Information Security Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing IT security and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

  • S

    side-channel attack

    A side-channel attack (SCA) is a security exploit that involves collecting information about what a computing device does when it is performing cryptographic operations and using that information to reverse engineer the device's cryptography system.

  • signature analysis

    Signature analysis has two meanings. It can involve scrutinizing human signatures in order to detect forgeries and it can be a troubleshooting technique in which an AC signal with a specific waveform is applied across a component.

  • signature file

    A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.

  • single sign-on (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications.

  • single-factor authentication (SFA)

    Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.

  • single-factor token

    A single-factor token is a small hardware device that produces one confirming credential for user authentication; the devices may be used in conjunction with other types of credentials for multifactor authentication.

  • smart card

    A smart card is a physical card that has an embedded integrated chip that acts as a security token.

  • smurfing

    A smurf attack is an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service.

  • snake oil

    In cryptographic and other computer products, snake oil is a negative term used to describe exaggerated claims made by vendors who are overly optimistic or purposely seeking to take advantage of consumers who do not have the expertise to judge a product...

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis.

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data during its transmission. Snooping can include casual observance of an e-mail that appears on another's computer screen or watching what someone else is typing. More sophisticated snooping uses software programs to remotely monitor activity on a computer or network device.

  • SnortSnarf

    SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open source network intrusion detection system (NIDS) that monitors network traffic in real time, scrutinizing each packet closely to detect dangerous payloads or suspicious anomalies.

  • SOAR (Security Orchestration, Automation and Response)

    SOAR (Security Orchestration, Automation and Response) is a technology stack of compatible software programs that allow an organization to collect data about security threats and alerts from multiple sources and respond to low-level security events without human assistance.

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or for financial gain.

  • soft token

    A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display.

  • spam cocktail (or anti-spam cocktail)

    A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of false positives.

  • spam filter

    A spam filter is a program that is used to detect unsolicited and unwanted email and prevent those messages from getting to a user's inbox.

  • spam trap

    A spam trap is the inclusion of an option in an online form that is preselected by default with the expectation that the user will fail to notice the option.

  • spear phishing

    Spear phishing is an email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.

  • spoof

    Spoof was a game involving trickery and nonsense that was invented by an English comedian, Arthur Roberts, prior to 1884, when it is recorded as having been "revived.

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • SSL (Secure Sockets Layer)

    Secure Sockets Layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.

  • SSL certificate (Secure Sockets Layer certificate)

    A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser.

  • SSL checker (secure socket layer checker)

    An SSL checker (Secure Sockets Layer checker) is a tool that helps an organization verify proper installation of an SSL certificate on a Web server to ensure it is valid, trusted and will work properly for its users.

  • SSL VPN (Secure Sockets Layer virtual private network)

    An SSL VPN is a type of virtual private network (VPN) that uses the Secure Sockets Layer (SSL) protocol -- or, more often, its successor, the Transport Layer Security (TLS) protocol -- in standard web browsers to provide secure, remote-access VPN capability.

  • stack smashing

    Stack smashing is causing a stack in a computer application or operating system to overflow.

  • stealth

    In computing, stealth refers to an event, object, or file that evades methodical attempts to find it.

  • stealth virus

    In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.

  • steganography

    Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.

  • STIX (Structured Threat Information eXpression)

    STIX (Structured Threat Information eXpression) is an XML programming language that allows cybersecurity threat data to be shared.

  • stream cipher

    A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.

  • strong cryptography

    Strong cryptography is used by most governments around the world to protect communications. It involves secreted and encrypted communication that is not amenable to cryptographic analysis.

  • Stuxnet

    The Stuxnet worm is a rootkit exploit that targets supervisory control and data acquisition (SCADA) systems.

  • sudo (superuser do)

    Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and arguments.

  • supercookie

    A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a user's internet browsing history and habits.

  • SYN flood (half open attack)

    SYN flooding is a method that the user of a hostile client program can use to conduct a denial-of-service (DoS) attack on a computer server.

  • T

    TACACS (Terminal Access Controller Access Control System)

    TACACS (Terminal Access Controller Access Control System) is an older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system.

  • talking Trojan

    A talking Trojan is a Trojan horse program that mocks the user of an infected PC with a repeating audio message while it deletes the entire contents of a hard drive. The first outbreak of the talking Trojan was called "BotVoice.A Trojan" and was detected by security vendor Panda Software SA in the summer of 2007. (Continued...)

  • TAN (transaction authentication number)

    A transaction authentication number (TAN) is a type of single-use password used for an online banking transaction in conjunction with a standard ID and password. TANs are often in a list made by a financial institution and sent to the owner of the account.

  • TDL-4 (TDSS or Alureon)

    TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.

  • Tempest

    Tempest was the name of a classified (secret) U.S. government project to study (probably for the purpose of both exploiting and guarding against) the susceptibility of some computer and telecommunications devices to emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data.

  • threat modeling

    Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...

  • three-factor authentication (3FA)

    Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledge, possession and inherence categories.

  • Tilded platform

    The Tilded platform is a malicious software communicator specifically designed as a vessel for transmitting malware undetected.

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to computer systems.

  • timing attack

    A timing attack looks at how long it takes a system to do something and allows the attacker, through statistical analysis, to learn enough about the system to find the decryption key needed to gain access to it.

  • tokenization

    Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.

  • topsite

    A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.

  • Total Information Awareness (TIA)

    Total Information Awareness (TIA) is the name of a massive U.S. data mining project focused on scanning travel, financial and other data from public and private sources with the goal of detecting and preventing transnational threats to national security.

  • Transport Layer Security (TLS)

    Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications.

  • trigraph

    A trigraph is a three-character replacement for a special or nonstandard character in a text file.

  • Trojan horse (computing)

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.

  • TrueCrypt

    TrueCrypt is a cross-platform open source program for file and full disk encryption (FDE).

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)

  • trusted computing base (TCB)

    The trusted computing base (TCB) is everything in a computing system that provides a secure environment.

  • trusted PC

    The trusted PC is an industry ideal of a PC with built-in security mechanisms that place minimal reliance on the user or administrator to keep a PC and its peripheral devices secure.

  • two-factor authentication (2FA)

    Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.

  • two-step verification

    Two-step verification requires the sequential use of two authentication methods to verify that someone or something is who or what they are declared to be. In contrast with two-factor authentication processes, the methods in two-step verification can belong to the same category of authentication factors.

  • Twofish

    Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.

  • U

    ultrasound

    Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range.

  • unified threat management (UTM)

    A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.

  • United States Secret Service (USSS)

    The United States Secret Service (USSS) is a federal law enforcement agency mandated by Congress to carry out two sets of primary objectives: provide protection for designated sites and events as well as national and visiting leaders, and preserve the integrity of the U.S. economy by safeguarding the nation's financial infrastructure and payment systems.

  • user account provisioning

    User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of access to software and data is is consistent and simple to administer.

  • user authentication

    User authentication is the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity; the term contrasts with machine authentication, which involves automated processes that do not require user input.

  • user behavior analytics (UBA)

    User behavior analytics (UBA) is a process in which security teams use monitoring tools to track, collect and assess the network activities of all individuals accessing those system to detect potentially malicious activity.

  • user profile

    In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.

  • USGCB (United States Government Configuration Baseline)

    The United States Government Configuration Baseline, or USGCB, is a government-wide initiative that provides guidance on information security configuration best practices for IT products leveraged by federal agencies.

  • V

    van Eck phreaking

    Van Eck phreaking is a form of electronic eavesdropping that reverse engineers the electromagnetic fields (EM fields) produced by a computing device.

  • vandal

    A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.

  • Verizon Data Breach Investigations Report (DBIR)

    The Verizon Data Breach Investigations Report (DBIR) is an annual publication that provides data from and analysis of information security incidents, with a specific focus on data breaches.

  • Verizon VERIS (Vocabulary for Event Recording and Incident Sharing) Framework

    The VERIS (Vocabulary for Event Recording and Incident Sharing) Framework is a taxonomy that standardizes how security incidents are described and categorized.

  • virus (computer virus)

    A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works.

  • virus hoax

    A virus hoax is a false warning about a computer virus.

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.

  • voice ID (voice authentication)

    Voice ID (sometimes called voice authentication) is a type of user authentication that uses voiceprintbiometrics, voice ID relies on the fact that vocal characteristics, like fingerprints and the patterns of people's irises, are unique for each individual.

  • voice squatting (skill squatting)

    Voice squatting is an attack vector for voice user interfaces (VUIs) that exploits homonyms (words that sound the same but are spelled differently) and input errors (words that are mispronounced).

  • voiceprint

    A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.

  • voluntary botnet

    A voluntary botnet is a distributed network of computers whose processing power is harnessed to carry out a political or socially-motivated denial of service (DoS) attack.

  • vulnerability assessment (vulnerability analysis)

    A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.

  • vulnerability disclosure

    Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.

  • W

    computer worm

    A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.

  • walled garden

    On the Internet, a walled garden is an environment that controls the user's access to Web content and services.

  • WannaCry ransomware

    The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system.

  • WAPI (WLAN Authentication and Privacy Infrastructure)

    WAPI (WLAN Authentication and Privacy Infrastructure) is the wireless local area network (WLAN) standard officially supported by the Chinese state government.

  • war dialer

    A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.

  • watering hole attack

    A watering hole attack targets a specific group of users by infecting websites group members like to visit. The name watering hole attack is inspired by predators in the natural world who lurk near watering holes, looking for opportunities to attack desired prey.

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a website or web application.

  • Web filter

    A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.

  • web server security

    Web server security is the protection of information assets that can be accessed from a Web server.

  • WebAuthn API

    The Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web applications authenticate users without storing their passwords on servers.

  • whack-a-mole

    Whack-a-mole is the pursuit of a particular person known to have sent spam.

  • whaling attack (whaling phishing)

    A whaling attack, also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company.

  • white hat

    A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.

  • Wi-Fi Pineapple

    A Wi-Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests.

  • Wi-Fi Sense

    Windows Wi-Fi Sense allows Windows 10 users to get Internet access from public hotspots and private wireless local area networks (WLANs) that have been shared by friends. Although Wi-Fi Sense is enabled by default in all editions of Windows 10, the feature can be turned off by users and access can be disabled by wireless network administrators.

  • wildcard certificate

    A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.

  • Windows Defender Exploit Guard

    Windows Defender Exploit Guard (EG) is an anti-malware software developed by Microsoft that provides intrusion protection for users with the Windows 10 operating system (OS).

  • Wired Equivalent Privacy (WEP)

    Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN. A wired local area network (LAN) is generally protected by physical security mechanisms (controlled access to a building, for example) that are effective for a controlled physical environment, but may be ineffective for WLANs because radio waves are not necessarily bound by the walls containing the network.

  • WPA3

    WPA3 is a security certification program developed by the Wi-Fi Alliance to ensure Wi-Fi related products meet a common standard.

  • X

    X.509 certificate

    An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure standard to verify that a public key belongs to the user, computer or service identity contained within the certificate.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close