Get started

Bring yourself up to speed with our introductory content.

Security Resources

  • email spoofing

    Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Continue Reading

  • physical security

    Physical security is the protection of people and systems from damage or loss due to physical events such as fire, flood, disasters, crimes or accidents. Continue Reading

  • buffer overflow

    A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service ... Continue Reading

  • private key (secret key)

    A private (secret) key is an encryption key whose value should never be made public. The term may refer to the private key of an asymmetric key pair or a key shared by parties who are using symmetric encryption. Continue Reading

  • spyware

    Spyware is software that is installed on a computing device without the user's knowledge or permission. Continue Reading

  • Kerberos

    Kerberos is the authentication protocol used by most operating systems. Each time a Windows client logs into a corporate network, Kerberos is being used to authenticate access.Continue Reading

  • Transport Layer Security (TLS)

    The Transport Layer Security (TLS) protocol defines a mechanism to encrypt and maintain data integrity for communications over a network.Continue Reading

  • Certificate Revocation List (CRL)

    A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid ...Continue Reading

  • Trojan horse

    A Trojan horse is a program that appears harmless but is, in fact, malicious. Attackers have long used Trojan horses as a way to trick end users into installing malware.Continue Reading

  • honeypot (honey pot)

    A honeypot is a computer system that is set up to act as a decoy to lure cyberattacks and to detect, deflect, or study attempts to gain unauthorized access to information systems.Continue Reading

  • Secure Shell (SSH)

    Secure Shell (SSH) is a network protocol that secures data communications between computers on an insecure network using strong authentication and encryption. SSH also refers to the utility suite that implements the protocol, and which can be used ...Continue Reading

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.Continue Reading

  • cyberextortion

    Cyberextortion is a crime involving an attack or threat of attack against an enterprise, coupled with a demand for money to avert or stop the attack.Continue Reading

  • phishing

    Phishing is a form of fraud in which the attacker tries to learn information -- such as login credentials or account information -- by masquerading as a reputable entity or person in email, IM, or other communication channels.Continue Reading


    EINSTEIN monitors and analyzes Internet traffic when it moves in and out of U.S. federal computer networks.Continue Reading