Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.SHO - ZER
- shoulder surfing - Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.
- side-channel attack - A side-channel attack is a security exploit that aims to gather information from or influence the program execution of a system by measuring or exploiting indirect effects of the system or its hardware -- rather than targeting the program or its code directly.
- SIGINT (signals intelligence) - SIGINT (signals intelligence) is information gained by the collection and analysis of the electronic signals and communications of a given target.
- single sign-on (SSO) - Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications.
- single-factor authentication (SFA) - Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.
- smart card - A smart card is a physical card that has an embedded integrated chip that acts as a security token.
- smart home or building (home automation or domotics) - A smart home is a residence that uses internet-connected devices to enable the remote monitoring and management of appliances and systems, such as lighting and heating.
- SMS spam (cell phone spam or short messaging service spam) - SMS spam (sometimes called cell phone spam) is any junk message delivered to a mobile phone as text messaging through the Short Message Service (SMS).
- snooping - Snooping, in a security context, is unauthorized access to another person's or company's data.
- Snort - Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch.
- SOAR (security orchestration, automation and response) - Security orchestration, automation and response, or SOAR, is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.
- social engineering - Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain.
- social engineering penetration testing - Social engineering pen testing is designed to test employees' adherence to the security policies and practices defined by management.
- spambot - A spambot is an automated system that sends unwanted, unsolicited messages to users, known as spam.
- spear phishing - Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.
- spyware - Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.
- SS7 attack - An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking.
- stack overflow - A stack overflow is a type of buffer overflow error that occurs when a computer program tries to use more memory space in the call stack than has been allocated to that stack.
- stateful inspection - Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.
- stealth virus - A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.
- stingray (IMSI catcher) - A stingray is a mobile surveillance device also known as an IMSI (International Mobile Subscriber Identity) catcher or a cell site simulator.
- STIX (Structured Threat Information eXpression) - STIX (Structured Threat Information eXpression) is an XML programming language that allows cybersecurity threat data to be shared.
- storage security - Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks -- and unavailable to other entities.
- stream cipher - A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.
- strong password - A strong password is one that is designed to be hard for a person or program to guess.
- supercookie - A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a user's internet browsing history and habits.
- supply chain attack - A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain.
- supply chain security - Supply chain security is the part of supply chain management that focuses on the risk management of external suppliers, vendors, logistics and transportation.
- SYN flood attack - A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server.
- SYN scanning - SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection.
- tailgating (piggybacking) - Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises.
- threat actor - A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security.
- threat intelligence (cyber threat intelligence) - Threat intelligence, also known as cyber threat intelligence (CTI), is information collected from various sources about current or potential attacks that threaten an organization.
- threat modeling - Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.
- timing attack - A timing attack looks at how long it takes a system to do something and allows the attacker, through statistical analysis, to learn enough about the system to find the decryption key needed to gain access to it.
- token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
- tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
- Top 10 spyware threats - The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool.
- Tor browser - The Tor (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis.
- Transport Layer Security (TLS) - Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.
- TrickBot malware - TrickBot is sophisticated modular malware that started as a banking Trojan but has evolved to support many different types of attacks, including ransomware.
- Trojan horse - In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.
- trusted computing base (TCB) - A trusted computing base (TCB) is everything in a computing system that provides a secure environment for operations.
- Trusted Platform Module (TPM) - A Trusted Platform Module (TPM) is a specialized chip on a device designed to secure hardware with cryptographic keys.
- tunneling or port forwarding - Tunneling is the transmission of data intended for use only within a private, usually corporate network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.
- two-factor authentication (2FA) - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
- Twofish - Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.
- unified threat management (UTM) - Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.
- USB Killer - USB Killer is a device that connects to USB drives and delivers a surge which can damage or destroy unprotected hardware.
- user behavior analytics (UBA) - User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems.
- virtual local area network hopping (VLAN hopping) - Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system.
- virtual machine escape - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.
- virus (computer virus) - A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works.
- virus hoax - A virus hoax is a false warning about a computer virus.
- virus signature (virus definition) - A virus signature (also known as a virus definition) is a file or multiple files that are downloaded by a security program to identify a computer virus.
- vishing (voice or VoIP phishing) - Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities.
- voice signature - A voice signature is a type of electronic signature that uses an individual’s recorded verbal agreement in place of a handwritten signature.
- vulnerability assessment (vulnerability analysis) - A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.
- vulnerability disclosure - Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware.
- WannaCry ransomware - The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system.
- war driving (access point mapping) - War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks (WLANs) while driving around a city or elsewhere.
- watering hole attack - A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.
- weaponized information - Weaponized information is a message or content piece that is designed to affect the recipient's perception about something or someone in a way that is not warranted.
- Web bug (Web beacon) - A Web bug, also known as a Web beacon, is a file object (usually a graphic image such as a transparent GIF) that is placed on a Web page or in an e-mail message to monitor user behavior.
- whaling attack (whaling phishing) - A whaling attack, also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company.
- What is a private cloud? - Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.
- What is cybersecurity insurance (cybersecurity liability insurance)? - Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.
- What is cybersecurity? - Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.
- What is incident response? Plans, teams and tools - Incident response is an organized, strategic approach to detecting and managing cyber attacks in ways that minimize damage, recovery time and total costs.
- What is integrated risk management (IRM)? - Integrated risk management (IRM) is a set of coordinated business practices and supporting software tools that contribute to an organization's ability to understand and manage risk holistically across all departments and third-party dependencies.
- What is multifactor authentication and how does it work? - Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.
- What is risk analysis? - Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.
- What is SecOps? Everything you need to know - SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC.
- What is steganography? - Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.
- What is the CIA triad (confidentiality, integrity and availability)? - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
- white hat hacker - A white hat hacker -- or ethical hacker -- is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.
- Wi-Fi (802.11x standard) - Wi-Fi is the popular term for high-frequency wireless local area network (WLAN) technology and a standard that has gained acceptance in many companies as an alternative to a wired LAN.
- Wi-Fi Protected Access (WPA) - Wi-Fi Protected Access (WPA) is a security standard for computing devices equipped with wireless internet connections.
- Wiegand - Wiegand is the trade name for a technology used in card readers and sensors, particularly for access control applications.
- Windows Defender Exploit Guard - Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.
- wipe - Wipe, in a computing context, means to erase all data on a hard drive to render it unreadable.
- Wired Equivalent Privacy (WEP) - Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.
- Wireless Transport Layer Security (WTLS) - Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP.
- wiretapping - Wiretapping is the surreptitious electronic monitoring of telephone, telegraph, cellular, fax or Internet-based communications.
- zero-day (computer) - A zero-day is a security flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw.