Get started

Data Security and Cloud Computing

• application blacklisting

  Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or ... Continue Reading

• barnacle

  In a computer, a barnacle is unwanted programming, such as adware or spyware, that is downloaded and installed along with a user-requested program. Continue Reading

• malvertisement (malicious advertisement or malvertising)

  A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware. Continue Reading

• tokenization

  Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Continue Reading

• Information security job titles: Irrelevant to your career

  Remember, potential new security roles are doled out based on experience and accomplishments, not some fancy title. Continue Reading

• Definitions to Get Started

  • Federal Information Security Management Act (FISMA)
  • CISO as a service (vCISO, virtual CISO, fractional CISO)
  • access control
  • advanced persistent threat (APT)

  • biometrics
  • zero-day (computer)
  • PCI DSS 12 requirements
  • vulnerability assessment (vulnerability analysis)

  View All Definitions

• Network security audit guidelines: Inside the importance of audit planning

  In this SearchSecurity.com mini learning guide you will learn the ins and outs of network security audit guidelines, as well as the importance of audit planning, and how to perform and prepare for an audit.Continue Reading

• Common Weakness Enumeration (CWE)

  Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)Continue Reading

• Twofish

  Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.Continue Reading

• XML encryption and WS-Security tutorial: Essential elements of Web services security

  WS-Security and XML encryption are two essential elements of Web services security. In this XML encryption and WS-Security tutorial, which is a part of the SearchSecurity.com XML Web services tutorial, learn more about the security threats and ...Continue Reading

• XML firewall security guide: Prevent XML vulnerabilities and threats

  This section of the XML Web services Tutorial highlights the functions and capabilities of the XML firewall, how the features of an XML firewall compare to other firewalls, and offers advice on how to prevent XML vulnerabilities and stop XML attacks.Continue Reading

• content filtering (information filtering)

  On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.Continue Reading

• Secure VoIP tutorial: Understanding VoIP security best practices

  More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best...Continue Reading

• Career advantages of security professional certifications and advanced degrees

  Choose wisely when pursuing industry certifications and advanced degrees to gain the best competitive advantage.Continue Reading

• parameter tampering

  Parameter tampering is a form of Web-based hacking event (called an attack) in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user's authorization... (Continued)Continue Reading

• authentication, authorization, and accounting (AAA)

  Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading

• backscatter body scanning

  Backscatter body scanning is an X-ray-based technology that yields a high-resolution image of a person's body beneath their clothing and reveals concealed objects... (Continued)Continue Reading

• wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.Continue Reading

• privilege escalation attack

  A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.Continue Reading

• domain rotation

  Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist...Continue Reading

• user account provisioning

  User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading

• advanced evasion technique (AET)

  An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection systemContinue Reading

• metamorphic and polymorphic malware

  Metamorphic and polymorphic malware are two categories of malicious programs that have the ability to change their code as they propagate.Continue Reading

• Pwn2Own

  Pwn2Own is an annual hacking competition sponsored by security vendor TippingPoint and held at the CanSecWest security conference.Continue Reading

• electronic discovery (e-discovery or ediscovery)

  Electronic discovery (also called e-discovery or ediscovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case.Continue Reading

• alternate data stream (ADS)

  An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.Continue Reading

• endpoint fingerprinting

  Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems,...Continue Reading

• bot worm

  A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that...Continue Reading

• Security as a Service (SaaS)

  Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided ...Continue Reading

• zero-day exploit

  A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.Continue Reading

• HIPAA business associate

  As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health ...Continue Reading

• Qualified Security Assessor (QSA)

  A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance.Continue Reading

• Report on Compliance (ROC)

  A Report on Compliance (ROC) is a form that must be completed by all Level 1 Visa merchants undergoing a PCI DSS audit. In general, a level 1 merchant is one who processes over 6 million Visa transactions in a year.Continue Reading

• Web browser security tutorial: Safari, IE, Firefox browser protection

  Newly updated: This Web browser security tutorial identifies the inherent flaws of Internet Explorer and Mozilla Firefox, introduces viable Web browser alternatives and provides tools and tactics to maximize your Web browsing security and browser ...Continue Reading

• I-SPY Act -- Internet Spyware Prevention Act of 2005 (H.R. 744)

  The I-SPY Act, formally known as the Internet Spyware Prevention Act of 2005 (H.R. 744), is a bill in the U.S. Congress that would criminalize the unauthorized use of spyware, phishing, and other methods of using the Internet to obtain sensitive ...Continue Reading

• intelligence community

  The term intelligence community refers to government and other public agencies as well as private agencies that gather, assemble, and report information that pertains to world or national security.Continue Reading

• Fortezza

  Fortezza, Italian for "fortress," is a family of security products trademarked by the US government's National Security Agency.Continue Reading

• Defense Message System (DMS)

  The Defense Message System (DMS) is a secure X.400-based e-mail system developed by the United States government in conjunction with industry partners to ensure safety for critical operations.Continue Reading

• lifestyle polygraph

  A lifestyle polygraph is a lie-detector (polygraph) test that is administered as a requirement for employment in certain fields.Continue Reading

• HSPD-7 (Homeland Security Presidential Directive No. 7)

  HSPD-7 (Homeland Security Presidential Directive No. 7) was a directive issued by U.S. President George W. Bush in December, 2003 that updated policies intended to protect the country from terrorist attacks. This directive superseded the earlier PDD...Continue Reading

• CALEA (Communications Assistance for Law Enforcement Act)

  CALEA (Communications Assistance for Law Enforcement Act) is a United States federal law that enables the government to intercept wire and electronic communications and call-identifying information under certain circumstances -- in particular, when ...Continue Reading

• national identity card

  A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of ...Continue Reading

• National Computer Security Center (NCSC)

  The National Computer Security Center (NCSC) is a U.S. government organization within the National Security Agency (NSA) that evaluates computing equipment for high security applications to ensure that facilities processing classified or other ...Continue Reading

• Tempest

  Tempest was the name of a classified (secret) U.S. government project to study (probably for the purpose of both exploiting and guarding against) the susceptibility of some computer and telecommunications devices to emit electromagnetic radiation (...Continue Reading

• security clearance

  A security clearance is an authorization that allows access to information that would otherwise be forbidden.Continue Reading

• government Trojan

  A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals ...Continue Reading

• Four steps toward a plan for a career in information security

  Having a long-term goal for a career in information security isn't enough. Here are four key steps for planning for a career in information security.Continue Reading

• Risk-based audit methodology: How to achieve enterprise security

  Discover how using a risk-based audit methodology can achieve better enterprise security. Learn how to develop an internal IT audit program, implement risk mitigation methods and develop controls and ensure they are effective.Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.Continue Reading

• IT security policy management: Effective polices to mitigate threats

  In this mini guide, you will gain a better understanding of IT security policy management and learn how to create an effective IT security policy, how to ensure security polices are managed appropriately, best practices for policy implementation and...Continue Reading

• Develop an effective information security career plan

  A successful career in information security requires an effective information security career planContinue Reading

• Same Origin Policy (SOP)

  The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integrity of information.Continue Reading

• Securing your wireless network: Preventing wireless security threats

  This mini learning guide helps enterprise information security managers and executives develop a better understanding of wireless network security and learn why investing time and resources in securing your wireless network can help thwart security ...Continue Reading

• Web application attacks security guide: Preventing attacks and flaws

  This Web application attacks guide explains how Web application attacks occur, identifies Web application attack types, and provides Web application security tools and tactics to protect against them.Continue Reading

• Operation Phish Phry

  Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities.Continue Reading

• pulsing zombie

  A pulsing zombie is a computer whose security has been compromised without its owner's knowledge by a cracker so that it intermittently carries out a denial-of-service attack on target computers in a network.Continue Reading

• Mini guide: How to remove and prevent Trojans, malware and spyware

  Organizations need to learn how to implement proper protections and understand best practices for malware defense in order to keep their network environments secure. In this mini guide you will learn how to prevent, remove and stop types of malware ...Continue Reading

• micro-botnet (mini-botnet or baby botnet)

  A micro-botnet, also called a mini-botnet or baby botnet, is a small network of Internet-connected computers that have been hijacked to attack specific companies or individuals within a company.Continue Reading

• Endpoint protection best practices manual: Combating issues, problems

  Learn how to employ effective endpoint security controls, technologies and policies, and well as define methods and techniques for a multilayered endpoint defense system.Continue Reading

• Buffer overflow tutorial: How to find vulnerabilities, prevent attacks

  Buffer overflow exploits and vulnerabilities can lead to serious harm to corporate Web applications, as well as embarrassing and costly data security breaches and system compromises.Continue Reading

• data masking

  Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. The purpose is to protect the actual data while having a ...Continue Reading

• RAT (remote access Trojan)

  A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the...Continue Reading

• SQL injection protection: A guide on how to prevent and stop attacks

  In this SQL injection protection guide get advice on how to prevent and stop SQL injection attacks, also learn best practices on how to detect vulnerabilities.Continue Reading

• security information management (SIM)

  Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is ...Continue Reading

• deperimeterization

  In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.Continue Reading

• FERPA (Family Educational Rights and Privacy Act of 1974)

  FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.Continue Reading

• An introduction to Information Security Career Advisor

  SearchSecurity.com is pleased to partner with infosec career experts Lee Kushner and Mike Murray to bring you a new monthly column on information security careers. In their debut article, they explain why information security career coaching is ...Continue Reading

• An introduction to wireless security

  Don't let Wi-Fi become the weak link in your network's armor! Learn the business risks posed by wireless, essential countermeasures that can reduce those risks, and industry best practices for designing, deploying and monitoring secure WLANs.Continue Reading

• Hacker attack techniques and tactics: Understanding hacking strategies

  This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network.Continue Reading

• HIPAA compliance manual: Training, audit and requirement checklist

  In this HIPAA compliance manual you will recieve advice on how to prepare for a security audit as well as a checklist for HIPAA training, gudielines and requirements.Continue Reading

• Internet Key Exchange (IKE)

  The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.Continue Reading

• Spyware Protection and Removal Tutorial

  This free spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and most importantly what you can to do to win the war on spyware.Continue Reading

• network behavior analysis (NBA)

  Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued)Continue Reading

• Exploring authentication methods: How to develop secure systems

  Use this guide to discover authentication options and learn how to implement, maintain and secure several methods of authentication, such as biometrics, single sign-on (SSO) and smart cards to avoid security breaches and protect sensitive corporate ...Continue Reading

• hybrid virus/worm

  A hybrid virus/worm is malicious code that combines characteristics of both those types of malware, typically featuring the virus' ability to alter program code with the worm's ability to reside in live memory and to propagate without any action on ...Continue Reading

• HIDS/NIDS (host intrusion detection systems and network intrusion detection systems)

  Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks... (Continued)Continue Reading

• data encryption/decryption IC

  A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data...Continue Reading

• Open System Authentication (OSA)

  Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With OSA, a computer equipped with a wireless modem can access any WEP network and receive...Continue Reading

• Class C2

  Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.Continue Reading

• nonrepudiation

  Nonrepudiation is the assurance that someone cannot deny something, such as the receipt of a message or the authenticity of a statement or contract... (Continued)Continue Reading

• honey monkey

  A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system ...Continue Reading

• LEAP (Lightweight Extensible Authentication Protocol)

  LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 ...Continue Reading

• PEAP (Protected Extensible Authentication Protocol)

  PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local ...Continue Reading

• phlashing

  Phlashing is a permanent denial of service (PDoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable... (Continued)Continue Reading

• CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

  Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard for wireless local area networks (WLANs), particularly those using WiMax technology... (Continued)Continue Reading

• password hardening

  Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process.Continue Reading

• keystroke dynamics

  Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)Continue Reading

• biometric verification

  Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits... (Continued)Continue Reading

• anti-money laundering software (AML)

  Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)Continue Reading

• DNS rebinding attack

  DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works on widely-used routers such as D-Link and Linksys and could, in fact, target any device that uses a...Continue Reading

• Kraken

  Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam ...Continue Reading

• Open Source Hardening Project

  The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal...Continue Reading

• finger vein ID

  Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)Continue Reading

• extrusion prevention

  Extrusion prevention, also called exfiltration prevention, is the practice of stopping data leaks by filtering outbound network traffic and preventing unauthorized packets from moving outside the network. In contrast, extrusion detection simply ...Continue Reading

• password cracker

  A password cracker is an application program that is used to identify an unknown or forgotten password to a computer or network resources.Continue Reading

• role mining

  Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading

• screened subnet (triple-homed firewall)

  A screened subnet (also known as a 'triple-homed firewall') is a network architecture that uses a single firewall with three network interfaces... (Continued)Continue Reading

• talking Trojan

  A talking Trojan is a Trojan horse program that mocks the user of an infected PC with a repeating audio message while it deletes the entire contents of a hard drive. The first outbreak of the talking Trojan was called "BotVoice.A Trojan" and was ...Continue Reading

• zombie computer (zombie bot)

  A zombie (also known as a bot) is a computer that a remote attacker has accessed and set up to forward transmissions (including spam and viruses) to other computers on the Internet. (Continued)Continue Reading

• Securities and Exchange Commission (SEC)

  The Securities and Exchange Commission (SEC) is a U.S. government agency that oversees securities transactions, activities of financial professionals and mutual fund trading to prevent fraud and intentional deception... (Continued)Continue Reading

• Secure Electronic Transaction (SET)

  Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.Continue Reading