Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
What is biometric authentication?
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify their identity.
-
What is a message authentication code (MAC)? How it works and best practices
A message authentication code (MAC) is a cryptographic checksum applied to a message to guarantee its integrity and authenticity.
-
What is the principle of least privilege (POLP)?
The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
What is the FDA (U.S. Food and Drug Administration)?
The FDA (U.S. Food and Drug Administration) is an agency within the U.S. Department of Health and Human Services (HHS) responsible for protecting public health by ensuring the safety, efficacy and security of human and veterinary drugs, biological products, medical devices, food supply, cosmetics, and products that emit radiation.
-
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats.
-
What is a CISO as a service (CISOaaS)?
CISO as a service, or CISOaaS, is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats.
-
What is the domain name system (DNS)?
The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses.
-
What is ingress filtering?
Ingress filtering is a method used by enterprises and internet service providers to prevent suspicious traffic from entering a network.
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
What is health informatics?
Health informatics is the practice of applying insight gained from acquiring and analyzing health and biomedical data to help clinicians make better healthcare-related decisions and improve patient care.
-
What is a CISO (chief information security officer)?
The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program.
-
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
What is cloud infrastructure entitlement management (CIEM)?
Cloud infrastructure entitlement management (CIEM) is a modern cloud security discipline for managing identities and privileges in cloud environments.
-
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats.
-
What is a threat actor?
A threat actor, also called a malicious actor, is an entity that poses a security risk and seeks to cause harm to individuals, devices, networks or digital systems, often by exploiting vulnerabilities.