Glossary
A comprehensive glossary of key cybersecurity terms, including encryption, phishing, and intrusion detection systems, to enhance your security knowledge.
Authentication
Authentication is the process of verifying the identity of a person or a thing, by checking a password, a hardware token or any other object that can prove the identity of the person.
Read more: What is authentication? | Cloudflare
Availability
Just as it is important that unauthorized users are kept out of an organization’s data, data should be available to authorized users whenever they require it. This means keeping systems, networks, and devices up and running.
Read more: What is the CIA Triad? Definition, Importance, & Examples
Back Door
Back door is any technique used by an attacker to remotely access a device without the knowledge or permission of the user.
Read more: What is a Backdoor Attack | Shell & Trojan Removal | Imperva
Blue Team
An internal security team whose goal is to defend the organization’s security environment from the red team.
Read more: What is a Blue Team? | XM Cyber
Botnet
Botnet, formed from the amalgamation of the words ‘robot’ and ‘network’, is a network of computers built to help hackers enhance their capacity to carry out mass cyberattacks, using applications designed to run automated scripts called bots.
Read more: What is a Botnet? (kaspersky.com)
CI/CD pipeline
Continuous Integration and Continuous Deployment (CI/CD) pipeline is a series of steps focused on improving the reliability of the software delivery process.
Read more: CI/CD Pipeline & Security: A Guide to Continuous Integration and Delivery | Fortinet
CIA Triad
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Read more: confidentiality, integrity and availability (CIA triad)
Cloud Security
Cloud security, also known as cloud computing security, includes policies, controls and procedures to protect cloud-based systems and data.
Read more: What is Cloud Security? | Microsoft Security
Confidentiality
Confidentiality has to do with keeping an organization’s data private. This often means that only authorized users and processes should be able to access or modify data.
Read more: What is the CIA Triad? Definition, Importance, & Examples
Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) is a web security vulnerability where an attacker manipulates a victim user to perform actions which he doesn’t intend to.
Read more: Cross Site Request Forgery (CSRF) | OWASP Foundation
Cryptography
Cryptography is the method of converting information to a form such that only the intended person is able to read it. The main intention of this technique is to secure information and communication.
Read more: What is Cryptography? Definition, Importance, Types | Fortinet
CVE
CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer vulnerabilities. When someone refers to a CVE, they mean a security flaw that’s been assigned a CVE ID number.
Read more: FAQs | CVE
CWE
CWE, short for Common Weakness Enumeration, is a formal list of common software and hardware weaknesses that can occur in a computer system, and which can lead to security vulnerabilities that can be exploited.
Read more: CWE – Frequently Asked Questions (FAQ) (mitre.org)
DAST
Dynamic application security testing (DAST) is a testing technique used to analyze web applications and detect vulnerabilities in its running state.
Read more: Definition of DAST – IT Glossary | Gartner
Data Breach
A data breach is an incident where security of a system is violated when an unauthorized person gains access to information.
Read more: What is a data breach? (norton.com)
DDoS Attack
Distributed Denial-of-Service (DDoS) is a cyber-attack carried out from multiple sources on a single victim, to make the victim site deny its services to its users.
Read more: What is a distributed denial-of-service (DDoS) attack? | Cloudflare
Decryption
Decryption is the process of converting back encrypted data into a comprehensible format. Refer more:
DevSecOps
Short for development, Security, and Operations, DevSecOps is an approach taken to integrate security at every stage of the software development lifecycle along with development and operations.
Read more: What is DevSecOps? | IBM
DOS Attack
Denial-of-Service (DOS) is a type of cyber attack where users are blocked from accessing a website by interjecting the normal functioning of the system.
Read more: What is a denial-of-service (DoS) attack? | Cloudflare
Encryption
Encryption is the process of converting readable data into incomprehensible text, known as ciphertext, so that the data cannot be comprehended by an unauthorized party. Hence the data is protected.
Read more: What is encryption? | Types of encryption | Cloudflare
Hacker
Hacker is a person who uses computer, networking, programming or related skills to hack into a cyber system, ethically or unethically.
Read more: What Is a Hacker? – Cisco