Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • I

    incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.

  • Indicators of Compromise (IOC)

    Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.

  • information security (infosec)

    Information security, often shortened to infosec, is the practice, policies and principles to protect data and other kinds of information.

  • inherence factor

    The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.

  • inline network device

    An inline network device is one that receives packets and forwards them to their intended destination.

  • insecure deserialization

    Insecure deserialization is a vulnerability in which an untrusted or unknown data is used to either inflict a denial of service attack (DoS attack), execute code, bypass authentication or further abuse the logic behind an application.

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • International Data Encryption Algorithm (IDEA)

    IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland.

  • International Information Systems Security Certification Consortium (ISC)2

    The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.

  • Internet Key Exchange (IKE)

    The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.

  • intrusion prevention system (IPS)

    An intrusion prevention system (IPS) is a network security and threat prevention tool.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • IPsec (Internet Protocol Security)

    IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.

  • ISSA (Information Systems Security Association)

    The Information Systems Security Association, commonly known as ISSA, is an international, nonprofit organization for information security professionals.

  • What is identity and access management? Guide to IAM

    Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.

  • What is integrated risk management (IRM)?

    Integrated risk management (IRM) is a set of coordinated business practices and supporting software tools that contribute to an organization's ability to understand and manage risk holistically across all departments and third-party dependencies.

  • J

    JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

  • jolt

    On the Internet, jolt is a denial of service (DoS) attack caused by a very large ICMP packet that is fragmented in such a way that the targeted machine is unable to reassemble it for use.

  • juice jacking

    Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device’s power supply passes over the same USB cable the connected device uses to sync data.

  • K

    Kaptoxa

    Kaptoxa (pronounced kar-toe-sha) is a type of point-of-sale (POS) malware designed to compromise payment information systems.

  • Kerberos

    Kerberos is the authentication protocol used by most operating systems. Each time a Windows client logs into a corporate network, Kerberos is being used to authenticate access.

  • key

    In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.

  • key fob

    A key fob is a small, programmable hardware device that provides access to a physical object. Key fobs, are used to provide one-factor authentication for objects such as doors or automobiles. They are also used as an authentication factor for objects that require two-factor or multifactor authentication, such as laptops.

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.

  • keystroke dynamics

    Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.

  • knowledge factor

    The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.

  • knowledge-based authentication (KBA)

    In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.

  • Kraken

    Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam email messages in a day. (Continued...)

  • L

    LEAP (Lightweight Extensible Authentication Protocol)

    LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

  • logic bomb

    A logic bomb, sometimes referred to as slag code, is a string of malicious code used to cause harm to a network when the programmed conditions are met.

  • logon (or login)

    In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.

  • LUHN formula (modulus 10)

    The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.

  • NICE Framework

    The National Initiative for Cybersecurity Education Cybersecurity Workforce Framework (NICE Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.

  • M

    macro virus

    A macro virus is a computer virus written in the same macro language used for software programs, including Microsoft Excel or word processors such as Microsoft Word.

  • madware

    Madware is a type of aggressive advertising that affects smartphones and tablets. The name, which is a portmanteau combining the words mobile and adware, was coined by the security vendor Symantec to describe a type of intrusive advertising that currently affects Android smartphones and tablets.

  • mail bomb

    A mail bomb is the sending of a massive amount of e-mail to a specific person or system.

  • malvertisement (malicious advertisement or malvertising)

    A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.

  • malware

    Malware, or malicious software, is any program or file that is harmful to a computer user

  • Malwarebytes software

    Malwarebytes is a cross-platform anti-malware program that detects and removes malware and other rogue software.

  • man in the browser

    Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)

  • man-in-the-disk (MITD) attack

    Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.

  • mandatory access control (MAC)

    Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or device.

  • MD5

    The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

  • Melissa virus

    Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent to the first 50 people in each of the user's address books.

  • Meltdown and Spectre flaws

    Meltdown and Spectre flaws are variations on vulnerabilities to most computer chips manufactured in the past 20 years that can gain access to data and information stored on the device.

  • memory-scraping malware

    Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes.

  • message authentication code (MAC)

    A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.

  • messaging security

    Messaging security is a subcategory of unified threat management (UTM) focused on securing and protecting an organization’s communication infrastructure.

  • metamorphic and polymorphic malware

    Metamorphic and polymorphic malware are two categories of malicious programs that have the ability to change their code as they propagate.

  • Metamorphic virus

    A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.

  • micro VM (micro virtual machine)

    A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.

  • Microsoft Enhanced Mitigation Experience Toolkit (EMET)

    Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental security defenses to defend potentially vulnerable legacy and third-party applications.

  • Microsoft FIM (Microsoft Forefront Identity Manager)

    Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite.

  • Microsoft Schannel (Microsoft Secure Channel)

    The Microsoft Secure Channel or Schannel is a security package that facilitates the use of Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) encryption on Windows platforms.

  • Microsoft Security Essentials (MSE)

    Microsoft Security Essentials (MSE) is an antimalware software product made by Microsoft that provides protection for client computers against viruses, worms, Trojans, spyware and other malicious software on Windows XP, Windows Vista and Windows 7 systems.

  • MITRE ATT&CK framework

    The MITRE ATT&CK (pronounced 'miter attack') framework is a free, globally accessible service that provides comprehensive and up-to-date cyberthreat information to organizations looking to strengthen their cybersecurity strategies.

  • mobile authentication

    Mobile authentication is the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access.

  • multifactor authentication (MFA)

    Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.

  • multifactor token

    Multifactor tokens are security tokens that use more than one category of credential to confirm user authentication. The standard categories of authentication credentials are knowledge factors things that the user knows) inherence factors (things that the user is) and possession factors (things that the user has).

  • mutual authentication

    Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other... (Continued)

  • Windows Defender Advanced Threat Protection (ATP)

    Windows Defender Advanced Threat Protection (ATP) is a Microsoft security solution that is designed to help enterprise-class organizations detect and respond to security threats.

  • N

    national identity card

    A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of September 11, 2001, many countries have discussed issuing national identity cards as a way to distinguish terrorists from the law-abiding population. (Continued)

  • National Security Agency (NSA)

    The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI).

  • NCSA

    NCSA at the University of Illinois in Urbana, Illinois is the home of the first Web browser that had a graphical user interface.

  • network behavior anomaly detection (NBAD)

    Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.

  • network vulnerability scanning

    A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures.

  • next-generation firewall (NGFW)

    A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information Server (IIS), and computer users who opened an e-mail attachment.

  • NIST Cybersecurity Framework

    The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.

  • nonrepudiation

    Nonrepudiation is the assurance that someone cannot deny something, such as the receipt of a message or the authenticity of a statement or contract... (Continued)

  • O

    obfuscation

    Obfuscation means to make something difficult to understand.

  • OCSP (Online Certificate Status Protocol)

    OCSP (Online Certificate Status Protocol) is one of two common schemes for maintaining the security of a server and other network resources.

  • one-time pad

    In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.

  • one-time password (OTP)

    A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.

  • one-time password token (OTP token)

    A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.

  • Open Source Hardening Project

    The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal systems in the U.S. run on open source software, the security of these applications is crucial... (Continued)

  • Open System Authentication (OSA)

    Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With OSA, a computer equipped with a wireless modem can access any WEP network and receive files that are not encrypted... (Continued)

  • OpenAppID

    OpenAppID is an application-layer network security plugin for the open source intrusion detection system Snort.

  • Operation Phish Phry

    Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities.

  • Oracle Critical Patch Update (Oracle CPU)

    The Oracle Critical Patch Update (CPU) is an ongoing series of regularly issued fixes for security flaws in products made by or maintained by software giant Oracle Corp.

  • orphan account

    An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.

  • out-of-band authentication

    Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password. Out-of-band authentication is often used in financial institutions and other organizations with high security requirements.

  • P

    PA-DSS (Payment Application Data Security Standard)

    Payment Application Data Security Standard (PA-DSS) is a set of requirements that are intended to help software vendors develop secure payment applications that support PCI DSS compliance.

  • PAN truncation (primary account number)

    PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued)

  • parameter tampering

    Parameter tampering is a form of Web-based hacking event (called an attack) in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user's authorization... (Continued)

  • pass the hash attack

    A pass the hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network.

  • passphrase

    A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a message) or in an encryption or a decryption of a message.

  • password

    A password is a string of characters used to verify the identity of a user during the authentication process.

  • password cracking

    Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.

  • password hardening

    Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process.

  • passwordless authentication

    Passwordless authentication is a verification process that determines whether someone is, in fact, who they say they are without requiring the person to manually enter a string of characters.

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's scheduled release of the newest security fixes for its Windows operating system and related software applications, as detailed in the Windows Security Updates Guide.

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the military and is often associated with the capacity of executable malicious code  to do damage. Technically, the payload of a specific packet or other protocol data unit (PDU) is the actual transmitted data sent by communicating endpoints.

  • PCI assessment

    A PCI assessment is an audit of the 12 credit card transaction compliance requirements required by the Payment Card Industry Data Security Standard.

  • PCI DSS 12 requirements

    PCI DSS 12 requirements is a set of security controls that businesses are required to implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).

  • PCI DSS 2.0

    PCI DSS 2.0 (Payment Card Industry Data Security Standard Version 2.0) is the second version of the Payment Card Industry Data Security Standard (PCI DSS).

  • PCI DSS 3.0

    PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the security of electronic payment data and sensitive authentication data.

SearchCloudSecurity
SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close