Risk assessments Definitions

Browse Definitions
Search Definitions
  • C

    Certified Information Systems Auditor (CISA)

    Certified Information Systems Auditor is a credential that demonstrates an IT professional's ability to assess risk and institute technology controls. The certification is intended for IT auditors, audit managers, consultants and security professionals.

  • CISO (chief information security officer)

    The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

  • counterfeit detector pen

    A counterfeit detector pen is a felt tip pen containing an iodine solution that can be used to help identify computer-generated counterfeit bills.

  • CSSLP (certified secure software lifecycle professional)

    The CSSLP (certified secure software lifecycle professional) is a certification for security professionals who wish to strengthen and demonstrate their knowledge about application security.

  • CVSS (Common Vulnerability Scoring System)

    The CVSS (Common Vulnerability Scoring System) rates the severity of software vulnerabilities so organizations are able to prioritize mitigation.

  • G

    gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.

  • M

    micro-botnet (mini-botnet or baby botnet)

    A micro-botnet, also called a mini-botnet or baby botnet, is a small network of Internet-connected computers that have been hijacked to attack specific companies or individuals within a company.

  • U

    user behavior analytics (UBA)

    User behavior analytics (UBA) is a process in which security teams use monitoring tools to track, collect and assess the network activities of all individuals accessing those system to detect potentially malicious activity.

  • USGCB (United States Government Configuration Baseline)

    The United States Government Configuration Baseline, or USGCB, is a government-wide initiative that provides guidance on information security configuration best practices for IT products leveraged by federal agencies.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close