Related Concepts

  • Ethical Hacker: A person who acts as an attacker and evaluates the security of an application, system, or computer network to minimize risk

  • Cyberwarfare: Using technology to penetrate and attack another nation’s computer systems and networks to cause damage or disrupt services

  • Hacktivists: A Kind of threat actor that further their beliefs, using cybercrime as their method of attack. The most common is for political purposes

  • APT: Advanced Persistent Attack, multi-phase, long-term, stealthy, and advanced operation against a specific target

  • TTPs: Tactics, Techniques, and Procedures. Used to describe how threat actors operate to accomplish their objectives:

    • Tactics: What the attacker is trying to achieve and the form of the attack from the beginning to the end

    • Techniques: How the attacker achieves intermediate results during the attack

    • Procedures: The specific implementation and the approaches used to conduct the attack

  • Risk Management: A Formal process of continuously identifying and assessing risk to reduce the impact of threats and vulnerabilities

  • Pen-Testing: Involves using the same tools, techniques, and methodologies that someone with malicious intentions would use, to find and report system vulnerabilities

  • Offensive Security: Proactive security strategies that use the same tactics that malicious actors use in real-world attacks to strengthen the security of a system

  • Defensive security: Protecting an organization's network and computer systems by analyzing and securing any potential digital threats

  • Behavior-based security: A form of threat detection that captures and analyzes the communication between a user on a network. Any changes in normal patterns of behavior are regarded as anomalies and may indicate an attack

  • CSIRT: Computer Security Incident Response Team, specialized in receiving, reviewing, and responding to computer security incident reports

  • Security Playbook: Collection of repeatable queries or reports that outline a standardized process for incident detection and response

  • Vulnerability: Defect or malfunction of an application that makes it easy to attack

  • Exploit: A Program specifically created to attack a vulnerability

  • PoC: Proof of Concept, technique, or tool that demonstrates the exploitation of a vulnerability

  • CVSS: Common Vulnerability Scoring System, an open industry standard for assessing the severity of computer system security vulnerabilities

  • VPR: Vulnerability Priority Rating, a modern framework in vulnerability management that focuses on the risk that could directly affect an organization

  • IPS: Intrusion Prevention System uses a set of traffic signatures that match and block malicious traffic and attacks

  • IDS: Intrusion Detection System, detects unauthorized network and system intrusions. It will not take action and won't prevent attacks from happening, just detect, log, and report

  • DLP: Data Loss Prevention, a system designed to stop sensitive data from being stolen from or escaping a network

  • SIEM: Security Information and Event Management, when a system collects and analyzes security alerts, logs, and other real-time and historical data

  • Defense-In-Depth: Practice of putting different layers of security controls together in a system to guarantee security

  • SAMM: Software Assurance Maturity Model, a framework to help organizations evaluate and improve their software security practices. It provides a way to analyze and improve the secure development lifecycle. The most well-known is the OWASP version

  • PIM: Privileged Identity Management translates a user's role within an organization into an access role on a system

  • PAM: Privileged Access Management, management of the privileges a system's access role has

  • Vetting: A screening process where applicants' backgrounds are examined to establish the risk they pose to an organization

  • Threat modeling: The Process of reviewing, improving, and testing the security protocols

  • Bug bounty program: Allows a company to offer a reward for anyone who discovers a security vulnerability in the company’s systems

  • Non-Repudiation: Ensures that in a communication, neither the sender nor the receiver can deny the authenticity of their signature, message, or action

  • Maliciously formatted package: Collection of data improperly formatted that an application is unable to identify, causing the crashing or slowing down of the functions

  • Cryptocurrency: Digital money that can be used to buy goods and services, using strong encryption techniques to secure online transactions

  • Hardening: The Process of securing a system by reducing its vulnerabilities or security holes, for which it is more prone

  • OSS: Open Source Software is software with source code that is publicly available for anyone to use, modify, and distribute

  • Default Safe: A security design principle where a system is configured to be in the safest possible state, unless an explicit action is taken to remove those protections

  • CWE: Common Weakness Enumeration, a list of software weaknesses to create a common language to describe software security weaknesses that are the root causes of given vulnerabilities

  • PII: Personally Identifiable Information is any information that can be used to identify an individual, either on its own or when combined with other data

    • Linkable Information: Data that, when combined, allows a person to be identified.

    • Sensitive Information: Data that affects the intimate life of the holder and must be treated with extreme care

  • PCI: Payment Card Industry refers to the information related to payment cards. It should be handled in compliance with PCI DSS standards to process this data securely

  • S-SDLC: Secure Software Development Life Cycle, Approach that seeks to integrate security at every stage of software development, identifying and mitigating vulnerabilities from the beginning

PreviousCertificationsNextIntroduction

Last updated