Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • #

    credential theft

    Credential theft is a type of cybercrime that involves stealing the proof of identity of the victim, which can be either an individual or a business. Once credential theft has been successful, the attacker will have the same account privileges as the victim. Stealing credentials is the first stage in a credential-based attack.

  • A

    AAA server (authentication, authorization, and accounting)

    An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.

  • access control

    Access control is a security technique that regulates who or what can view or use resources in a computing environment.

  • access log

    An access log is a list of all the requests for individual files that people have requested from a Web site.

  • address space layout randomization (ASLR)

    Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.

  • Advanced Encryption Standard (AES)

    The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.

  • advanced evasion technique (AET)

    An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system

  • advanced persistent threat (APT)

    An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.

  • adware

    Adware is any software application in which advertising banners are displayed while a program is running.

  • alternate data stream (ADS)

    An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.

  • Android WebView

    Android WebView is a component that allows Web developers to render a web page within an Android app.

  • anonymous email

    Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.

  • anti-money laundering software (AML)

    Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)

  • antimalware (anti-malware)

    Antimalware is a type of software program created to protect IT systems and individual computers from malicious software, or malware.

  • antispoofing

    Antispoofing is a technique for countering spoofing attacks on a computer network.

  • antivirus software (antivirus program)

    Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.

  • application blacklisting

    Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.

  • asymmetric cryptography (public key cryptography)

    Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.

  • ATM black box attack

    An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.

  • attack vector

    An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.

  • Australian Assistance and Access Bill

    The Australian Assistance and Access Bill is legislation introduced and passed in 2018 by the Parliament of Australia to support law enforcement and security agencies in their ability to collect evidence from electronic devices.

  • authentication

    Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.

  • authentication factor

    An authentication factor is a category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are (the inherence factor).

  • authentication server

    An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued)

  • authentication, authorization, and accounting (AAA)

    Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.

  • Automated Fingerprint Identification System (AFIS)

    The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.

  • B

    backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

  • bimodal IAM (bimodal identity access management)

    Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.

  • biometric authentication

    Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are.

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.

  • biometric verification

    Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.

  • biometrics

    Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.

  • black hat

    Black hat refers to a hacker who breaks into a computer system or network with malicious intent. A black hat hacker may exploit security vulnerabilities for monetary gain; to steal or destroy private data; or to alter, disrupt or shut down websites and networks.

  • blended threat

    A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  

  • block cipher

    A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.

  • Blowfish

    Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.

  • BlueKeep (CVE-2019-0708)

    BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.

  • bot worm

    A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that functions as a vehicle for the spread of viruses, Trojans and spam... (Continued)

  • botnet

    A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner.

  • bridge

    A bridge is a class of network device that’s designed to connect networks at OSI Level 2, which is the data link layer of a local-area network (LAN).

  • bring your own apps (BYOA)

    Bring your own apps (BYOA) is the trend toward employee use of third-party applications and cloud services in the workplace. BYOA, like the BYOD trend towards user-owned devices in the workplace, is an example of the increasing consumerization of IT.

  • Bring Your Own Authentication (BYOA)

    Bring Your Own Authentication (BYOA) is a computing concept in which employee-owned devices are used as authentication credentials within the enterprise.

  • browser hijacker (browser hijacking)

    A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.

  • browser isolation

    Browser isolation is a cybersecurity model for web browsing that can be used to physically separate an internet user’s browsing activity from their local machine, network and infrastructure.

  • brute force attack

    Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

  • buffer overflow

    A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service attacks.

  • buffer underflow

    Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the temporary holding space during information transfer, the buffer, is fed at a lower rate than it is being read from.

  • Bugbear

    Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.

  • build your own app (BYOA)

    Build your own app (BYOA) is an increasing trend towards the creation of applications by people without software development skills.

  • BYOI (bring your own identity)

    BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon.

  • C

    cache poisoning (DNS poisoning, web cache poisoning)

    Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.

  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

    A CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is a type of challenge-response system designed to differentiate humans from robotic software programs.

  • card-not-present fraud (card-not-present transaction)

    Card-not-present (CNP) fraud is the unauthorized use of a payment card to conduct a card-not-present transaction when the cardholder cannot or does not physically present the card at the time of the transaction.

  • cardholder data (CD)

    Cardholder data (CD) refers to the primary account number (PAN) of a payment card belonging to a cardholder, along with any of the following data types: cardholder name, expiration date or service code (a three- or four-digit number coded onto the magnetic-stripe that specifies acceptance requirements and limitations for a magnetic-stripe-read transaction).

  • cardholder data environment (CDE)

    A cardholder data environment or CDE is a computer system or networked group of IT systems that processes, stores and/or transmits cardholder data or sensitive payment authentication data, as well as any component that directly connects to or supports this network.

  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

    Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard for wireless local area networks (WLANs), particularly those using WiMax technology... (Continued)

  • certificate authority (CA)

    A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key.

  • Certificate Revocation List (CRL)

    A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid and trustworthy.

  • Certified Cloud Security Professional (CCSP)

    The Certified Cloud Security Professional (CCSP) certification is intended for experienced IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of the six CCSP domains.

  • Certified Information Security Manager (CISM)

    Certified Information Security Manager (CISM) is an advanced certification which indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.

  • Certified Information Systems Auditor (CISA)

    The Certified Information Systems Auditor (CISA) is a certification and globally recognized standard for appraising an IT auditor's knowledge, expertise and skill in assessing vulnerabilities and instituting IT controls in an enterprise environment. 

  • Certified Information Systems Security Professional (CISSP)

    Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².

  • challenge-response authentication

    In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, programs or activities.

  • CHAP (Challenge-Handshake Authentication Protocol)

    CHAP (Challenge-Handshake Authentication Protocol) is a more secure procedure for connecting to a system than the Password Authentication Procedure (PAP).

  • checksum

    A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions.

  • Chernobyl virus

    The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.

  • cipher

    In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.

  • cipher block chaining (CBC)

    Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.

  • ciphertext feedback (CFB)

    Ciphertext feedback (CFB) is a mode of operation for a block cipher. In contrast to the cipher block chaining (CBC) mode, which encrypts a set number of bits of plaintext at a time, it is at times desirable to encrypt and transfer some plaintext values instantly one at a time, for which ciphertext feedback is a method.

  • Cisco Certified Security Professional (CCSP)

    A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)

  • CISO (chief information security officer)

    The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

  • CISO as a service (vCISO, virtual CISO, fractional CISO)

    A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.

  • claims-based identity

    Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.

  • Class C2

    Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.

  • click fraud (pay-per-click fraud)

    Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.

  • cloaking

    Cloaking is the masking of the sender's name and address in an e-mail note or distribution.

  • COBIT

    COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.

  • cold boot attack

    A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.

  • Common Body of Knowledge (CBK)

    In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.

  • Common Vulnerabilities and Exposures (CVE)

    Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.

  • Common Weakness Enumeration (CWE)

    Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)

  • computer cracker

    A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.

  • computer exploit

    A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.

  • computer forensics (cyber forensics)

    Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.

  • computer worm

    A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.

  • content filtering (information filtering)

    On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.

  • context-aware security

    Context-aware security is the use of situational information (such as identity, location, time of day or type of endpoint device) to improve information security decisions.

  • continuous authentication

    Continuous authentication is a method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis.

  • cookie poisoning

    On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.

  • copyright

    Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative expression, including books, video, movies, music and computer programs.

  • CRAM (challenge-response authentication mechanism)

    CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).

  • cross-site scripting (XSS)

    Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.

  • cryptanalysis

    Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them.

  • cryptographic checksum

    A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.

  • cryptographic nonce

    A nonce is a random or semi-random number that is generated for a specific use, typically related to cryptographic communication or information technology.

  • cryptography

    Cryptography is a method of protecting information and communications through the use of codes so that only those for whom the information is intended can read and process it.

  • cryptology

    Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.

  • cryptosystem

    A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.

  • CSR (Certificate Signing Request)

    A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to issue a certificate.

SearchCloudSecurity
SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close