Cyber Glossary
All definitions in cybersecurity, clearly explained. Browse definitions and sharpen your understanding to advance your skills and career.
Comprehensive Definitions
Clear, accurate explanations of cybersecurity terms and concepts
Career Focused
Learn skills and certifications relevant to your career path
Security First
Stay updated with the latest security practices and threats
Cyber Security Terms
159 of 159 terms
a
12 termsAuthentication, Authorization, and Accounting (AAA)
A security framework that provides three essential security services: verifying user identity, controlling access to resources, and tracking user activities
Attribute-Based Access Control
A dynamic access control model that grants or denies access based on attributes of users, resources, and the environment.
Access Control
A method to ensure only authorized users and systems can access specific resources
Access Review
A periodic process of evaluating and validating user access rights to ensure they are appropriate and comply with security policies.
Adware
Software that displays unwanted advertisements to users, often bundled with legitimate software and designed to generate revenue for developers.
Aircrack-ng
A complete suite of tools to assess WiFi network security, including packet capture, WEP and WPA/WPA2-PSK cracking, and network analysis.
Application Security
The practice of protecting software applications from security threats through secure development practices, testing, and ongoing security measures.
Advanced Persistent Threat (APT)
A sophisticated, long-term cyber attack campaign conducted by highly skilled threat actors, often state-sponsored, targeting specific organizations or industries
Asymmetric Encryption
A cryptographic method that uses different keys for encryption and decryption, enabling secure key exchange and digital signatures.
Attack Surface
The total number of points where an unauthorized user can attempt to enter or extract data from a system, network, or application.
Authorization
The process of determining what an authenticated user is allowed to do
Availability
The principle of ensuring that systems, data, and services are accessible and usable when needed by authorized users, protecting against service disruptions and downtime.
b
7 termsBackdoor
A hidden method of bypassing normal authentication to gain unauthorized access to a system, often installed by malware or attackers
Backup
A copy of data stored separately to restore in case of data loss, corruption, or cyberattack
Blockchain
Distributed ledger technology that enables secure, transparent, and tamper-resistant record-keeping through cryptographic verification and consensus mechanisms.
Blue Teaming
The defensive side of cybersecurity operations, focusing on protecting systems, detecting threats, and responding to security incidents to maintain organizational security.
Bot (Malware)
A compromised device that is remotely controlled by an attacker, often as part of a botnet for malicious activities
Botnet
A network of compromised computers (bots) controlled by an attacker to perform malicious activities such as DDoS attacks, spam distribution, and data theft.
Brute Force Attack
An attack that tries all possible combinations to guess credentials
c
13 termsChecksum
Mathematical value calculated from data to detect errors in transmission or storage, used to verify data integrity.
Cloud Models
Different service and deployment models for cloud computing, including IaaS, PaaS, SaaS, and various deployment options like public, private, and hybrid clouds
Cloud Security
The protection of data, applications, and infrastructure in cloud computing environments through security controls, policies, and technologies.
Command and Control (C2)
Infrastructure used by attackers to communicate with and control compromised systems remotely
Compliance
Adherence to laws, regulations, and industry standards to ensure data protection and security
Confidentiality
The principle of ensuring that information is accessible only to those authorized to have access, protecting data from unauthorized disclosure.
Configuration Management
The process of systematically managing changes to system configurations to maintain security, compliance, and operational efficiency.
Cookie
Small text files stored on user devices by websites to remember user preferences, login status, and browsing behavior.
Cross-Site Scripting (XSS)
A web application vulnerability where malicious scripts are injected into trusted websites, allowing attackers to execute code in users' browsers
Cryptomalware
A type of ransomware that encrypts files and demands payment, often in cryptocurrency, for decryption keys
Cloud Service Provider
A company that offers cloud computing services including infrastructure, platforms, and software delivered over the internet.
CVE and CVSS
Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS) are standards for identifying and scoring security vulnerabilities.
Cyber Kill Chain
A security model developed by Lockheed Martin that outlines the stages of a cyberattack, from reconnaissance to actions on objectives.
d
12 termsDigital Certificates
Electronic documents that bind public keys to identities, enabling secure communications, authentication, and digital signatures
Dark Web
A hidden part of the internet accessible only through specialized software, often associated with illicit activities and anonymous communications
Data Protection
The process of safeguarding important information from corruption, compromise, or loss through various security measures and practices.
DDoS Attack
A Distributed Denial-of-Service attack overwhelms systems with traffic, making services unavailable
DevSecOps
The integration of security practices within the DevOps process, creating a 'Security as Code' culture with continuous, flexible collaboration between release engineers and security teams.
Dictionary Attack
A password-cracking technique that systematically tests words from a predefined list (dictionary) to guess passwords.
Digital Certificates
Electronic documents that bind public keys to identities, enabling secure communications, authentication, and digital signatures
Digital Forensics
The process of collecting, analyzing, and preserving digital evidence from electronic devices and systems for legal proceedings and incident response.
Digital Signature
Cryptographic technique that provides authentication, integrity, and non-repudiation for digital documents and messages.
Data Loss Prevention (DLP)
A security technology that monitors, detects, and prevents unauthorized access, use, or transmission of sensitive data
DMZ
Demilitarized Zone - a network segment that contains and isolates external-facing services from internal networks, providing an additional layer of security.
Dumpster Diving
A physical security attack where attackers search through trash, recycling bins, or discarded materials to find sensitive information
e
5 termsEndpoint Detection and Response (EDR) / Extended Detection and Response (XDR)
Advanced security technologies that provide real-time monitoring, detection, and response capabilities for endpoints and extended security environments
Eliciting Information
A social engineering technique that uses conversation and psychological manipulation to extract sensitive information from individuals without their awareness
Encryption
The process of converting readable data into an unreadable format to prevent unauthorized access
Evil Twin
A wireless network attack where an attacker creates a fake Wi-Fi access point that mimics a legitimate network to intercept user traffic and steal sensitive information
Exploit
A piece of software, data, or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or gain unauthorized access to a system.
f
3 termsFile Integrity Monitoring (FIM)
A security technology that monitors and detects unauthorized changes to critical files and system configurations
Fileless Virus
Malware that operates in memory without writing files to disk, making detection and removal more challenging
Firewall
A network security device that monitors and controls incoming and outgoing network traffic
g
2 termsGap Analysis
A systematic process of comparing current security posture against desired state to identify deficiencies and prioritize security improvements
GDPR
General Data Protection Regulation - a comprehensive data protection law that regulates how organizations collect, process, and protect personal data of EU residents.
h
8 termsHacktivist
An individual or group that uses hacking techniques to promote a political or social agenda.
Hashcat
The world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms.
Hashing
A one-way cryptographic function that transforms data into a fixed-length string for integrity verification and secure storage
HIPAA
Health Insurance Portability and Accountability Act - a US law that establishes national standards for protecting sensitive patient health information and ensuring privacy and security of healthcare data.
Honeyfile
Decoy files designed to attract and detect unauthorized access, providing early warning of data breaches and insider threats
Honeynet
A network of honeypots designed to provide comprehensive monitoring and analysis of cyber attacks across multiple systems and services
Honeypot
A decoy system designed to attract and monitor cyber attackers, providing early warning and intelligence about attack methods and tools
Honeytoken
Fake credentials, data, or identifiers designed to detect unauthorized access and track data misuse across systems and applications
i
10 termsIdentity and Access Management
A framework of policies, processes, and technologies for managing digital identities and controlling access to resources.
IDS/IPS
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) that monitor network traffic for suspicious activity and potential threats.
Incident Response
A structured approach to detecting, managing, and recovering from cybersecurity incidents to minimize impact and restore normal operations.
Information Security
The practice of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Infostealer
Malicious software designed to steal sensitive information from infected systems, including credentials, financial data, and personal information.
Injection Attacks
A class of attacks where malicious code or commands are inserted into applications, often targeting databases, operating systems, or web applications
Insider Threat
A security risk that originates from within an organization, typically involving employees, contractors, or business partners with authorized access
Integrity
The principle of ensuring data accuracy, consistency, and reliability throughout its lifecycle, protecting against unauthorized modification or corruption.
IPsec
Internet Protocol Security (IPsec) is a suite of protocols for securing IP communications by authenticating and encrypting each IP packet in a data stream.
ISO 27001
International standard for information security management systems (ISMS) that provides a framework for managing and protecting sensitive information.
k
3 termsKali Linux
A Debian-based Linux distribution designed for digital forensics and penetration testing, containing hundreds of pre-installed security tools.
Key Management
The process of generating, distributing, storing, and rotating cryptographic keys securely
Keylogger
Malware or hardware that records keystrokes to capture sensitive information such as passwords and messages
l
3 termsLeast Privilege
A security principle where users and systems are granted only the minimum access necessary to perform their required functions
Logging and Monitoring
Recording system activity and analyzing logs to detect and respond to suspicious behavior
Logic Bomb
Malicious code that is triggered by a specific event or condition, often causing harm or disruption
m
5 termsMalware
Malicious software designed to harm systems, steal data, or gain unauthorized access
Metasploit
A penetration testing framework that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Multi-Factor Authentication (MFA)
A security mechanism that requires two or more methods of verification before granting access
Man-in-the-Middle Attack (MITM)
An attack where an adversary secretly intercepts and alters communication between two parties
MITRE ATT&CK
A globally accessible knowledge base of adversary tactics and techniques based on real-world observations, used for threat modeling and defense.
n
6 termsNetwork Access Control (NAC)
A security technology that controls access to network resources based on device compliance, user identity, and security policies
Nessus
A proprietary vulnerability scanner developed by Tenable that scans for security vulnerabilities, misconfigurations, and compliance issues in networks and systems.
Network Segmentation
Dividing a network into smaller, isolated segments to improve security, performance, and reduce the impact of cyberattacks
NIST Cybersecurity Framework
A voluntary framework consisting of standards, guidelines, and best practices to manage cybersecurity risk for critical infrastructure and organizations.
Nmap
Network Mapper - a powerful open-source network discovery and security auditing tool used for network exploration, security scanning, and port scanning.
Non-repudiation
A security service that prevents individuals from denying that they performed a specific action, ensuring accountability and authenticity of digital communications
o
4 termsOperating System Security
The protection of operating systems through security controls, hardening, monitoring, and management to prevent unauthorized access and maintain system integrity.
Open Source Intelligence (OSINT)
The collection and analysis of publicly available information from various sources to gather intelligence and support security investigations
OSSEC
An open-source host-based intrusion detection system that provides log analysis, file integrity monitoring, and real-time alerting.
OWASP
Open Web Application Security Project - a nonprofit foundation that works to improve the security of software through community-led open source projects.
p
13 termsPassword Cracking
The process of recovering passwords from data stored or transmitted by computer systems, often using automated tools and techniques.
Patch Management
The process of acquiring, testing, and applying updates to software to fix vulnerabilities and improve performance
PCI DSS
Payment Card Industry Data Security Standard - a set of security standards designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.
Penetration Testing
A simulated cyberattack conducted by ethical hackers to identify and exploit vulnerabilities before malicious actors can use them
Pharming
A cyber attack that redirects users from legitimate websites to fake ones by manipulating DNS or host files, often for credential theft
Phishing
A social engineering attack that uses fraudulent emails, websites, or messages to trick users into revealing sensitive information or installing malware
Physical Security
Measures designed to protect personnel, hardware, software, networks, and data from physical actions and events that could cause serious loss or damage.
Port Scanning
A technique used to identify open ports and services available on a networked device, commonly used in network reconnaissance and security assessment.
Pretexting
A social engineering attack where an attacker fabricates a scenario (pretext) to trick a target into revealing sensitive information.
Privilege Escalation
A security attack where an attacker gains elevated access privileges beyond what they were originally granted, often to access sensitive data or perform unauthorized actions
Proxy Server
A server that acts as an intermediary between client devices and other servers, providing security, caching, and access control for network communications.
Potentially Unwanted Programs (PUPs)
Software that may be unwanted despite being installed with user consent, often bundled with legitimate applications
Purple Teaming
A collaborative approach that combines red team (attack) and blue team (defense) activities to improve security posture through continuous testing and feedback.
r
10 termsRansomware
Malicious software that encrypts files or systems and demands payment for decryption keys
Remote Access Trojan (RAT)
A type of Trojan that provides attackers with remote control over infected systems, often used for surveillance and data theft
Rate Limiting
A security technique that controls the rate of requests a user can make to a system, preventing abuse and protecting against attacks.
Role-Based Access Control
A security model that restricts system access based on the roles of individual users within an organization.
Red Teaming
A full-scope, multi-layered attack simulation designed to measure how well a company's people, networks, applications, and physical security controls can withstand an attack from a real adversary.
Risk Assessment
The process of identifying, analyzing, and evaluating risks to an organization's assets
Risk Assessment
The process of identifying, analyzing, and evaluating risks to determine their likelihood and potential impact on an organization's assets, operations, and objectives.
Risk Management
The process of identifying, assessing, and prioritizing risks to minimize their impact on organizational objectives and operations.
Risk Mitigation
The process of implementing strategies and controls to reduce the likelihood or impact of identified risks to acceptable levels within an organization.
Rootkit
Malware designed to hide its presence and provide privileged access to attackers by modifying the operating system or software
s
22 termsSalting
A cryptographic technique that adds random data to passwords before hashing to prevent rainbow table attacks and improve password security
SASE
A cloud-based security model that combines network security functions with WAN capabilities to support the dynamic, secure access needs of organizations.
Secure Development
The practice of developing software with security built-in from the beginning, following secure coding practices, and integrating security throughout the development lifecycle.
Security Audit
An independent review that evaluates an organization's information security policies, practices, and controls
Security Controls
Mechanisms, policies, and procedures designed to protect information systems and data from security threats and vulnerabilities.
Shoulder Surfing
A physical security attack where attackers observe users entering passwords, PINs, or other sensitive information by looking over their shoulder
SIEM
Security Information and Event Management system that provides real-time analysis of security alerts generated by network hardware and applications.
Service Level Agreement (SLA)
A formal contract that defines the level of service expected from a service provider, including performance metrics, availability, and response times
Smishing
A phishing attack that uses SMS (text messages) to trick users into revealing sensitive information or clicking malicious links
Snort
An open-source network intrusion detection and prevention system that performs real-time traffic analysis and packet logging.
SOAR
Security Orchestration, Automation, and Response platform that enables security teams to collect threat data and alerts from various sources and respond to low-level security incidents automatically.
SOC
Security Operations Center - a centralized unit that deals with security issues on an organizational and technical level, providing 24/7 monitoring and incident response.
Social Engineering
Psychological manipulation techniques used to trick people into revealing confidential information or performing actions that compromise security
Spam
Unsolicited bulk messages sent via email, SMS, or other communication channels, often for advertising, phishing, or malware distribution
Spear Phishing
A targeted phishing attack directed at specific individuals or organizations, using personalized information to increase success rates
SPIM (Spam over Instant Messaging)
Unsolicited bulk messages sent via instant messaging platforms, often for advertising, phishing, or malware distribution
Split Tunneling
A VPN configuration that allows some traffic to go through the VPN tunnel while other traffic goes directly to the internet, bypassing the VPN.
Spyware
Malware designed to secretly monitor and collect user activity and data without consent
State Actor
A threat actor sponsored or directed by a nation-state, often involved in cyber espionage, sabotage, or warfare.
STRIDE
A threat modeling framework that categorizes security threats into six categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
Suricata
A high-performance network IDS/IPS and network security monitoring engine that provides real-time intrusion detection and prevention.
Symmetric Encryption
A cryptographic method where the same key is used for both encryption and decryption of data, providing fast and efficient data protection.
t
7 termsTailgating
A physical security attack where unauthorized individuals gain access to restricted areas by following authorized personnel through secure entrances
Threat Hunting
A proactive cybersecurity approach where security analysts actively search for threats and malicious activity that may have evaded existing security controls.
Threat Intelligence
The process of collecting, analyzing, and sharing information about current and emerging cyber threats to help organizations defend against attacks.
Threat Modeling
A structured approach to identifying, analyzing, and mitigating potential threats to a system
Threat
Any circumstance or event that has the potential to cause harm to an information system, organization, or individuals through unauthorized access, destruction, disclosure, or modification of information.
Transport Layer Security
A cryptographic protocol that provides secure communication over computer networks, commonly used to secure web browsing, email, and other applications.
Trojan
Malicious software disguised as legitimate programs to trick users into installing and executing harmful code
v
8 termsVendor Management
Process of managing relationships with third-party vendors, suppliers, and service providers to ensure security, compliance, and business continuity.
Virus
A type of malicious software that attaches itself to legitimate programs and spreads by infecting other files or systems.
Vishing
A phishing attack that uses voice calls or voicemail messages to trick users into revealing sensitive information or performing actions
Virtual Local Area Network
A logical network segment that groups devices together regardless of their physical location, providing network segmentation and security.
VPN
Virtual Private Network — a secure tunnel that encrypts your internet traffic and masks your IP address
Vulnerability Assessment
A systematic process of identifying, quantifying, and prioritizing security vulnerabilities in systems
Vulnerability Scanning
The automated process of identifying security vulnerabilities in systems, networks, and applications to assess security posture and prioritize remediation efforts
Vulnerability
A weakness or flaw in a system, application, or process that could be exploited by a threat to cause harm or compromise security.
w
3 termsWhaling
A highly targeted phishing attack directed at high-level executives and senior management, often for financial fraud or corporate espionage
Wireshark
A free and open-source packet analyzer used for network troubleshooting, analysis, software and communications protocol development, and education.
Worm
Self-replicating malware that spreads across networks by exploiting vulnerabilities without user interaction
z
2 termsZero Day
A vulnerability in software or hardware that is unknown to the vendor and has no available patch, making it a high-priority security concern.
Zero Trust
A security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting inside or outside of the network perimeter.