Advanced Persistent Threat
What Is an Advanced Persistent Threat? An advanced persistent threat (APT) is a threat (that could transform into a full-scale attack) where a hacker has…
Arctic Wolf Presents
Cybersecurity Glossary
Defining the key cybersecurity terms you need to know
Deepen your knowledge with definitions, explanations, and overviews of the most important terms and concepts in cybersecurity.
A
READ MORE »
B
Botnet
What Is a Botnet? A botnet is a network of bot-compromised machines that can be controlled and used to launch massive attacks by a bot-herder.…
Brute-Force Attack
What Is a Brute-Force Attack? A brute-force attack is a tactic used by threat actors to gain unauthorized access to an account, system, or encrypted…
Business Email Compromise (BEC)
What Is Business Email Compromise? Business email compromise (BEC) is a sophisticated cyber attack in which threat actors manipulate individuals within an organization into taking actions that benefit the attacker, typically through fraudulent email…
C
CIS Controls
What Are the CIS Controls? The Center for Internet Security (CIS) Controls are a prioritized set of cybersecurity best practices that help organizations defend against…
Cloud-Native Application Protection Platform (CNAPP)
What Is a CNAPP? A cloud-native application protection platform (CNAPP) is a set of integrated tools designed to secure and protect cloud-native applications across development…
Cryptojacking
What is Cryptojacking? Cryptojacking is a kind of cyber attack where a threat actor uses an organization’s computing resources—such as servers, endpoints, or cloud infrastructure—to…
Cyber Attack
What Is a Cyber Attack? A cyber attack is any attempt – successful or otherwise — by cybercriminals to access a cloud or computer network…
Cyber Maturity Model Certification (CMMC)
What Is CMMC? The Cyber Maturity Model Certification (CMMC) is the standard for implementing cybersecurity across the Department of Defense (DoD), as well as any…
Cyber Risk Assessment
What Is a Cyber Risk Assessment? A cyber risk assessment (also known as a cybersecurity assessment) is a key component of a risk management program.…
Cyber Threat Intelligence
What is Threat Intelligence? Threat intelligence (often called cyber threat intelligence or CTI) is evidence-based knowledge about existing or emerging cyber threats — what threat…
D
Dark Web Monitoring
What Is Dark Web Monitoring? Dark web monitoring is the scanning of the dark web for employee credentials and confidential company information. Dark web monitoring…
Data Exfiltration
What Is Data Exfiltration? Data exfiltration is the unauthorized transfer or theft of sensitive information from an organization’s network, systems, or devices. This malicious activity…
DDoS Attack
What is a DDoS Attack? A distributed denial-of-service (DDoS) attack consists of multiple compromised devices or systems (often qualifying as botnets) attacking a target on…
E
Endpoint
What Is an Endpoint? An endpoint is any physical device that resides at the end point of a network connection and can communicate on that…
Endpoint Detection and Response (EDR)
What Is Endpoint Detection and Response? (EDR?) EDR is a host-based security solution that monitors endpoints within an organization’s IT environment to detect and respond…
H
Hypervisor (VMM)
What Is a Hypervisor (VMM)? A hypervisor is another term for a virtual monitoring machine (VMM), a device that is able to manage multiple virtual…
I
Incident Response
What Is Incident Response? Incident response (IR) is the structured methodology organizations use to prepare for, detect, contain, eradicate, and recover from cybersecurity incidents. This…
Initial Access Brokers
What Are Initial Access Brokers? Initial access brokers (IABs) are threat actors that sell cybercriminals access to organizations’ networks. Once they have access to an…
Insider Threats
What Are Insider Threats? An insider threat is a cybersecurity risk originating from within an organization, typically involving individuals who have authorized access to company…
Internet of Things (IoT)
What Is IoT? “IoT” is short for “Internet of Things,” which is the network of internet-enabled and connected devices. Since the term was first coined…
K
Keylogger
What Is a Keylogger? A keylogger is a program that monitors user keystrokes on a device. This can be used for both illegal and legitimate…
L
Lateral Movement
What Is a Lateral Movement? Lateral movement refers to the techniques attackers use to move deeper into a network after gaining initial access. Once inside…
M
Malicious Apps
What Are Malicious Apps? Malicious apps are a method of manipulating users into downloading malware that allows cybercriminals to steal personal information, including login credentials…
Malware
What Is Malware? Malware, a term born from combining ‘malicious’ and ‘software,’ refers to any program or software designed to harm or exploit systems and…
Managed Detection and Response (MDR)
What is Managed Detection and Response? Managed Detection and Response (MDR) is a cybersecurity service delivery model that combines advanced threat detection technologies with expert-driven…
Managed Endpoint Detection and Response (mEDR)
What is mEDR? mEDR is a detection and response solution that adds a service layer onto an endpoint detection and response (EDR) tool, providing a…
Managed Security Services (MSS)
What Are Managed Security Services? Managed security services (MSS) represent cybersecurity capabilities delivered and operated by third-party providers on behalf of client organizations. These services…
MTTD and MTTR
What Is MTTD? Mean Time to Detect (MTTD) is the average time it takes a team to discover a security threat or incident. What Is…
Multi-Factor Authentication (MFA)
What Is Multi-Factor Authentication? Multi-factor authentication (MFA) is a security method that requires users to verify their identity through two or more different types of evidence before…
N
Network Segmentation
What is Network Segmentation? Network segmentation is the digital architectural technique of dividing an organization’s network into smaller, isolated segments or subnetworks, each with its…
P
Password Fatigue
What Is Password Fatigue? Password fatigue is a feeling of stress and/or frustration stemming from the creation and maintenance of passwords for the multitude of…
Penetration Testing (Pen Tests)
What Is Penetration Testing? Penetration testing, also known as pen test, is an authorized and simulated cyber attack performed on an IT system (or systems)…
Phishing
What Is Phishing? Phishing is a common social engineering cyber attack that uses deceptive communication, generally in the form of emails, to manipulate individuals into divulging sensitive information or performing actions that…
Polymorphic Virus
What Is a Polymorphic Virus? A polymorphic virus is malware that can adapt, or “morph,” to avoid detection and circumvent security tools. The polymorphic virus…
Pretexting
What Is Pretexting? Pretexting is a social engineering tactic used by threat actors to gain trust, data, or access to accounts using a fabricated story,…
Principle of Least Privilege (PoLP)
What is The Principle of Least Privilege? The principle of least privilege (PoLP) is a security concept that restricts user and system access to the…
Privilege Escalation
What Is Privilege Escalation? Privilege escalation is a cyber attack technique in which an adversary exploits vulnerabilities, misconfigurations, or human errors to gain unauthorized access to elevated…
R
Ransomware
What Is Ransomware? Ransomware is a type of malware that freezes a system or data, preventing users from accessing them. The idea behind the attack…
Ransomware-as-a-Service
What is Ransomware-as-a-Service? Ransomware-as-a-Service (RaaS) is a cybercrime business model in which ransomware developers license their malware to affiliates who carry out attacks on organizations.…
Red Team Vs. Blue Team
What Is a Red Team Vs. Blue Team Exercise? A red team vs. blue team is a training exercise conducted by an organization to test…
S
Security Awareness Training
What Is Security Awareness Training? Security awareness training is a structured educational program designed to equip employees with the knowledge and skills needed to recognize, avoid,…
Security Operations (SecOps)
What Is Security Operations (SecOps)? Security operations refers to the people, processes, and technology that all work together to create and manage a security architecture…
Security Operations Center (SOC)
What is a SOC? A security operations center (SOC) serves as the nerve center of an organization’s cybersecurity defense, functioning as a centralized team and…
Shadow IT
What Is Shadow IT? Shadow IT is the unauthorized use of any apps, devices, services, technologies, solutions, and infrastructure without the knowledge, approval, and support…
Social Engineering
What is Social Engineering? Social engineering is a cyber attack technique that manipulates human psychology to trick people into divulging confidential information, downloading malware, or…
Spear Phishing
What Is Spear Phishing? Spear phishing is a specific kind of phishing attack where a threat actor targets a specific person or organization with a…
Spoofing Attack
What Is a Spoofing Attack? A spoofing attack is when bad actors impersonate another person or company. The attacker’s goal is to gain the confidence…
Supply Chain Compromise
What Is a Supply Chain Compromise? A supply chain compromise occurs when threat actors infiltrate an organization by targeting and exploiting a trusted third-party vendor, partner, or…
T
Threat Actor
What Is a Threat Actor? A threat actor is an individual, or group of individuals, who conduct malicious activities on the internet such as cyber…
Threat Hunting
What Is Threat Hunting? Threat hunting is a proactive cybersecurity practice in which skilled analysts actively search for hidden threats within an organization’s environment before…
Trojan Horse
What Is a Trojan Horse? A Trojan Horse is malware disguised as legitimate software. It tricks users into downloading, installing, or running malicious code on…
U
UEBA
What Is UEBA? UEBA stands for user and entity behavior analytics. It’s a type of cybersecurity solution that uses machine learning algorithms to detect suspicious…
V
Vishing
What Is Vishing? Vishing is a cybercrime combining voice calls with phishing attacks. So-called “voice phishing” uses multiple tools and strategies, such as social engineering,…
Vulnerability Management
What Is Vulnerability Management? Vulnerability management is the ongoing process of identifying, assessing, and remediating vulnerabilities within your network or systems. The four stages of…
W
Whaling
What Is Whaling? Essentially, whaling is a spear phishing attack aimed at a high-value target, such as executives, IT department heads, finance department heads, or…
Wire Transfer Fraud
What Is Wire Transfer Fraud? The term comes from the original version of this crime which used wire transfers, or the transfer of funds between…
X
XDR
What Is XDR? Extended detection and response (XDR) is a unified cybersecurity approach that collects and correlates security data from multiple sources across an organization’s technology environment…
Z
Zero Trust
What Is Zero Trust? Zero trust is a security framework that eliminates implicit trust by requiring continuous verification of every user, device, and application attempting to access resources, regardless of their…
Zero-Day Exploit
What Is a Zero-Day? A zero-day is a vulnerability in a piece of hardware or software that was previously unknown to the vendor, meaning they…
