase all data on a hard drive to render it unreadable.
- Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
- Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP.
- wiretapping - Wiretapping is the surreptitious electronic monitoring and interception of phone-, fax- or internet-based communications.
- zero-day (computer) - A zero-day is a security flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw.