Get started

Data Security and Cloud Computing

• session replay

  Session replay is a scheme a cracker uses to masquerade as an authorized user on an interactive Web site... (Continued) Continue Reading

• shadow password file

  In the Linux operating system, a shadow password file is a system file in which encryption user password are stored so that they aren't available to people who try to break into the system. Continue Reading

• RADIUS (Remote Authentication Dial-In User Service)

  Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or ... Continue Reading

• salt

  In password protection, salt is a random string of data used to modify a password hash. Continue Reading

• public key certificate

  A public key certificate is a digitally signed document that serves to validate the sender's authorization and name. Continue Reading

• Definitions to Get Started

  • Advanced Encryption Standard (AES)
  • intrusion detection system (IDS)
  • Secure Shell (SSH)
  • security information and event management (SIEM)

  • keylogger (keystroke logger or system monitor)
  • two-factor authentication (2FA)
  • identity theft
  • cybercrime

  View All Definitions

• spam cocktail (or anti-spam cocktail)

  A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of ...Continue Reading

• NCSA

  NCSA at the University of Illinois in Urbana, Illinois is the home of the first Web browser that had a graphical user interface.Continue Reading

• Joe job

  A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source.Continue Reading

• mail bomb

  A mail bomb is the sending of a massive amount of e-mail to a specific person or system.Continue Reading

• munging

  Munging is the deliberate alteration of an e-mail address on a Web page to hide the address from spambot programs that scour the Internet for e-mail addresses.Continue Reading

• live capture

  Live capture is the act or method of gathering biometric data from an individual while the individual is physically present.Continue Reading

• masquerade

  In general, a masquerade is a disguise.Continue Reading

• logon (or login)

  In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading

• HDCP (High-bandwidth Digital Content Protection)

  HDCP (High-bandwidth Digital Content Protection) is a specified method from Intel for protecting copyrighted digital entertainment content that uses the Digital Video Interface (DVI) by encrypting its transmission between the video source and the ...Continue Reading

• footprinting

  In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins.Continue Reading

• graphical password or graphical user authentication (GUA)

  A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).Continue Reading

• identity chaos (password chaos)

  Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.Continue Reading

• cache cramming

  Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.Continue Reading

• cipher block chaining (CBC)

  Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block).Continue Reading

• cut-and-paste attack

  A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed.Continue Reading

• Cyber Storm

  Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) February 6-10, 2006 to evaluate whether or not the country could withstand a real attack of similar magnitude...Continue Reading

• cracker

  A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.Continue Reading

• BioAPI Consortium

  The BioAPI Consortium is a group of over 90 organizations whose goal is to encourage and promote the growth of biometric technology by developing an industry-wide application programming interface (API.) The consortium's API defines how a software ...Continue Reading

• Automated Fingerprint Identification System (AFIS)

  The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.Continue Reading

• AAA server (authentication, authorization, and accounting)

  An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.Continue Reading

• bifurcation

  In the biometric process of fingerscanning, a bifurcation is a point in a finger image at which two ridges meet.Continue Reading

• snake oil

  In cryptographic and other computer products, snake oil is a negative term used to describe exaggerated claims made by vendors who are overly optimistic or purposely seeking to take advantage of consumers who do not have the expertise to judge a ...Continue Reading

• Sender Policy Framework (SPF)

  Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as ...Continue Reading

• Public-Key Cryptography Standards (PKCS)

  The Public-Key Cryptography Standards (PKCS) are a set of intervendor standard protocols for making possible secure information exchange on the Internet using a public key infrastructure (PKI).Continue Reading

• security policy

  In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets.Continue Reading

• OCSP (Online Certificate Status Protocol)

  OCSP (Online Certificate Status Protocol) is one of two common schemes for maintaining the security of a server and other network resources.Continue Reading

• network encryption (network layer or network level encryption)

  Network encryption (sometimes called network layer, or network level encryption) is a network security process that applies crypto services at the network transfer layer - above the data link level, but below the application level.Continue Reading

• plaintext

  In cryptography, plaintext is ordinary readable text before being encrypted into ciphertext or after being decrypted.Continue Reading

• Honeynet Project

  The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing.Continue Reading

• honeynet

  A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.Continue Reading

• IGP (Interior Gateway Protocol)

  An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks).Continue Reading

• integrated threat management

  Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)Continue Reading

• Escrowed Encryption Standard (EES)

  The Escrowed Encryption Standard (EES) is a standard for encrypted communications that was approved by the U.S. Department of Commerce in 1994 and is better known by the name of an implementation called the Clipper chip.Continue Reading

• greynet (or graynet)

  Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department.Continue Reading

• data splitting

  Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.Continue Reading

• Encrypting File System (EFS)

  The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.Continue Reading

• Digital Signature Standard (DSS)

  Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents.Continue Reading

• anonymous email

  Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.Continue Reading

• cloaking

  Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

• data key

  In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas ...Continue Reading

• capture

  Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.Continue Reading

• Rijndael

  Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES).Continue Reading

• CISSP certification can serve as introduction to regulatory compliance

  The CISSP is widely considered a valuable baseline certification for information security professionals, but its coursework can also be a valuable introduction to the complex world of regulatory compliance. As certification expert Peter H. Gregory ...Continue Reading

• Endpoint Security

  Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network.Continue Reading

• directory traversal

  Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)Continue Reading

• Cisco Certified Security Professional (CCSP)

  A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

• digest authentication

  Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

• click fraud (pay-per-click fraud)

  Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.Continue Reading

• drive-by pharming

  Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)Continue Reading

• trusted computing

  Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

• OpenVPN (open source virtual private network)

  OpenVPN is an open source virtual private network (VPN) product that offers simplified security, a modular network design and cross-platform portability. OpenVPN is licensed under the GNU General Public License (GPL). Private licenses are available...Continue Reading

• RavMonE virus (W32/Rjump)

  The RavMonE virus, also known as W32/Rjump, is a virus that opens a back door on a computer running Windows, creates a copy of itself in the Windows system directory and creates a log file containing the port number on which its back door component ...Continue Reading

• Nmap Technical Manual

  By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ...Continue Reading

• trusted PC

  The trusted PC is an industry ideal of a PC with built-in security mechanisms that place minimal reliance on the user or administrator to keep a PC and its peripheral devices secure.Continue Reading

• bastion host

  On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.Continue Reading

• public key

  In cryptography, a public key is a value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures.Continue Reading

• LUHN formula (modulus 10)

  The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.Continue Reading

• biometric payment

  Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.Continue Reading

• Risk management: Data organization and impact analysis

  This first article of the Insider Threat Management Guide explains how to data organization is the first step in implementing insider threat controls.Continue Reading

• Risk management audit

  This article explores the audit function in the insider threat management process.Continue Reading

• Insider Threat Management Guide

  In this Insider Threat Management Guide, contributor Gideon Rasmussen reviews how to fortify your organization's current insider threat controls and keep internal dangers to a minimum.Continue Reading

• Risk management: Baseline management and control

  Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide.Continue Reading

• Risk management: Implementation of baseline controls

  This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.Continue Reading

• Risk management references

  References for our Insider Threat Management Guide.Continue Reading

• Information Security Governance Guide

  This guide provides an introduction to what information security governance and a security program are, and examines how to deploy security policies within any environment.Continue Reading

• man in the browser

  Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)Continue Reading

• Total Information Awareness (TIA)

  Total Information Awareness (TIA) is the name of a massive U.S. data mining project focused on scanning travel, financial and other data from public and private sources with the goal of detecting and preventing transnational threats to national ...Continue Reading

• Introduction to internal IT audits for regulatory compliance

  Internal IT audits can assist an organization in its regulatory compliance efforts by identifying information security weaknesses prior to an external audit. This article serves as an introduction to internal audits for the security practitioner ...Continue Reading

• password synchronization

  Password synchronization is an authentication process that coordinates user passwords across various computers and computing devices so a user only has to remember a single password instead of multiple passwords for different machines or devices.Continue Reading

• Wired Equivalent Privacy (WEP)

  Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is ...Continue Reading

• Crash Course: Spyware

  In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge.Continue Reading

• An introduction to Active Directory Federation Services

  Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.Continue Reading

• SnortSnarf

  SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open ...Continue Reading

• ping of death

  On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol.Continue Reading

• XML Web services tutorial: How to improve security in Web services

  Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure.Continue Reading

• brain fingerprinting

  Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously ...Continue Reading

• anonymous Web surfing (Web anonymizer, SafeWeb)

  Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.Continue Reading

• threat modeling

  Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...Continue Reading

• ILOVEYOU virus

  The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more ...Continue Reading

• ethical worm

  An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities.Continue Reading

• The Business Model

  Continue Reading

• Multi-dimensional enterprise-wide security: Introduction

  Multi-dimensional security involves protecting the information assets and associated resources within all areas of an enterprise and in compliance with all regulatory, policy and contractual requirements. These 10 tips introduce how to adopt a ...Continue Reading

• block cipher

  A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.Continue Reading

• policy server

  A policy server is a security component of a policy-based network that provides authorization services and facilitates tracking and control of files...Continue Reading

• Introduction to COBIT for SOX compliance

  The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here.Continue Reading

• Carnivore

  Carnivore was an Internet surveillance system developed for the U.S. Federal Bureau of Investigation (FBI) so that they could monitor the electronic transmissions of criminal suspects. Critics, however, charged that Carnivore did not include ...Continue Reading

• SearchSecurity.com's Guide to Thwarting Hacker Techniques

  This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network.Continue Reading

• VLAN hopping (virtual local area network hopping)

  VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.Continue Reading

• Zotob

  Zotob is a computer worm used by an attacker to gather personal and financial information from computers running Microsoft Windows that have a buffer overflow vulnerability. Zotob, which has several variants, is an outgrowth of a worm called Mytob.Continue Reading

• SOX Compliance for the Security Practitioner

  This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, ...Continue Reading

• Firewall Builder (Fwbuilder)

  Firewall Builder, also called Fwbuilder, is a vendor-neutral configuration and management application for firewalls that is intended primarily for Linux and that supports the OpenBSD Packet Filter, Cisco PIX Series security devices, iptables, and ...Continue Reading

• Mytob

  Mytob is a worm used by hackers to gather personal and financial information by phishing, a form of e-mail fraud where the perpetrator sends out legitimate-looking messages that appear to come from well-known and trustworthy Web sites. Since Mytob ...Continue Reading

• How BS7799 and COBIT differ

  What's the difference between BS7700 vs. COBIT? Security management expert Shon Harris has the answer.Continue Reading

• dictionary attack

  A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an ...Continue Reading

• directory harvest attack (DHA)

  A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.Continue Reading