Cybersecurity

The total number of points (attack vectors) where an unauthorized user can try to enter or extract data from a system. Reducing the attack surface involves disabling unnecessary services, closing unus...

A hidden method of bypassing normal authentication or security controls to gain access to a system. Backdoors can be intentionally installed by developers for maintenance purposes or maliciously plant...

A network of compromised computers (bots or zombies) controlled remotely by an attacker (botmaster). Botnets are used to perform coordinated attacks such as DDoS, spam distribution, credential stuffin...

A trial-and-error method used to crack passwords, encryption keys, or login credentials by systematically trying every possible combination until the correct one is found. Countermeasures include rate...

Cross-Site Request Forgery: a type of web security vulnerability where an attacker tricks a user into performing unintended actions on a web application they're authenticated with. Protection involves...

An automated attack in which stolen username-password pairs from one data breach are systematically tested against other websites and services. This exploits the common practice of password reuse acro...

The science of securing information by transforming it into an unreadable format using mathematical algorithms. Cryptography encompasses encryption, decryption, digital signatures, hash functions, and...

An individual, group, or organization that conducts or intends to conduct malicious activities in cyberspace. Threat actors range from script kiddies and hacktivists to organized cybercriminals, natio...

Distributed Denial of Service: an attack that overwhelms a target server, service, or network by flooding it with massive amounts of traffic from multiple distributed sources, rendering it unavailable...

A security incident in which sensitive, protected, or confidential data is accessed, disclosed, or stolen by an unauthorized party. Data breaches can result from hacking, malware, insider threats, or...

A set of tools and policies designed to prevent sensitive data from being lost, misused, or accessed by unauthorized users. DLP solutions monitor, detect, and block the transfer of confidential inform...

An electronic document issued by a Certificate Authority (CA) that binds a public key to an identity (person, organization, or server). Digital certificates are fundamental to HTTPS, enabling browsers...

The process of converting plaintext data into an unreadable format (ciphertext) using an algorithm and a key, so that only authorized parties with the correct decryption key can access the original in...

The practice of securing end-user devices such as laptops, desktops, smartphones, and tablets from cybersecurity threats. Endpoint security solutions include antivirus software, endpoint detection and...

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It establishes a barrier between a trusted internal network and untrus...

General Data Protection Regulation: a comprehensive data protection law enacted by the European Union that governs how personal data of EU residents must be collected, processed, stored, and protected...

A one-way cryptographic function that converts data of any size into a fixed-length string of characters (hash). Unlike encryption, hashing is irreversible. Common algorithms include SHA-256, bcrypt,...

A decoy system or resource deliberately set up to attract and detect unauthorized access attempts. Honeypots appear to be legitimate targets but are actually monitored traps used to study attacker beh...

Intrusion Detection System / Intrusion Prevention System: network security technologies that monitor traffic for suspicious activity. An IDS detects and alerts on potential threats, while an IPS activ...

The organized approach to addressing and managing the aftermath of a security breach or cyberattack. An incident response plan includes preparation, identification, containment, eradication, recovery,...