P - Definitions

Search Definitions
  • P

    PA-DSS (Payment Application Data Security Standard)

    Payment Application Data Security Standard (PA-DSS) is a set of requirements intended to help software vendors develop secure payment applications for credit card transactions.

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization.

  • pass the hash attack

    A pass the hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network.

  • passphrase

    A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember and difficult to crack.

  • password

    A password is a string of characters used to verify the identity of a user during the authentication process.

  • password cracking

    Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.

  • password manager

    A password manager is a technology tool that helps internet users create, save, manage and use passwords across different online services.

  • password salting

    Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them.

  • passwordless authentication

    Passwordless authentication is signing into a service without using a password.

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software.

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit.

  • PCI assessment

    A PCI assessment is an audit of the 12 credit card transaction compliance requirements required by the Payment Card Industry Data Security Standard.

  • PCI compliance

    PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.

  • PCI DSS 12 requirements

    The PCI DSS 12 requirements are a set of security controls businesses must implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).

  • PCI DSS merchant levels

    Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.

  • Pegasus malware

    Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram.

  • pen testing (penetration testing)

    A penetration test, also called a pen test or ethical hacking, is a cybersecurity technique that organizations use to identify, test and highlight vulnerabilities in their security posture.

  • personally identifiable information (PII)

    Personally identifiable information (PII) is any data that could potentially identify a specific individual.

  • pharming

    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent.

  • phishing

    Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.

  • physical security

    Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.

  • PKI (public key infrastructure)

    PKI (public key infrastructure) is the underlying framework that enables entities -- users and servers -- to securely exchange information using digital certificates.

  • plaintext

    In cryptography, plaintext is usually ordinary readable text before it is encrypted into ciphertext or after it is decrypted.

  • Plundervolt

    Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).

  • polymorphic virus

    A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to detect with antimalware programs.

  • possession factor

    The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software token.

  • post-quantum cryptography

    Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.

  • potentially unwanted program (PUP)

    A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it.

  • Pretty Good Privacy (PGP)

    Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.

  • principle of least privilege (POLP)

    The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.

  • privacy impact assessment (PIA)

    A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.

  • private CA (private PKI)

    A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.

  • private key

    A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt data.

  • privilege creep

    Privilege creep is the gradual accumulation of access rights beyond what individuals need to do their job.

  • privileged access management (PAM)

    Privileged access management (PAM) is the combination of tools and technology used to secure, control and monitor access to an organization's critical information and resources.

  • privileged identity management (PIM)

    Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.

  • promiscuous mode

    In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique.

  • proof of concept (PoC) exploit

    A proof of concept (PoC) exploit is a non-harmful attack against a computer or network. PoC exploits are not meant to cause harm, but to show security weaknesses within software.

  • Protected Extensible Authentication Protocol (PEAP)

    Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.

  • proxy firewall

    A proxy firewall is a network security system that protects network resources by filtering messages at the application layer.

  • public key

    In cryptography, a public key is a large numerical value that is used to encrypt data.

  • public key certificate

    A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.

  • Public-Key Cryptography Standards (PKCS)

    Public-Key Cryptography Standards (PKCS) are a set of standard protocols, numbered from 1 to 15.

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close