Cybersecurity Glossary

What Is an Advanced Persistent Threat?  An advanced persistent threat (APT) is a threat (that could transform into a full-scale attack) where a hacker has…

What Is a Botnet?  A botnet is a network of bot-compromised machines that can be controlled and used to launch massive attacks by a bot-herder.…

What Is a Brute-Force Attack? Brute-force is a hacking method that uses trial-and-error password guessing. It relies on software to automatically go through millions of…

What is Business Email Compromise?  Business Email Compromise (BEC) is a kind of cybercrime where a hacker gains control of an internal email account and…

What Is Cryptojacking?  Cryptocurrencies have become more popular and edging towards the mainstream, the mining of these digital currencies—which uses computing power to solve complex…

What Is a Cyber Attack?  A cyber attack is any attempt – successful or otherwise — by cybercriminals to access a cloud or computer network…

What Is Threat Intelligence? According to the National Institute of Standards and Technology (NIST), threat intelligence refers to “threat information that has been aggregated, transformed,…

What Is a DDoS Attack?  A DDoS attack consists of multiple compromised systems attacking a target on your network, such as a server or your…

What Is an Endpoint?   It may seem like a simple question, but the answer is complicated — not because of the tech industry, but rather…

What Is an Endpoint? An endpoint is any device that resides at the end point of a network connection and can communicate on that network.…

What Is a Hypervisor?   A hypervisor is another term for a virtual monitoring machine (VMM), a device that is able to manage multiple virtual machines…

What Is Incident Response?   Incident response (IR) is a set of processes and tools used to identify, contain, and remediate cyberattacks, and to restore the…

What Are Initial Access Brokers?  Initial access brokers are threat actors that sell cybercriminals access to corporate networks. They are highly skilled in their field…

What Is IoT?   “IoT” is short for “Internet of Things,” which is the network of internet-enabled and connected devices. Since the term was first coined…

What Is a Keylogger? A keylogger is a program that monitors user keystrokes on a device. This can be used for both illegal and legitimate…

What Is Lateral Movement? Lateral movement is when a threat actor navigates through a breached environment, gaining new access and user privileges as they go.…

What Are Malicious Apps? Malicious apps are a method of manipulating users into downloading malware that allows cybercriminals to steal personal information, including login credentials…

What Is Malware? Malware, a portmanteau of the words malicious and software, is any software or program that is designed to disrupt and damage a…

What Is Managed Detection and Response?  Managed Detection and Response (MDR) solutions combine human work with technology to provide continuous monitoring as well as threat…

What Is MTTD?  Mean Time to Detect (MTTD) is the average time it takes a team to discover a security threat or incident.  What Is…

What Is Multi-Factor Authentication? Multi-factor authentication (MFA) is a form of access control that acts as an additional security measure to a user login. It’s…

What Is Network Segmentation? Network segmentation is the division of an organisation’s network architecture into subnets. Each of these subnets is its own, albeit smaller,…

What Is Password Fatigue?  Password fatigue is a feeling of stress and/or frustration stemming from the creation and maintenance of passwords for the multitude of…

What Is Penetration Testing Penetration testing, also known as pen test, is an authorised and simulated cyber attack performed on an IT system (or systems)…

What Is Phishing?  The most common social engineering attack, phishing is, simply, a ruse tricks a user into giving access, data, or money to bad…

What Is a Polymorphic Virus?  A polymorphic virus is malware that can adapt, or “morph,” to avoid detection and circumvent security tools.   The polymorphic virus…

What Is Pretexting?  Pretexting is a social engineering tactic used by threat actors to gain trust, data, or access to accounts using a fabricated story,…

What Is the Principle of Least Privilege?  It often makes sense for an organisation to limit access to specific systems and data only to those…

What Is Ransomware?  Ransomware is a type of malware that freezes a system or data, preventing users from accessing them. The idea behind the attack…

What Is Ransomware-as-a-Service (RaaS)? In recent years, threat actors have begun collaborating with each other in a ransomware-as-a-service (RaaS) model to infiltrate organizations. The RaaS…

What Is a Red Team v. Blue Team Exercise? A red team v. blue team is a training exercise conducted by an organisation to test…

What Is Security Awareness?  Security awareness is a standardised process that provides employees, contractors, vendors, and other third-party stakeholders with cybersecurity education. Security awareness training…

What Is Security Operations? Security operations refers to the people, processes, and technology that all work together to create and manage a security architecture for…

What Is a Security Operations Center? A security operations center (SOC) is responsible for orchestrating people, technology, and processes to reduce the likelihood and impact…

What Is Shadow IT? Shadow IT is the unauthorised use of any apps, devices, services, technologies, solutions, and infrastructure without the knowledge, approval, and support…

What Is Social Engineering? Essentially, social engineering uses psychology to manipulate a person into taking an action. This could be anything from revealing sensitive data…

What Is Spear Phishing? Spear phishing is a specific kind of phishing attack where a threat actor targets a specific person or organisation with a…

What Is Spoofing?  Spoofing is when bad actors impersonate another person or company. The attacker’s goal is to gain the confidence of the potential victim…

What Is a Supply Chain Attack? A supply chain attack is when an organisation, or multiple organisations, is attacked through a third-party vendor. A third-party…

What Is a Threat Actor? A threat actor is an individual, or group of individuals, who conduct malicious activities on the internet such as cyber…

What Is Threat Hunting? Threat hunting is the proactive search through the full spectrum of environmental data to identify advanced threats while developing additional detection…

What Is a Trojan Horse?  A Trojan Horse is malware that comes in disguise. Designed to look like a legitimate piece of code or software,…

What Is UEBA? UEBA stands for user and entity behavior analytics. It’s a type of cybersecurity solution that uses machine learning algorithms to detect suspicious…

What Is Vishing? Vishing is a cybercrime combining voice calls with phishing attacks. So-called “voice phishing” uses multiple tools and strategies, such as social engineering,…

What Is Vulnerability Management? Vulnerability management is the ongoing process of identifying, assessing, and remediating vulnerabilities within your network or systems.   The four stages of…

What Is Whaling?  It’s a great question. The answer, however, relies on the proper context. Before we get into what whaling is, let’s take a…

What Is Wire Transfer Fraud?  The term comes from the original version of this crime which used wire transfers, or the transfer of funds between…

What Is XDR? Extended Detection and Response (XDR) consolidates the data and tools necessary to provide enhanced visibility, analysis, and response for all system risks…

What Is Zero Trust?  Zero Trust is a cybersecurity strategy that eliminates implicit trust within a network or system. In short, it means, “trust no…

What Is a Zero-Day?  A zero-day is a vulnerability in a piece of hardware or software that was previously unknown to the vendor, meaning they…