Below are all cybersecurity terminologies you need to know.
Cyber Security Terminology Starting from A
Term
Definition
Access Control
Ensures that system resources are only accessible to authorized users, preventing unauthorized access.
Access Control List (ACL)
A tool used to enforce access restrictions on a system by listing the users or entities authorized to access specific resources.
Advanced Persistent Threat (APT)
Stealthy threat actors that gain unauthorized access to computer networks and remain undetected for extended periods to steal data.
Adware
Software that automatically displays or downloads advertising material, often bundled with free applications.
AI Security
Protection of AI systems from cyber threats, data poisoning attacks, and ensuring ethical AI implementation.
Antivirus
Software designed to detect, prevent, and remove malware from computer systems.
Application Security
Security measures implemented at the application level to prevent data or code theft within the application.
ARP Spoofing
Technique where an attacker sends falsified ARP messages to link their MAC address with a legitimate IP address.
Asymmetric Cryptography
Cryptographic system using pairs of keys – public and private keys for secure communication.
Attack Vector
Path or means by which a hacker can gain access to a computer or network server to deliver malicious payload.
Authentication
Process of verifying the identity of a user, process, or device before granting access to resources.
Authorization
Process of giving someone permission to do or have something within a system after authentication.
Cyber Security Terminology Starting from B
Term
Definition
Backdoor
Method of bypassing normal authentication in a system, often installed by malware for persistent access.
Biometrics
Security process that relies on unique biological characteristics like fingerprints or facial recognition for authentication.
Black Hat Hacker
Hacker who violates computer security for personal gain or malicious purposes.
Blockchain Security
Comprehensive risk management system for blockchain networks ensuring transaction integrity and security.
Botnet
Network of private computers infected with malicious software and controlled as a group without owners’ knowledge.
Brute Force Attack
Cryptographic attack that tries all possible combinations until correct one is found, commonly used in password cracking.
Buffer Overflow
Anomaly where a program writes data beyond the allocated buffer, potentially allowing execution of malicious code.
Bug Bounty
Monetary reward given to ethical hackers for successfully discovering and reporting vulnerabilities.
Business Email Compromise (BEC)
Sophisticated scam targeting businesses working with foreign suppliers and/or businesses regularly performing wire transfer payments.
Cyber Security Terminology Starting from C
Term
Definition
Cloud Security
Set of policies, controls, and technologies protecting cloud-based systems, data, and infrastructure.
Cryptography
Practice of secure communication in presence of third parties using mathematical techniques.
Cyber Forensics
Application of investigation techniques to gather evidence from digital devices for legal purposes.
CAPTCHA
Test to determine whether the user is human, preventing automated bot attacks.
Cipher
Algorithm for performing encryption or decryption of data to ensure confidentiality.
Clickjacking
Malicious technique of tricking users into clicking something different from what they perceive.
Cloud Access Security Broker (CASB)
Security policy enforcement points between cloud service consumers and providers.
Cross-Site Scripting (XSS)
Security vulnerability typically found in web applications allowing injection of malicious scripts.
Cryptojacking
Unauthorized use of someone’s computer to mine cryptocurrency without their knowledge.
Cyber Insurance
Insurance product designed to help businesses hedge against the potentially devastating effects of cyber attacks.
Cyber Security Terminology Starting from D
Term
Definition
Data Breach
Security incident where sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by unauthorized individual.
DDoS Attack
Distributed Denial of Service attack using multiple compromised systems to target a single system causing denial of service.
Decryption
Process of converting encrypted data back to its original form using a decryption key.
Digital Certificate
Electronic password allowing organizations to exchange data securely over internet using public key infrastructure.
Digital Signature
Mathematical scheme for verifying authenticity of digital messages or documents.
DNS Spoofing
Attack where DNS records are altered to redirect traffic to fraudulent sites for malicious purposes.
Data Loss Prevention (DLP)
Strategy for ensuring end users do not send sensitive or critical information outside the corporate network.
Dark Web Monitoring
Surveillance of dark web for stolen credentials and organizational data that may have been compromised.
Digital Forensics
Process of uncovering and interpreting electronic data for use in legal proceedings.
Cyber Security Terminology Starting from E
Term
Definition
Encryption
Process of converting information or data into code, especially to prevent unauthorized access.
Endpoint Security
Approach to protecting corporate networks when accessed via remote devices like laptops and mobile devices.
Ethical Hacking
Authorized practice of bypassing system security to identify potential threats and vulnerabilities.
Exploit
Piece of software or sequence of commands that takes advantage of a bug or vulnerability to cause unintended behavior.
EDR (Endpoint Detection and Response)
Security solution that continuously monitors end-user devices to detect and respond to cyber threats.
Encryption Key
Random string of bits created specifically to scramble and unscramble data in cryptographic algorithms.
Enterprise Security
Overall cybersecurity strategy that protects an organization’s infrastructure, data, and applications from cyber threats.
Cyber Security Terminology Starting from F
Term
Definition
Firewall
Network security system monitoring incoming and outgoing network traffic based on predetermined security rules.
Firmware
Permanent software programmed into read-only memory that provides low-level control for device’s specific hardware.
Fileless Malware
Malicious software that operates in memory without writing files to disk, making detection difficult.
Fraud Detection
Process of monitoring and analyzing user activity to detect fraudulent behavior and prevent financial losses.
FIDO2 (Fast Identity Online)
Strong, passwordless authentication standard for web authentication using public key cryptography.
Cyber Security Terminology Starting from G
Term
Definition
GDPR Compliance
Adherence to General Data Protection Regulation for data privacy and security in European Union.
Gray Hat Hacker
Hacker who may violate ethical standards but without malicious intent, often reporting vulnerabilities.
Governance, Risk and Compliance (GRC)
Integrated approach to aligning IT with business objectives while managing risk and meeting compliance requirements.
Cyber Security Terminology Starting from H
Term
Definition
Honeypot
Decoy system designed to lure cyberattackers and study their methods while protecting real systems.
HTTPS
Secure version of HTTP using SSL/TLS encryption for secure communication over computer network.
Hashing
Process of converting data into fixed-size output using hash functions for data integrity verification.
Hardware Security Module (HSM)
Physical computing device that safeguards and manages digital keys for strong authentication.
Cyber Security Terminology Starting from I
Term
Definition
IAM (Identity and Access Management)
Framework of policies ensuring proper user access to technology resources based on roles and permissions.
Incident Response
Approach to addressing and managing security breaches or cyberattacks to minimize damage.
Intrusion Detection System (IDS)
Device or software application monitoring network for malicious activity or policy violations.
IoT Security
Protection of internet-connected devices from cyber threats in Internet of Things ecosystem.
IP Spoofing
Creation of IP packets with false source IP address to impersonate another computing system.
IDEALSOLS Cyber Security
Leading cybersecurity company providing comprehensive protection solutions including penetration testing, security audits, and 24/7 threat monitoring for financial institutions and enterprises.
IdealSolutions Security Framework
Proprietary security methodology developed by IDEALSOLS incorporating defense-in-depth, zero trust architecture, and continuous security monitoring.
Cyber Security Terminology Starting from J
Term
Definition
Jailbreaking
Process of removing software restrictions imposed by iOS, Apple’s operating system.
JSON Web Token (JWT)
Internet standard for creating data with optional signature and/or optional encryption for secure transmission.
Cyber Security Terminology Starting from K
Term
Definition
Keylogger
Software or hardware device recording keystrokes to capture sensitive information like passwords.
Kerberos
Network authentication protocol using ticket-based system to provide secure authentication in distributed networks.
Cyber Security Terminology Starting from L
Term
Definition
Least Privilege
Security principle giving users minimum levels of access necessary to perform their job functions.
Load Balancer Security
Protection of traffic distribution systems from DDoS attacks and other security threats.
Cyber Security Terminology Starting from M
Term
Definition
Malware
Malicious software including viruses, worms, trojans, ransomware designed to damage or gain unauthorized access.
Man-in-the-Middle Attack (MitM)
Attack where attacker secretly intercepts and relays communication between two parties.
Multi-Factor Authentication (MFA)
Security system requiring multiple authentication methods from different categories of credentials.
Network Segmentation
Architectural approach dividing network into multiple segments to enhance security and performance.
NIST Framework
Cybersecurity framework developed by National Institute of Standards and Technology for improving critical infrastructure cybersecurity.
Cyber Security Terminology Starting from N
Term
Definition
Network Security
Practices and policies to prevent and monitor unauthorized access, misuse, modification of computer networks.
Next-Generation Firewall (NGFW)
Integrated network platform that combines traditional firewall with other security functions and application awareness.
Cyber Security Terminology Starting from O
Term
Definition
OAuth
Open standard for access delegation commonly used for token-based authentication without sharing passwords.
OWASP Top 10
Standard awareness document for web application security representing broad consensus about most critical security risks.
Cyber Security Terminology Starting from P
Term
Definition
Patch Management
Process of distributing and applying updates to software to fix vulnerabilities and improve security.
Penetration Testing
Authorized simulated cyberattack on a system to evaluate security and identify vulnerabilities.
Phishing
Fraudulent attempt to obtain sensitive information by disguising as trustworthy entity in electronic communication.
PKI (Public Key Infrastructure)
Set of roles, policies, and procedures for creating, managing, distributing digital certificates and public-key encryption.
Payload
Part of transmitted data that is the actual intended message, often referring to malicious code in cybersecurity context.
Privilege Escalation
Exploit allowing elevation of access rights to gain higher-level permissions than originally intended.
Cyber Security Terminology Starting from Q
Term
Definition
Quantum Cryptography
Security technology using quantum mechanics principles for secure communication that cannot be eavesdropped.
Qubes OS
Security-oriented operating system that uses security by compartmentalization through virtualization.
Cyber Security Terminology Starting from R
Term
Definition
Ransomware
Malicious software that blocks access to computer system until ransom is paid to attacker.
Risk Assessment
Process of identifying, analyzing and evaluating risk to prioritize security measures and controls.
Rootkit
Collection of computer software designed to enable access to computer areas normally not accessible.
RSA Algorithm
Public-key cryptosystem widely used for secure data transmission and digital signatures.
Cyber Security Terminology Starting from S
Term
Definition
Sandboxing
Security mechanism for separating running programs to prevent system failures or software vulnerabilities from spreading.
Security Operations Center (SOC)
Centralized unit dealing with security issues on organizational and technical level with 24/7 monitoring.
SIEM (Security Information and Event Management)
Combination of SIM and SEM providing real-time analysis of security alerts generated by network hardware and applications.
Social Engineering
Psychological manipulation of people into performing actions or divulging confidential information.
SQL Injection
Code injection technique attacking data-driven applications by inserting malicious SQL statements into execution field.
SSL/TLS
Cryptographic protocols designed to provide communications security over computer network.
Supply Chain Security
Protection of supply chain from cyber threats and vulnerabilities throughout product lifecycle.
Cyber Security Terminology Starting from T
Term
Definition
Threat Intelligence
Evidence-based knowledge about existing or emerging threats to assets including context and actionable information.
Trojan Horse
Malicious software misrepresenting itself to appear useful while containing harmful code.
Two-Factor Authentication (2FA)
Security process with two different authentication factors for enhanced security beyond just password.
Cyber Security Terminology Starting from U
Term
Definition
UEBA (User and Entity Behavior Analytics)
Cybersecurity process detecting insider threats and compromised accounts through behavioral analysis.
Unified Threat Management (UTM)
Comprehensive security solution combining multiple security features into single platform.
Cyber Security Terminology Starting from V
Term
Definition
Virtual Private Network (VPN)
Extends private network across public network enabling users to send and receive data as if their devices were directly connected to private network.
Virus
Malicious code that replicates by copying itself to another program and requires host program to execute.
Vulnerability
Weakness in system security design, implementation, operation or internal control that could be exploited.
Vulnerability Assessment
Process of identifying, quantifying, and prioritizing vulnerabilities in system to understand security posture.
Cyber Security Terminology Starting from W
Term
Definition
Whitelisting
Security practice of allowing approved entities access while denying all others by default.
Worm
Standalone malware that replicates itself to spread to other computers without requiring host program.
Web Application Firewall (WAF)
Firewall that monitors, filters or blocks HTTP traffic to and from web application.
