Get started

Bring yourself up to speed with our introductory content.

Data Security and Cloud Computing

  • zombie computer (zombie bot)

    A zombie (also known as a bot) is a computer that a remote attacker has accessed and set up to forward transmissions (including spam and viruses) to other computers on the Internet. (Continued) Continue Reading

  • Securities and Exchange Commission (SEC)

    The Securities and Exchange Commission (SEC) is a U.S. government agency that oversees securities transactions, activities of financial professionals and mutual fund trading to prevent fraud and intentional deception... (Continued) Continue Reading

  • Secure Electronic Transaction (SET)

    Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet. Continue Reading

  • mutual authentication

    Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other... (Continued) Continue Reading

  • PAN truncation (primary account number)

    PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued) Continue Reading

  • PCI DSS Requirement 10: Track and monitor network access

    Many organizations have disparate networks and must manually track each system's log files in order to comply with PCI DSS. Individually sifting through system logs can be a major drain on IT, especially when the cause of a compromise needs to be ...Continue Reading

  • PCI DSS Requirement 1: Install and maintain a firewall configuration

    Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. In this guide, Craig Norris explains the extra work that needs to be done.Continue Reading

  • PCI DSS Requirement 8: Assign unique user IDs to those with access

    To pass a PCI compliance audit, organizations need to be capable of verifying who is attempting access to an asset. They also must control what employees are permitted to see or modify, and do so based on their organizational role. In this PCI ...Continue Reading

  • PCI DSS Requirement 3: Protecting stored data

    One of the biggest problems with PCI DSS requirement 3 is that merchants must accurately know where credit card data flows from its inception, where it traverses the network and resides, and what its "state" is along the way. Craig Norris explains ...Continue Reading

  • PCI DSS Requirement 11: Regularly test security systems and processes

    Craig Norris explains why internal and external network scans are necessary to complete Requirement 11 of the PCI Data Security Standard, one that frequently baffles security professionals.Continue Reading

  • Rock Phish

    Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit ...Continue Reading

  • authentication server

    An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued)Continue Reading

  • sheepdip (sheep dipping or a footbath)

    In computers, a sheepdip (or, variously, sheep dipping or a footbath) is the checking of media, usually diskettes or CD-ROMs, for viruses before they are used in a computer or network.Continue Reading

  • JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)Continue Reading

  • defense in depth

    Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)Continue Reading

  • Corporate Mergers and Acquisitions Security Learning Guide

    Mergers and acquisitions are common occurrences in today's information security market. In this SearchSecurity.com Learning Guide, a panel of experts breaks down M&A security priorities and explains the best ways to manage disparate security staffs,...Continue Reading

  • Malware: Glossary

    This is a glossary of terms related to malware.Continue Reading

  • Malicious Computer Code: Glossary

    This is a glossary of terms related to malicious computer code.Continue Reading

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data during its transmission. Snooping can include casual ...Continue Reading

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis.Continue Reading

  • war dialer

    A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.Continue Reading

  • smurfing

    A smurf attack is an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service.Continue Reading

  • phreak

    A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.Continue Reading

  • pharming

    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.Continue Reading

  • hijacking

    Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them.Continue Reading

  • packet monkey

    On the Internet, a packet monkey is someone (see cracker, hacker, and script kiddy) who intentionally inundates a Web site or network with data packets, resulting in a denial-of-service situation for users of the attacked site or network.Continue Reading

  • Google hacking (Google scanning or Engine hacking)

    Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet...Continue Reading

  • gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.Continue Reading

  • Echelon

    Echelon is an officially unacknowledged U.S.-led global spy network that operates an automated system for the interception and relay of electronic communications.Continue Reading

  • cookie poisoning

    On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.Continue Reading

  • cypherpunk

    Cypherpunk, a term that appeared in Eric Hughes' "A Cypherpunk's Manifesto" in 1993, combines the ideas of cyberpunk, the spirit of individualism in cyberspace, with the use of strong encryption (ciphertext is encrypted text) to preserve privacy.Continue Reading

  • cyberstalking

    Cyberstalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group.Continue Reading

  • user profile

    In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.Continue Reading

  • spoof

    Spoof was a game involving trickery and nonsense that was invented by an English comedian, Arthur Roberts, prior to 1884, when it is recorded as having been "revived.Continue Reading

  • spam trap

    A spam trap is the inclusion of an option in an online form that is preselected by default with the expectation that the user will fail to notice the option.Continue Reading

  • TACACS (Terminal Access Controller Access Control System)

    TACACS (Terminal Access Controller Access Control System) is an older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can ...Continue Reading

  • salt

    In password protection, salt is a random string of data used to modify a password hash.Continue Reading

  • public key certificate

    A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.Continue Reading

  • spam cocktail (or anti-spam cocktail)

    A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of ...Continue Reading

  • promiscuous mode

    In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for...Continue Reading

  • session replay

    Session replay is a scheme a cracker uses to masquerade as an authorized user on an interactive Web site... (Continued)Continue Reading

  • shadow password file

    In the Linux operating system, a shadow password file is a system file in which encryption user password are stored so that they aren't available to people who try to break into the system.Continue Reading

  • RADIUS (Remote Authentication Dial-In User Service)

    Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or ...Continue Reading

  • NCSA

    NCSA at the University of Illinois in Urbana, Illinois is the home of the first Web browser that had a graphical user interface.Continue Reading

  • script kiddy (or script kiddie)

    Script kiddy (sometimes spelled kiddie) is a derogative term, originated by the more sophisticated crackers of computer security systems, for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the Internet.Continue Reading

  • masquerade

    In general, a masquerade is a disguise.Continue Reading

  • Joe job

    A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source.Continue Reading

  • mail bomb

    A mail bomb is the sending of a massive amount of e-mail to a specific person or system.Continue Reading

  • munging

    Munging is the deliberate alteration of an e-mail address on a Web page to hide the address from spambot programs that scour the Internet for e-mail addresses.Continue Reading

  • live capture

    Live capture is the act or method of gathering biometric data from an individual while the individual is physically present.Continue Reading

  • logon (or login)

    In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading

  • HDCP (High-bandwidth Digital Content Protection)

    HDCP (High-bandwidth Digital Content Protection) is a specified method from Intel for protecting copyrighted digital entertainment content that uses the Digital Video Interface (DVI) by encrypting its transmission between the video source and the ...Continue Reading

  • footprinting

    In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins.Continue Reading

  • graphical password or graphical user authentication (GUA)

    A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).Continue Reading

  • identity chaos (password chaos)

    Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.Continue Reading

  • cipher block chaining (CBC)

    Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block).Continue Reading

  • cut-and-paste attack

    A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed.Continue Reading

  • Cyber Storm

    Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) February 6-10, 2006 to evaluate whether or not the country could withstand a real attack of similar magnitude...Continue Reading

  • cache cramming

    Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.Continue Reading

  • cracker

    A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.Continue Reading

  • Automated Fingerprint Identification System (AFIS)

    The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.Continue Reading

  • BioAPI Consortium

    The BioAPI Consortium is a group of over 90 organizations whose goal is to encourage and promote the growth of biometric technology by developing an industry-wide application programming interface (API.) The consortium's API defines how a software ...Continue Reading

  • AAA server (authentication, authorization, and accounting)

    An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.Continue Reading

  • bifurcation

    In the biometric process of fingerscanning, a bifurcation is a point in a finger image at which two ridges meet.Continue Reading

  • Public-Key Cryptography Standards (PKCS)

    The Public-Key Cryptography Standards (PKCS) are a set of intervendor standard protocols for making possible secure information exchange on the Internet using a public key infrastructure (PKI).Continue Reading

  • security policy

    In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets.Continue Reading

  • snake oil

    In cryptographic and other computer products, snake oil is a negative term used to describe exaggerated claims made by vendors who are overly optimistic or purposely seeking to take advantage of consumers who do not have the expertise to judge a ...Continue Reading

  • Sender Policy Framework (SPF)

    Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as ...Continue Reading

  • network encryption (network layer or network level encryption)

    Network encryption (sometimes called network layer, or network level encryption) is a network security process that applies crypto services at the network transfer layer - above the data link level, but below the application level.Continue Reading

  • OCSP (Online Certificate Status Protocol)

    OCSP (Online Certificate Status Protocol) is one of two common schemes for maintaining the security of a server and other network resources.Continue Reading

  • plaintext

    In cryptography, plaintext is ordinary readable text before being encrypted into ciphertext or after being decrypted.Continue Reading

  • integrated threat management

    Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)Continue Reading

  • Escrowed Encryption Standard (EES)

    The Escrowed Encryption Standard (EES) is a standard for encrypted communications that was approved by the U.S. Department of Commerce in 1994 and is better known by the name of an implementation called the Clipper chip.Continue Reading

  • greynet (or graynet)

    Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.Continue Reading

  • Honeynet Project

    The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing.Continue Reading

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.Continue Reading

  • IGP (Interior Gateway Protocol)

    An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks).Continue Reading

  • Encrypting File System (EFS)

    The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.Continue Reading

  • Digital Signature Standard (DSS)

    Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents.Continue Reading

  • data splitting

    Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.Continue Reading

  • cloaking

    Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

  • data key

    In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas ...Continue Reading

  • anonymous email

    Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.Continue Reading

  • capture

    Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.Continue Reading

  • Rijndael

    Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES).Continue Reading

  • CISSP certification can serve as introduction to regulatory compliance

    The CISSP is widely considered a valuable baseline certification for information security professionals, but its coursework can also be a valuable introduction to the complex world of regulatory compliance. As certification expert Peter H. Gregory ...Continue Reading

  • Endpoint Security

    Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network.Continue Reading

  • directory traversal

    Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)Continue Reading

  • Cisco Certified Security Professional (CCSP)

    A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

  • digest authentication

    Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

  • click fraud (pay-per-click fraud)

    Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.Continue Reading

  • drive-by pharming

    Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)Continue Reading

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

  • OpenVPN (open source virtual private network)

    OpenVPN is an open source virtual private network (VPN) product that offers simplified security, a modular network design and cross-platform portability. OpenVPN is licensed under the GNU General Public License (GPL). Private licenses are available...Continue Reading

  • Nmap Technical Manual

    By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ...Continue Reading

  • managed security services (MSS)

    Managed security services (MSS) is a systematic approach to managing an organization's security needs.Continue Reading

  • trusted PC

    The trusted PC is an industry ideal of a PC with built-in security mechanisms that place minimal reliance on the user or administrator to keep a PC and its peripheral devices secure.Continue Reading

  • bastion host

    On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.Continue Reading

  • public key

    In cryptography, a public key is a value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures.Continue Reading

  • LUHN formula (modulus 10)

    The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.Continue Reading

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close