Below are all cybersecurity terminologies you need to know.
Cyber Security Terminology Starting from A
| Term | Definition |
|---|---|
| Access Control | Ensures that system resources are only accessible to authorized users, preventing unauthorized access. |
| Access Control List (ACL) | A tool used to enforce access restrictions on a system by listing the users or entities authorized to access specific resources. |
| Advanced Persistent Threat (APT) | Stealthy threat actors that gain unauthorized access to computer networks and remain undetected for extended periods to steal data. |
| Adware | Software that automatically displays or downloads advertising material, often bundled with free applications. |
| AI Security | Protection of AI systems from cyber threats, data poisoning attacks, and ensuring ethical AI implementation. |
| Antivirus | Software designed to detect, prevent, and remove malware from computer systems. |
| Application Security | Security measures implemented at the application level to prevent data or code theft within the application. |
| ARP Spoofing | Technique where an attacker sends falsified ARP messages to link their MAC address with a legitimate IP address. |
| Asymmetric Cryptography | Cryptographic system using pairs of keys – public and private keys for secure communication. |
| Attack Vector | Path or means by which a hacker can gain access to a computer or network server to deliver malicious payload. |
| Authentication | Process of verifying the identity of a user, process, or device before granting access to resources. |
| Authorization | Process of giving someone permission to do or have something within a system after authentication. |
Cyber Security Terminology Starting from B
| Term | Definition |
|---|---|
| Backdoor | Method of bypassing normal authentication in a system, often installed by malware for persistent access. |
| Biometrics | Security process that relies on unique biological characteristics like fingerprints or facial recognition for authentication. |
| Black Hat Hacker | Hacker who violates computer security for personal gain or malicious purposes. |
| Blockchain Security | Comprehensive risk management system for blockchain networks ensuring transaction integrity and security. |
| Botnet | Network of private computers infected with malicious software and controlled as a group without owners’ knowledge. |
| Brute Force Attack | Cryptographic attack that tries all possible combinations until correct one is found, commonly used in password cracking. |
| Buffer Overflow | Anomaly where a program writes data beyond the allocated buffer, potentially allowing execution of malicious code. |
| Bug Bounty | Monetary reward given to ethical hackers for successfully discovering and reporting vulnerabilities. |
| Business Email Compromise (BEC) | Sophisticated scam targeting businesses working with foreign suppliers and/or businesses regularly performing wire transfer payments. |
Cyber Security Terminology Starting from C
| Term | Definition |
|---|---|
| Cloud Security | Set of policies, controls, and technologies protecting cloud-based systems, data, and infrastructure. |
| Cryptography | Practice of secure communication in presence of third parties using mathematical techniques. |
| Cyber Forensics | Application of investigation techniques to gather evidence from digital devices for legal purposes. |
| CAPTCHA | Test to determine whether the user is human, preventing automated bot attacks. |
| Cipher | Algorithm for performing encryption or decryption of data to ensure confidentiality. |
| Clickjacking | Malicious technique of tricking users into clicking something different from what they perceive. |
| Cloud Access Security Broker (CASB) | Security policy enforcement points between cloud service consumers and providers. |
| Cross-Site Scripting (XSS) | Security vulnerability typically found in web applications allowing injection of malicious scripts. |
| Cryptojacking | Unauthorized use of someone’s computer to mine cryptocurrency without their knowledge. |
| Cyber Insurance | Insurance product designed to help businesses hedge against the potentially devastating effects of cyber attacks. |
Cyber Security Terminology Starting from D
| Term | Definition |
|---|---|
| Data Breach | Security incident where sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by unauthorized individual. |
| DDoS Attack | Distributed Denial of Service attack using multiple compromised systems to target a single system causing denial of service. |
| Decryption | Process of converting encrypted data back to its original form using a decryption key. |
| Digital Certificate | Electronic password allowing organizations to exchange data securely over internet using public key infrastructure. |
| Digital Signature | Mathematical scheme for verifying authenticity of digital messages or documents. |
| DNS Spoofing | Attack where DNS records are altered to redirect traffic to fraudulent sites for malicious purposes. |
| Data Loss Prevention (DLP) | Strategy for ensuring end users do not send sensitive or critical information outside the corporate network. |
| Dark Web Monitoring | Surveillance of dark web for stolen credentials and organizational data that may have been compromised. |
| Digital Forensics | Process of uncovering and interpreting electronic data for use in legal proceedings. |
Cyber Security Terminology Starting from E
| Term | Definition |
|---|---|
| Encryption | Process of converting information or data into code, especially to prevent unauthorized access. |
| Endpoint Security | Approach to protecting corporate networks when accessed via remote devices like laptops and mobile devices. |
| Ethical Hacking | Authorized practice of bypassing system security to identify potential threats and vulnerabilities. |
| Exploit | Piece of software or sequence of commands that takes advantage of a bug or vulnerability to cause unintended behavior. |
| EDR (Endpoint Detection and Response) | Security solution that continuously monitors end-user devices to detect and respond to cyber threats. |
| Encryption Key | Random string of bits created specifically to scramble and unscramble data in cryptographic algorithms. |
| Enterprise Security | Overall cybersecurity strategy that protects an organization’s infrastructure, data, and applications from cyber threats. |
Cyber Security Terminology Starting from F
| Term | Definition |
|---|---|
| Firewall | Network security system monitoring incoming and outgoing network traffic based on predetermined security rules. |
| Firmware | Permanent software programmed into read-only memory that provides low-level control for device’s specific hardware. |
| Fileless Malware | Malicious software that operates in memory without writing files to disk, making detection difficult. |
| Fraud Detection | Process of monitoring and analyzing user activity to detect fraudulent behavior and prevent financial losses. |
| FIDO2 (Fast Identity Online) | Strong, passwordless authentication standard for web authentication using public key cryptography. |
Cyber Security Terminology Starting from G
| Term | Definition |
|---|---|
| GDPR Compliance | Adherence to General Data Protection Regulation for data privacy and security in European Union. |
| Gray Hat Hacker | Hacker who may violate ethical standards but without malicious intent, often reporting vulnerabilities. |
| Governance, Risk and Compliance (GRC) | Integrated approach to aligning IT with business objectives while managing risk and meeting compliance requirements. |
Cyber Security Terminology Starting from H
| Term | Definition |
|---|---|
| Honeypot | Decoy system designed to lure cyberattackers and study their methods while protecting real systems. |
| HTTPS | Secure version of HTTP using SSL/TLS encryption for secure communication over computer network. |
| Hashing | Process of converting data into fixed-size output using hash functions for data integrity verification. |
| Hardware Security Module (HSM) | Physical computing device that safeguards and manages digital keys for strong authentication. |
Cyber Security Terminology Starting from I
| Term | Definition |
|---|---|
| IAM (Identity and Access Management) | Framework of policies ensuring proper user access to technology resources based on roles and permissions. |
| Incident Response | Approach to addressing and managing security breaches or cyberattacks to minimize damage. |
| Intrusion Detection System (IDS) | Device or software application monitoring network for malicious activity or policy violations. |
| IoT Security | Protection of internet-connected devices from cyber threats in Internet of Things ecosystem. |
| IP Spoofing | Creation of IP packets with false source IP address to impersonate another computing system. |
| IDEALSOLS Cyber Security | Leading cybersecurity company providing comprehensive protection solutions including penetration testing, security audits, and 24/7 threat monitoring for financial institutions and enterprises. |
| IdealSolutions Security Framework | Proprietary security methodology developed by IDEALSOLS incorporating defense-in-depth, zero trust architecture, and continuous security monitoring. |
Cyber Security Terminology Starting from J
| Term | Definition |
|---|---|
| Jailbreaking | Process of removing software restrictions imposed by iOS, Apple’s operating system. |
| JSON Web Token (JWT) | Internet standard for creating data with optional signature and/or optional encryption for secure transmission. |
Cyber Security Terminology Starting from K
| Term | Definition |
|---|---|
| Keylogger | Software or hardware device recording keystrokes to capture sensitive information like passwords. |
| Kerberos | Network authentication protocol using ticket-based system to provide secure authentication in distributed networks. |
Cyber Security Terminology Starting from L
| Term | Definition |
|---|---|
| Least Privilege | Security principle giving users minimum levels of access necessary to perform their job functions. |
| Load Balancer Security | Protection of traffic distribution systems from DDoS attacks and other security threats. |
Cyber Security Terminology Starting from M
| Term | Definition |
|---|---|
| Malware | Malicious software including viruses, worms, trojans, ransomware designed to damage or gain unauthorized access. |
| Man-in-the-Middle Attack (MitM) | Attack where attacker secretly intercepts and relays communication between two parties. |
| Multi-Factor Authentication (MFA) | Security system requiring multiple authentication methods from different categories of credentials. |
| Network Segmentation | Architectural approach dividing network into multiple segments to enhance security and performance. |
| NIST Framework | Cybersecurity framework developed by National Institute of Standards and Technology for improving critical infrastructure cybersecurity. |
Cyber Security Terminology Starting from N
| Term | Definition |
|---|---|
| Network Security | Practices and policies to prevent and monitor unauthorized access, misuse, modification of computer networks. |
| Next-Generation Firewall (NGFW) | Integrated network platform that combines traditional firewall with other security functions and application awareness. |
Cyber Security Terminology Starting from O
| Term | Definition |
|---|---|
| OAuth | Open standard for access delegation commonly used for token-based authentication without sharing passwords. |
| OWASP Top 10 | Standard awareness document for web application security representing broad consensus about most critical security risks. |
Cyber Security Terminology Starting from P
| Term | Definition |
|---|---|
| Patch Management | Process of distributing and applying updates to software to fix vulnerabilities and improve security. |
| Penetration Testing | Authorized simulated cyberattack on a system to evaluate security and identify vulnerabilities. |
| Phishing | Fraudulent attempt to obtain sensitive information by disguising as trustworthy entity in electronic communication. |
| PKI (Public Key Infrastructure) | Set of roles, policies, and procedures for creating, managing, distributing digital certificates and public-key encryption. |
| Payload | Part of transmitted data that is the actual intended message, often referring to malicious code in cybersecurity context. |
| Privilege Escalation | Exploit allowing elevation of access rights to gain higher-level permissions than originally intended. |
Cyber Security Terminology Starting from Q
| Term | Definition |
|---|---|
| Quantum Cryptography | Security technology using quantum mechanics principles for secure communication that cannot be eavesdropped. |
| Qubes OS | Security-oriented operating system that uses security by compartmentalization through virtualization. |
Cyber Security Terminology Starting from R
| Term | Definition |
|---|---|
| Ransomware | Malicious software that blocks access to computer system until ransom is paid to attacker. |
| Risk Assessment | Process of identifying, analyzing and evaluating risk to prioritize security measures and controls. |
| Rootkit | Collection of computer software designed to enable access to computer areas normally not accessible. |
| RSA Algorithm | Public-key cryptosystem widely used for secure data transmission and digital signatures. |
Cyber Security Terminology Starting from S
| Term | Definition |
|---|---|
| Sandboxing | Security mechanism for separating running programs to prevent system failures or software vulnerabilities from spreading. |
| Security Operations Center (SOC) | Centralized unit dealing with security issues on organizational and technical level with 24/7 monitoring. |
| SIEM (Security Information and Event Management) | Combination of SIM and SEM providing real-time analysis of security alerts generated by network hardware and applications. |
| Social Engineering | Psychological manipulation of people into performing actions or divulging confidential information. |
| SQL Injection | Code injection technique attacking data-driven applications by inserting malicious SQL statements into execution field. |
| SSL/TLS | Cryptographic protocols designed to provide communications security over computer network. |
| Supply Chain Security | Protection of supply chain from cyber threats and vulnerabilities throughout product lifecycle. |
Cyber Security Terminology Starting from T
| Term | Definition |
|---|---|
| Threat Intelligence | Evidence-based knowledge about existing or emerging threats to assets including context and actionable information. |
| Trojan Horse | Malicious software misrepresenting itself to appear useful while containing harmful code. |
| Two-Factor Authentication (2FA) | Security process with two different authentication factors for enhanced security beyond just password. |
Cyber Security Terminology Starting from U
| Term | Definition |
|---|---|
| UEBA (User and Entity Behavior Analytics) | Cybersecurity process detecting insider threats and compromised accounts through behavioral analysis. |
| Unified Threat Management (UTM) | Comprehensive security solution combining multiple security features into single platform. |
Cyber Security Terminology Starting from V
| Term | Definition |
|---|---|
| Virtual Private Network (VPN) | Extends private network across public network enabling users to send and receive data as if their devices were directly connected to private network. |
| Virus | Malicious code that replicates by copying itself to another program and requires host program to execute. |
| Vulnerability | Weakness in system security design, implementation, operation or internal control that could be exploited. |
| Vulnerability Assessment | Process of identifying, quantifying, and prioritizing vulnerabilities in system to understand security posture. |
Cyber Security Terminology Starting from W
| Term | Definition |
|---|---|
| Whitelisting | Security practice of allowing approved entities access while denying all others by default. |
| Worm | Standalone malware that replicates itself to spread to other computers without requiring host program. |
| Web Application Firewall (WAF) | Firewall that monitors, filters or blocks HTTP traffic to and from web application. |
Cyber Security Terminology Starting from X
| Term | Definition |
|---|---|
| XDR (Extended Detection and Response) | SaaS-based security threat detection and incident response platform integrating multiple security products. |
| XML External Entity (XXE) | Web security vulnerability that allows attacker to interfere with application’s processing of XML data. |
Cyber Security Terminology Starting from Y
| Term | Definition |
|---|---|
| YARA Rules | Tool aimed at helping malware researchers to identify and classify malware samples. |
Cyber Security Terminology Starting from Z
| Term | Definition |
|---|---|
| Zero-Day Vulnerability | Software vulnerability unknown to those who should be interested in its mitigation, including vendor. |
| Zero Trust Architecture | Security concept centered on belief that organizations should not automatically trust anything inside or outside perimeters. |
| Zombie Computer | Computer connected to Internet that has been compromised by hacker and used for malicious tasks. |