Information Security Definitions
This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.
-
#
credential theft
Credential theft is a type of cybercrime that involves stealing the proof of identity of the victim, which can be either an individual or a business. Once credential theft has been successful, the attacker will have the same account privileges as the victim. Stealing credentials is the first stage in a credential-based attack.
-
A
AAA server (authentication, authorization, and accounting)
An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.
-
access control
Access control is a security technique that regulates who or what can view or use resources in a computing environment.
-
access log
An access log is a list of all the requests for individual files that people have requested from a Web site.
-
address space layout randomization (ASLR)
Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.
-
Advanced Encryption Standard (AES)
The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.
-
advanced evasion technique (AET)
An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system
-
advanced persistent threat (APT)
An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time.
-
adware
Adware is any software application in which advertising banners are displayed while a program is running.
-
alternate data stream (ADS)
An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.
-
Android WebView
Android WebView is a component that allows Web developers to render a web page within an Android app.
-
anonymous email
Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.
-
anonymous Web surfing (Web anonymizer, SafeWeb)
Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.
-
Antigen
Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.
-
antimalware (anti-malware)
Antimalware (anti-malware) is a type of software program designed to prevent, detect and remove malicious software (malware) on IT systems, as well as individual computing devices.