Glossary of Terms

What is

Adware is software that automatically displays or downloads advertising material (often unwanted) when a user is online.

Artificial Intelligence is the reproduction and demonstration of natural human intellect through machines.

Computer Network Defense is a form of cybersecurity that secures the military and government computer systems.

Data loss prevention is the process of installing software and implementing processes to monitor, verify, and protect data.

A denial-of-service attack occurs when a cyber criminal makes a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. 

Endpoint detection and response is technology that continuously responds to cyber threats by monitoring endpoint and network events.

Enterprise resource planning is the integrated management of main business processes, often in real-time and mediated by software and technology.

Enterprise risk management involves the planning, organization, leading, and controlling of an organization’s activities in order to minimize security risks. 

File integrity monitoring, or change monitoring, is a system that involves examining files for changes and logging said changes. It tracks changes, who has made those changes, what the changes are made for, and whether they were even authorized in the first place.

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.

The General Data Protection Regulation (GDPR) is a strict set of EU regulations that governs how data should be protected for EU citizens.

The interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data.

IDS and IPS systems are two parts of network infrastructure that detect and prevent intrusions by hackers. Both systems compare network traffic and packets against a database of cyber threats.

A computer network that links devices within a building or group of adjacent buildings.

Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of types of malware exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware.

Machine learning is the study of computer algorithms that improve automatically through experience. It is seen as a subset of artificial intelligence. 

Managed Detection and Response (MDR) is an advanced managed security service that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response.

A Managed Security Services Provider is an individual agency that provides IT security services to existing companies.

Managed services is the practice of outsourcing the responsibility for maintaining, and anticipating need for, a range of processes and functions in order to improve operations and cut expenses.

Phishing traditionally refers to the practice of sending out fraudulent emails in order to get an individual to reveal personal information, such as passwords or credit card information.

A pen test, also known as penetration testing, is a pre-authorized cyberattack on a computer system that is performed to evaluate the security of the system.

A public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.

Ransomware refers to a kind of malicious software that blocks access to a computer until a certain amount of money is paid to the cyber criminal.

A security operations center is an information security team that is dedicated to monitoring and mitigating security issues.

Security Information and Event Management is used to collect data that is relevant to security analysts and operatives. A SIEM platform collates this data and stores it in a standardized format.

SOAR is Security Orchestration, Automation and Response. SOAR assists security operatives in managing the ever increasing number of security alerts. SOAR platforms orchestrate various security solutions and translate data to be accessed and stored more easily.

Supervisory control and data acquisition is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level process supervisory management.

Software as a Service is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. 

A security incident response plan sets out steps for how to counteract a cybersecurity attack or data breach.

Spear Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.

Multi-factor authentication is an additional level of security that requires users to present two pieces of information to log in to a program.

User Behavior Analytics are cybersecurity processes about detection of insider threats, targeted attacks, and financial fraud.

A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

Scroll to Top