Get started

Bring yourself up to speed with our introductory content.

Data Security and Cloud Computing

  • Honeynet Project

    The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing. Continue Reading

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. Continue Reading

  • IGP (Interior Gateway Protocol)

    An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks). Continue Reading

  • Encrypting File System (EFS)

    The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent. Continue Reading

  • Digital Signature Standard (DSS)

    Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents. Continue Reading

  • Definitions to Get Started

    View All Definitions

  • data splitting

    Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.Continue Reading

  • cloaking

    Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

  • data key

    In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas ...Continue Reading

  • anonymous email

    Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.Continue Reading

  • capture

    Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.Continue Reading

  • Rijndael

    Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES).Continue Reading

  • CISSP certification can serve as introduction to regulatory compliance

    The CISSP is widely considered a valuable baseline certification for information security professionals, but its coursework can also be a valuable introduction to the complex world of regulatory compliance. As certification expert Peter H. Gregory ...Continue Reading

  • Endpoint Security

    Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network.Continue Reading

  • directory traversal

    Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)Continue Reading

  • Cisco Certified Security Professional (CCSP)

    A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

  • digest authentication

    Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

  • click fraud (pay-per-click fraud)

    Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.Continue Reading

  • drive-by pharming

    Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)Continue Reading

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

  • OpenVPN (open source virtual private network)

    OpenVPN is an open source virtual private network (VPN) product that offers simplified security, a modular network design and cross-platform portability. OpenVPN is licensed under the GNU General Public License (GPL). Private licenses are available...Continue Reading

  • Nmap Technical Manual

    By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ...Continue Reading

  • managed security services (MSS)

    Managed security services (MSS) is a systematic approach to managing an organization's security needs.Continue Reading

  • trusted PC

    The trusted PC is an industry ideal of a PC with built-in security mechanisms that place minimal reliance on the user or administrator to keep a PC and its peripheral devices secure.Continue Reading

  • bastion host

    On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.Continue Reading

  • public key

    In cryptography, a public key is a value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures.Continue Reading

  • LUHN formula (modulus 10)

    The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.Continue Reading

  • spam filter

    A spam filter is a program that is used to detect unsolicited and unwanted email and prevent those messages from getting to a user's inbox.Continue Reading

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.Continue Reading

  • Risk management: Implementation of baseline controls

    This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.Continue Reading

  • Risk management references

    References for our Insider Threat Management Guide.Continue Reading

  • Risk management: Baseline management and control

    Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide.Continue Reading

  • Information Security Governance Guide

    This guide provides an introduction to what information security governance and a security program are, and examines how to deploy security policies within any environment.Continue Reading

  • man in the browser

    Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)Continue Reading

  • Total Information Awareness (TIA)

    Total Information Awareness (TIA) is the name of a massive U.S. data mining project focused on scanning travel, financial and other data from public and private sources with the goal of detecting and preventing transnational threats to national ...Continue Reading

  • password synchronization

    Password synchronization is an authentication process that coordinates user passwords across various computers and computing devices so a user only has to remember a single password instead of multiple passwords for different machines or devices.Continue Reading

  • Wired Equivalent Privacy (WEP)

    Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is ...Continue Reading

  • Crash Course: Spyware

    In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge.Continue Reading

  • An introduction to Active Directory Federation Services

    Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.Continue Reading

  • SnortSnarf

    SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open ...Continue Reading

  • ping of death

    On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol.Continue Reading

  • brain fingerprinting

    Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously ...Continue Reading

  • anonymous Web surfing (Web anonymizer, SafeWeb)

    Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.Continue Reading

  • threat modeling

    Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...Continue Reading

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more ...Continue Reading

  • ethical worm

    An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities.Continue Reading

  • The Business Model

    Continue Reading

  • block cipher

    A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.Continue Reading

  • policy server

    A policy server is a security component of a policy-based network that provides authorization services and facilitates tracking and control of files...Continue Reading

  • Introduction to COBIT for SOX compliance

    The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here.Continue Reading

  • Carnivore

    Carnivore was an Internet surveillance system developed for the U.S. Federal Bureau of Investigation (FBI) so that they could monitor the electronic transmissions of criminal suspects. Critics, however, charged that Carnivore did not include ...Continue Reading

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.Continue Reading

  • SOX Compliance for the Security Practitioner

    This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, ...Continue Reading

  • Firewall Builder (Fwbuilder)

    Firewall Builder, also called Fwbuilder, is a vendor-neutral configuration and management application for firewalls that is intended primarily for Linux and that supports the OpenBSD Packet Filter, Cisco PIX Series security devices, iptables, and ...Continue Reading

  • Mytob

    Mytob is a worm used by hackers to gather personal and financial information by phishing, a form of e-mail fraud where the perpetrator sends out legitimate-looking messages that appear to come from well-known and trustworthy Web sites. Since Mytob ...Continue Reading

  • dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an ...Continue Reading

  • directory harvest attack (DHA)

    A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.Continue Reading

  • key string

    A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.Continue Reading

  • key chain

    A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each...Continue Reading

  • Extensible Authentication Protocol (EAP)

    The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet.Continue Reading

  • electro-optical fingerprint recognition

    Electro-optical fingerprint recognition is a biometric technology that provides for the scanning, comparison, and identification of fingerprints without the traditional need for ink and paper.Continue Reading

  • ridge

    In the biometric process of fingerscanning, a ridge is a curved line in a finger image.Continue Reading

  • minutiae

    In the biometric process of fingerscanning, minutiae are specific points in a finger image.Continue Reading

  • hybrid virus (multi-part or multipartite virus)

    A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.Continue Reading

  • Web filter

    A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.Continue Reading

  • topsite

    A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.Continue Reading

  • chaffing and winnowing

    Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption.Continue Reading

  • goat

    In biometric verification, a goat is a system end-user who is refused access to the system because their biometric data pattern is outside the range recognized by the system.Continue Reading

  • PUP (potentially unwanted program)

    A PUP (potentially unwanted program) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading

  • crimeware

    Crimeware is programming that is designed to facilitate illegal online activity. The use of crimeware is primarily financially motivated.Continue Reading

  • Register of Known Spam Operations (ROKSO)

    The Register of Known Spam Operations (ROKSO) is a list of over 500 professional spammers that is maintained by the Spamhaus Project, an organization dedicated to identifying and exposing spam operators.Continue Reading

  • shoulder surfing

    Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.Continue Reading

  • dumpster diving

    Dumpster diving is looking for treasure in someone else's trash.Continue Reading

  • DSO exploit (data source object exploit)

    A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.Continue Reading

  • stealth virus

    In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.Continue Reading

  • Elk Cloner

    Elk Cloner was the first computer virus known to have spread in the wild.Continue Reading

  • cocooning

    Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.Continue Reading

  • Quiz: Who Done IT? A Murder Mystery

    How to take the quiz: - After reading the question, click on the answer that you think is correctContinue Reading

  • P versus NP (polynomial versus nondeterministic polynomial)

    P versus NP (polynomial versus nondeterministic polynomial) refers to a theoretical question presented in 1971 by Leonid Levin and Stephen Cook, concerning mathematical problems that are easy to solve (P type) as opposed to problems that are ...Continue Reading

  • blended threat

    A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  Continue Reading

  • Chameleon Card

    The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned.Continue Reading

  • false acceptance (type II error)

    False acceptance, also called a type II error, is a mistake occasionally made by biometric security systems.Continue Reading

  • fingerscanning (fingerprint scanning)

    Fingerscanning, also called fingerprint scanning, is the process of electronically obtaining and storing human fingerprints.Continue Reading

  • false rejection (type I error)

    False rejection, also called a type I error, is a mistake occasionally made by biometric security systems.Continue Reading

  • Antigen

    Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.Continue Reading

  • security token (authentication token)

    A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service.Continue Reading

  • pseudonymous profile

    A pseudonymous profile is a collection of information about a particular computer user that identifies the user either by their computer's IP address or by a randomly-generated nickname.Continue Reading

  • trusted computing base (TCB)

    The trusted computing base (TCB) is everything in a computing system that provides a secure environment.Continue Reading

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading

  • deniable encryption

    Deniable encryption is a type of cryptography that allows an encrypted text to be decrypted in two or more ways, depending on which decryption key is used.Continue Reading

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information ...Continue Reading

  • elliptical curve cryptography (ECC)

    Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.Continue Reading

  • network forensics

    Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.Continue Reading

  • Palladium

    Palladium is a plan from Intel, AMD, and Microsoft to build security into personal computers and servers at the microprocessor level.Continue Reading

  • CRAM (challenge-response authentication mechanism)

    CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).Continue Reading

  • Information Awareness Office (IAO)

    Created in response to the terrorist attack of September 11, 2001, the Information Awareness Office (IAO) is a branch of the United States Defense Advanced Research Agency (DARPA) that aims to gather massive amounts of intelligence through ...Continue Reading

  • cryptographic checksum

    A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.Continue Reading

  • lawful interception (LI)

    Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages.Continue Reading

  • information signature

    To fight terrorism, the Information Awareness Office (IAO) of the U.S. Defense Advanced Research Projects Agency (DARPA) is planning to develop a system that uses a super database of recorded online transactions and analytical programming that will ...Continue Reading

  • whack-a-mole

    Whack-a-mole is the pursuit of a particular person known to have sent spam.Continue Reading

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.Continue Reading

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close