温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.secure.com/glossary
点击访问原文链接

Cybersecurity Glossary: Terms, Concepts & Definitions Explained

进入原网站 导航首页
Enterprise A portfolio of Digital Security Teammates mapped to real security functionsEssentialAdvancedStartup Foundational security from day one, without complexitySOC TeammateCompliance TeammateAppSec TeammateInfrastructure Security TeammateRisk & Governance TeammateCISO Reduce risk, stay audit-ready and prove security ROICTO Ship faster while staying secure and compliantProduct OverviewIntegrationsMid-Market SaaS From Two Analysts to 24/7 CoverageVyro.ai × Secure.com From Rapid Growth to Continuous, Automated SecurityAbout usBlogNewsroomWhitepaperGlossaryInteractive DemoEnterprise A portfolio of Digital Security Teammates mapped to real security functionsEssentialAdvancedStartup Foundational security from day one, without complexitySOC TeammateCompliance TeammateAppSec TeammateInfrastructure Security TeammateRisk & Governance TeammateCISO Reduce risk, stay audit-ready and prove security ROICTO Ship faster while staying secure and compliantProduct OverviewMid-Market SaaS From Two Analysts to 24/7 CoverageVyro.ai × Secure.com From Rapid Growth to Continuous, Automated SecurityAbout usBlogNewsroomWhitepaperGlossaryInteractive DemoABCDEFGHIJKLMNOPQRSTUVWXYZAsset Discovery Asset discovery is a critical process for identifying and tracking all hardware and software within an organization, enabling better security, compliance, and cost management across your technology landscape.Asset Visibility Asset visibility provides a continuously updated view of all devices, systems, and cloud resources so organizations can monitor, secure, and manage them effectively.Attack Surface Monitoring Attack surface monitoring finds and tracks every entry point hackers could use before they do—here's how it works and why it matters.Attribute-Based Access Control (ABAC) Learn how Attribute-Based Access Control (ABAC) enables fine-grained, context-aware access decisions by evaluating user, resource, and environmental attributes replacing static role-based models with dynamic, adaptive security.Audit-Ready Evidence Audit-ready evidence provides clear, verifiable proof that security controls and policies are operating as intended—allowing organizations to demonstrate compliance without scrambling during audits.Botnets Understand how botnets, which is a network of millions of compromised devices controlled by attackers, execute massive DDoS attacks, spam campaigns, and data theft.Cloud Jacking Cloud jacking is an identity-driven cyberattack where threat actors hijack cloud accounts and control planes to stealthily exploit resources and exfiltrate data without using malware.Configuration Drift Configuration drift happens when systems slowly diverge from their intended configuration over time, leading to inconsistencies, security vulnerabilities, and management challenges.Continuous Compliance Continuous compliance uses real-time monitoring and automation to keep businesses secure, reduce risk, and simplify audits without increasing headcount.Control Mapping Control mapping is the strategic process of linking internal security safeguards to multiple regulatory requirements, enabling organizations to "build once and comply many times."Data Loss Prevention Move beyond reactive alerts with a comprehensive guide to Data Loss Prevention (DLP)—transforming data security into a proactive, automated defense that secures sensitive assets across cloud, endpoints, and networks.Exposure Management Exposure management is the practice of continuously identifying, prioritizing, and reducing security weaknesses across an organization’s entire digital attack surface.External Attack Surface Management External attack surface management identifies and monitors all internet-facing assets so organizations can find exposed systems, unknown infrastructure, and security weaknesses before attackers exploit them.Fileless Malware Fileless malware executes entirely in memory using trusted system tools, allowing attackers to stay hidden longer and bypass traditional, file-based security defenses.GDPR (General Data Protection Regulation) GDPR is a landmark data protection regulation that gives individuals greater control over their personal data while holding organizations globally accountable for how that data is collected, processed, and protected.Hybrid Cloud Security Hybrid cloud security protects data and workloads across on-premises and cloud environments by unifying visibility, enforcing consistent policies, and adapting defenses to a distributed, constantly changing attack surface.Insider Threats Insider threats exploit trusted access and everyday behavior, making them harder to detect and often more damaging than external cyberattacks.Incident Escalation Incident escalation is the formal process of transferring responsibility to higher-level experts or management to ensure complex security threats are resolved swiftly and effectively.JWT (JSON Web Token) JSON Web Tokens enable fast, stateless authentication across APIs and distributed systems—but only when implemented and validated with strong security discipline.Kerberos Kerberos secures network authentication using encrypted tickets, enabling safe, scalable, and single sign-on access while minimizing credential exposure and replay attacks.Logic Bombs Logic bombs are stealthy, trigger-based cyber threats that lie dormant within legitimate systems until activated, causing disruption, data loss, or financial damage.Malware Malware is malicious software designed to damage, disrupt, or gain unauthorized access to computers and networks.Mean Time to Respond (MTTR) Slow MTTR isn’t just a technical problem—it’s the result of alert overload, manual processes, fragmented tools, and missing context that delay response and increase business risk.Network Access Control (NAC) Network Access Control (NAC) ensures only authorized and compliant devices can access your network, reducing risk and enforcing security policies in real time.OSINT (Open Source Intelligence) OSINT turns publicly available information into actionable intelligence for cybersecurity, risk management, and threat detection.Penetration Testing (Pentesting) Penetration testing simulates real-world cyberattacks to identify exploitable vulnerabilities and measure true business risk before attackers do.QR Code Phishing (Quishing) QR code phishing (“quishing”) hides malicious links inside scannable codes, bypassing traditional email defenses and targeting mobile users to steal credentials or deploy malware.Risk Acceptance Risk acceptance is a deliberate decision to acknowledge a cybersecurity or business risk without taking immediate mitigation steps.Security Questionnaire A security questionnaire is a structured set of questions used to evaluate a vendor’s security practices, compliance controls, and ability to protect sensitive data.SAST SAST scans code for security flaws during development, helping teams fix vulnerabilities before they reach production.Security Case Management Modern security teams face an overwhelming volume of alerts, incidents, and investigative tasks. Security operations centers (SOCs) must track suspicious activity, investigate threats, coordinate responses, and document every action taken during an incident. Without a structured system, investigations often become fragmented—spread across emails, spreadsheets, ticketing systems, and multiple security tools. Security case management addresses this...Shift Left Security Shift left security embeds automated security checks into design and development so teams catch and fix vulnerabilities early—reducing costs, accelerating releases, and preventing production-stage fire drills.SOC2 SOC 2 is a compliance framework that evaluates how organizations protect customer data using the Trust Services Criteria of security, availability, processing integrity, confidentiality, and privacy.Threat Exposure Management (TEM) TEM shifts your security team from chasing vulnerabilities to managing real attacker risk continuously.Unauthorized Access Unauthorized access occurs when a person gains entry to systems, data, or accounts without permission, often becoming the starting point of a larger security breach.Vulnerability Prioritization Prioritize vulnerabilities based on real-world risk—not just severity—to reduce remediation backlog, improve MTTR, and focus on what truly threatens your business.Workload Security Workload security protects the applications, services, and computing resources running in cloud and data-center environments from vulnerabilities, misconfigurations, and active cyber threats.XDR – Extended Detection and Response Extended Detection and Response (XDR) unifies threat detection, investigation, and response across endpoints, networks, cloud, and identity layers.YAML Security Configuration YAML security configuration defines how to safely structure YAML files to prevent misconfigurations and vulnerabilities in applications and infrastructure.Zero-Day Vulnerability A zero-day vulnerability is a previously unknown software flaw that attackers can exploit before developers release a fix.Product OverviewPricingIntegrationsvs AI SOCvs Dropzone AIvs Intezervs TorqAbout UsNewsroomPartner ProgramBlogWhitepapersGlossaryPrivacy PolicyLegal & Compliance

智能索引记录