null Definitions

Search Definitions
  • C

    CVSS (Common Vulnerability Scoring System)

    The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in software.

  • cyber attack

    A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage.

  • cyber attribution

    Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.

  • cyber espionage

    Cyber espionage, also called cyber spying, is a form of cyber attack that is carried out against a competitive company or government entity.

  • cyber hijacking

    Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.

  • cyber hygiene

    Cyber hygiene (or cybersecurity hygiene) is a cybersecurity practice that maintains the basic health and security of hardware and software.

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

  • cyberextortion

    Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.

  • cybersecurity

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • cybersecurity insurance (cybersecurity liability insurance)

    Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.

  • cyberstalking

    Cyberstalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group.

  • cyberterrorism

    According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.'

  • cyberwarfare

    The generally accepted definition of cyberwarfare is the use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.

  • D

    data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion.

  • Data Encryption Standard (DES)

    The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.

  • data masking

    Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. The purpose is to protect the actual data while having a functional substitute for occasions when the real data is not required.

  • data splitting

    Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.

  • defense in depth

    Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)

  • denial-of-service attack

    A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources.

  • deprovisioning

    Deprovisioning is the process of removing access to a system from an end user who will no longer be utilizing that system.

  • destruction of service (DeOS) attack

    A destruction-of-service (DeOS) attack is a form of cyberattack that targets an organization's entire online presence as well as their ability to recover from the attack afterwards.

  • dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document.

  • differential power analysis (DPA)

    A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.

  • Diffie-Hellman key exchange (exponential key exchange)

    Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming... (Continued)

  • digest authentication

    Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)

  • digital certificate

    A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.

  • Digital Signature Standard (DSS)

    Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents.

  • directory traversal

    Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.

  • DMZ (networking)

    In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks -- usually the public internet.

  • DNS attack

    A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system (DNS).

  • DNS over HTTPS (DoH)

    DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.

  • DNS rebinding attack

    DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works on widely-used routers such as D-Link and Linksys and could, in fact, target any device that uses a default password and Web-based administration... (Continued)

  • domain fluxing

    Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.

  • domain generation algorithm (DGA)

    A domain generation algorithm or DGA is a computer program used to create domain names, typically for the purpose of propagating remotely controlled Web-based malware.

  • domain rotation

    Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist the malware distributor.

  • DOS (Disk Operating System)

    DOS (Disk Operating System) can refer to a computer operating system that is loaded from a disk drive or to an operating system based on Microsoft Disk Operating System (MS-DOS).

  • Dridex malware

    Dridex is a form of malware that targets its victim's banking information.

  • drive-by pharming

    Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)

  • dumpster diving

    Dumpster diving is looking for treasure in someone else's trash.

  • Duo Security

    Duo Security is a vendor of cloud-based two-factor authentication products.

  • Duqu (W32.Duqu)

    Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.

  • E

    EINSTEIN

    EINSTEIN monitors and analyzes Internet traffic when it moves in and out of U.S. federal computer networks.

  • Electronic Code Book (ECB)

    Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.

  • electronic discovery (e-discovery or ediscovery)

    Electronic discovery (also called e-discovery or ediscovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case.

  • Electronic Signatures in Global and National Commerce Act (e-signature bill)

    The Electronic Signatures in Global and National Commerce Act (often referred to as the e-signature bill) specifies that in the United States, the use of a digital signature is as legally valid as a traditional signature written in ink on paper.

  • Elk Cloner

    Elk Cloner was the first computer virus known to have spread in the wild.

  • elliptical curve cryptography (ECC)

    Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.

  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • email spoofing

    Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.

  • email virus

    An email virus consists of malicious code that is distributed in email messages, and it can be activated when a user clicks on a link in an email message, opens an email attachment or interacts in some other way with the infected email message.

  • Encrypting File System (EFS)

    The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.

  • encryption

    Encryption is the method by which information is converted into secret code that hides the information's true meaning.

  • end-to-end encryption (E2EE)

    End-to-end encryption is a secure method of transferring data from one end device to another without allowing third-party interference.

  • endpoint detection and response (EDR)

    Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats.

  • endpoint fingerprinting

    Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems, medical equipment and IP-enabled door locks. Such endpoints are sometimes referred to as "dumb devices."

  • endpoint security management

    Endpoint security management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources.

  • ethical hacker

    An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.

  • Evil Corp

    Evil Corp is an international cybercrime network that uses malicious software to steal money from its victims' bank accounts.

  • evil maid attack

    An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.  An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's knowledge. 

  • evil twin

    An evil twin, in security, is a rogue wireless access point that masquerades as a legitimate hot spot.

  • executable

    In computers, to execute a program is to run the program in the computer, and, by implication, to start it to run.

  • Extensible Authentication Protocol (EAP)

    The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.

  • extrusion prevention

    Extrusion prevention, also called exfiltration prevention, is the practice of stopping data leaks by filtering outbound network traffic and preventing unauthorized packets from moving outside the network. In contrast, extrusion detection simply alerts the existence of a problem that should be investigated.

  • F

    Federal Information Security Management Act (FISMA)

    The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information, operations and assets.

  • federated identity management

    Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.

  • FERPA (Family Educational Rights and Privacy Act of 1974)

    FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.

  • FIDO (Fast Identity Online)

    FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization that seeks to standardize authentication at the client and protocol layers.

  • finger vein ID

    Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)

  • firewall

    A firewall is software or firmware that prevents unauthorized access to a network.

  • footprinting

    In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins.

  • four-factor authentication (4FA)

    Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.

  • fraud detection

    Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud is a criminal act of deception done by unjustly claiming accomplishments or qualities for financial or personal gain.

  • FRCP Rule 41

    FRPC Rule 41 is the part of the United States Federal Rules of Criminal Procedure that covers the search and seizure of physical and digital evidence.

  • fuzz testing (fuzzing)

    Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.

  • G

    Google Authenticator

    Google Authenticator is a security application used to verify user identities before granting access to websites and services. The application uses a two-step verification process involving two-factor authentication to make it less likely that an intruder can masquerade as an authorized user.

  • Google Play Protect

    Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.

  • Google Play services

    The Google Play services app runs in the background on Android devices and gives apps access to core functionalities such as authentication services; it should not be disabled.

  • Google Project Zero

    Google Project Zero is a security research unit within Google Inc.

  • government Trojan

    A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly.

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

  • grid authentication

    Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of letters and numbers in rows and columns, the method is sometimes referred to as bingo card authentication.

  • H

    hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

  • hacktivism

    Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.

  • Hash-based Message Authentication Code (HMAC)

    Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.

  • Heartbleed

    Heartbleed is a vulnerability in some implementations of OpenSSL. Because OpenSSL is used by approximately 66% of all active websites on the Internet, many experts have called Heartbleed one of the worst security bugs in the history of the Internet.

  • homomorphic encryption

    Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.

  • honey monkey

    A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system expressly set up to attract and "trap" people who attempt to penetrate other people's computers... (Continued)

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.

  • I

    identity governance

    Identity governance is the policy-based centralized orchestration of user identity management and access control.

  • identity management (ID management)

    Identity management (ID management) is the organizational process for ensuring that individuals have the appropriate access to technology resources.

  • identity provider

    An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and networks. When a third-party website prompts end users to log in with their Google Account, for example, Google Sign-In is the identity provider.

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk.

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.

  • incident response plan (IRP)

    An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.

  • incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.

  • Indicators of Compromise (IOC)

    Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.

SearchCloudSecurity
SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close