Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
What is single sign-on (SSO)?
Single sign-on (SSO) is a session and user authentication service that lets users access multiple applications or systems with a single set of login credentials.
-
What is perfect forward secrecy (PFS)?
Perfect forward secrecy (PFS), also known as forward secrecy, is an encryption style known for producing temporary private key exchanges between clients and servers.
-
What is ESG reporting? Importance and how to get started
ESG reporting is a type of corporate disclosure that details an organization's environmental, social and governance (ESG) promises, efforts and progress.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
What is the ISO 31000 Risk Management standard?
The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.
-
What is vulnerability management? Definition, process and strategy
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.
-
What is cyber resilience?
Cyber resilience is the ability of a computing system to identify, respond to and recover quickly from a security incident.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
What is cyber resilience?
Cyber resilience is the ability of a computing system to identify, respond to and recover quickly from a security incident.
-
What is single sign-on (SSO)?
Single sign-on (SSO) is a session and user authentication service that lets users access multiple applications or systems with a single set of login credentials.
-
What is a SYN flood DoS attack?
A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. This exploit is also known as a 'half-open attack.'
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
What is vulnerability management? Definition, process and strategy
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.
-
What is phishing? Understanding enterprise phishing threats
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.
-
What is cyber resilience?
Cyber resilience is the ability of a computing system to identify, respond to and recover quickly from a security incident.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
What is vulnerability management? Definition, process and strategy
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.
-
What is phishing? Understanding enterprise phishing threats
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.
-
What is cyber resilience?
Cyber resilience is the ability of a computing system to identify, respond to and recover quickly from a security incident.