Glossary of Security Terms

Advanced Encryption Standard with a 256-bit key, a symmetric encryption algorithm widely used for its strength and efficiency.

An asymmetric encryption algorithm utilizing a 4096-bit key, known for its high level of security in public-key cryptography.

Secure Sockets Layer/Transport Layer Security, protocols for establishing encrypted links between networked computers.

A security system that requires multiple methods of authentication from independent categories of credentials to verify the user's identity.

A method of regulating access to computer or network resources based on the roles of individual users.

Tools designed to identify and prevent suspicious activity within a network.

A decentralized ledger technology known for its robustness, transparency, and immutability, often used for enhancing security and trust in digital transactions.

General Data Protection Regulation, a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union.

An international standard on how to manage information security, providing requirements for an information security management system (ISMS).

The use of artificial intelligence to analyze and predict potential security threats, enhancing proactive measures and adaptive responses.

A cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner.

The process of altering data to make it less recognizable and less easily understood, often used to protect sensitive information.

The substitution of sensitive data with a non-sensitive equivalent, known as a token, which has no extrinsic or exploitable meaning or value.

A comprehensive review and analysis of an organization's IT infrastructure, policies, and operations to identify vulnerabilities and ensure compliance with security standards.

The distribution of functions and powers away from a central location or authority, commonly referenced in blockchain technology for enhancing security and reducing single points of failure.

A ledger that cannot be altered or deleted, a key feature of blockchain technology ensuring data integrity and trustworthiness.

Set guidelines and requirements that organizations must adhere to, ensuring best practices in security and data protection are followed.

The use of advanced algorithms and data analytics to predict potential security threats, allowing for preemptive action and enhanced security protocols.

Security measures focused on protecting devices (endpoints) in a network, such as computers and mobile devices, from malicious activities and threats.

Algorithms used to convert data into a fixed-size string of characters, which is typically a hash code. Used in ensuring data integrity and in various security applications.

Guidelines and methodologies for writing software code that is resistant to vulnerabilities and attacks, crucial in maintaining system security.

Dividing a computer network into smaller parts to limit access to sensitive information and improve performance and security.

Technologies and methodologies used to identify attempts to acquire sensitive information by disguising as a trustworthy entity in digital communication.

Simulated cyber attacks on a computer system, performed to evaluate the security of the system.

A structured approach for handling and managing the aftermath of a security breach or cyber attack, with the aim of limiting damage and reducing recovery time and costs.

A security model that requires strict identity verification for every person and device trying to access resources, regardless of whether they are within or outside of the network perimeter.

The process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system.

A cryptographic network protocol used for operating network services securely over an unsecured network.

A mathematical technique used to validate the authenticity and integrity of a message, software, or digital document.

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Strategies and tools used to prevent data loss or unauthorized access and exfiltration of sensitive information.

Security measures applied to data and application-specific protocols, like HTTP and DNS, to prevent data breaches at the application level of an IT system.

A security technology that removes potentially malicious code from files to prevent cyber attacks.

Frameworks and technologies used to ensure that the right individuals access the appropriate resources at the right times and for the right reasons.

A structured approach for identifying, assessing, managing, and mitigating risks to an organization’s assets and data.

Solutions that provide real-time analysis of security alerts generated by applications and network hardware.

Physical devices designed to safeguard digital keys for strong authentication and provide crypto-processing.

The process of identifying unusual patterns or behaviors in network traffic and data, which could indicate security threats.

An open standard for exchanging authentication and authorization data between parties, specifically between an identity provider and a service provider.

A technology that creates a safe and encrypted connection over a less secure network, such as the internet.

The process of reviewing and analyzing the current security state of an information system or network.

A security vulnerability typically found in web applications, allowing attackers to inject client-side scripts into web pages viewed by other users.

Technologies that enable organizations to collect inputs monitored by the security operations team.

A security technique that divides data centers into distinct security segments down to the individual workload level and then defines security controls and delivers services for each unique segment.

Security measures and protocols designed to protect the integrity, confidentiality, and availability of containers and their contents.

Network security appliances that monitor network and/or system activities for malicious activities.

The process of discovering the underlying causes of security breaches or failures.

The concept that digital data is subject to the laws of the country in which it is located or stored.

The use of data analysis tools to detect abnormal behaviors that might indicate security threats.

Security policy enforcement points placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies.

Security solutions focused on detecting, investigating, and mitigating suspicious activities on hosts and endpoints.

Prolonged and targeted cyberattacks in which an intruder gains access to a network and remains undetected for an extended period.

Random data that is used as an additional input to a one-way function that hashes data, a password, or passphrase.

A cybersecurity strategy where a system blocks all applications or traffic except those explicitly allowed.