Cyber dictionary

Look through our cyber dictionary

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
SSE

Security Service Edge (SSE), is the security component of SASE that unifies all security services, including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Zero Trust Network Access (ZTNA), to secure access to web, cloud services, and private applications. WAN Edge Infrastructure, the networking component in the SASE framework, focuses on the network connectivity element by transforming network architectures to enable a more efficient direct-to-cloud connectivity.

CNAPP

CNAPP (Cloud-Native Application Protection Platform) is a security solution designed to safeguard applications and workloads in cloud-native environments, incorporating features such as workload protection, vulnerability management, and compliance monitoring to ensure robust security across the entire application lifecycle.

CIEM

CIEM (Cloud Infrastructure Entitlement Management) is a security solution that helps organizations manage and enforce user permissions and entitlements across multi-cloud environments, ensuring least-privilege access and reducing the risk of unauthorized access or breaches.

DSPM

DSPM (Data Security and Privacy Management) is a comprehensive approach to safeguarding an organization's sensitive data and user privacy by implementing robust security measures, policies, and practices to prevent unauthorized access, misuse, or breaches.

API

Application Programming Interface

ATP

Advanced Threat Protection

AV

Anti-Virus

AWS

Amazon Web Services commonly referred to as AWS is a cloud computing service it provides software as a service platform as a service and infrastructure as a service

Always On

Tunneling all the traffic towards a gateway

Application Control

Technology to identify and then block/allow Internet applications

Azure

Microsoft Azure commonly referred to as Azure is a cloud computing service it provides software as a service platform as a service and infrastructure as a service

BYOD

Bring your own device

Bandwidth shaping

Technology used to control the amount of traffic flowing between two network endpoints.

Browser Isolation

Service that runs a remote browser and provides streaming or "read-only" type of service for the end-user such capability is isolating the user from any internet harm while browsing

C2

Stands for Command and Control used by attackers to retain communications with compromised systems within a target network and submit commands for execution by the malware

CA

Certification Authority

CASB

Cloud Access Security Broker

CEF

Common Event Format

CI/CD

A method to frequently deliver apps to customers by introducing automation into the stages of app development aka agile development. Specifically CI/CD introduces ongoing automation and continuous monitoring throughout the lifecycle of apps from integration and testing phases to delivery and deployment.

CSPM

Cloud Security Posture Management is a process of continuous monitoring and improvement of the cloud system security.

CSWG

Cloud Security Web Gateway

DAST

Dynamic Application Security Testing demonstrates the attack and provides a proof of exploit for every risk uncovered

DC

Domain Controller or Data Center

DLP

Data Leak Prevention — Technology to stop data exfiltration

DNS

Domain Name Service

Data Classification

Process of organizing data into categories that make it is easy to retrieve sort and store for future use. A well-planned data classification system makes essential data easy to find and retrieve.

DoH

DoH stands for DNS over HTTPS and is a standard DNS protocol that uses HTTPS transport to keep the DNS exchange data protected from eavesdropping. Web browsers like Mozilla's Firefox Microsoft's Edge and Google's Chrome all have the ability to use DoH with the goal of increasing data privacy and security for the users.

EDR

Endpoint Detection and Response is a technology used to detect malicious activity on the endpoints

EPP

Endpoint Protection Platform most of the time refers to traditional Anti-Virus companies or NGAV vendors

Entitlement (IAM)

A permission (allowed action) and a scope that allowed action applies to (e.g. read files in folder start a VM in a specific project)

GCP

Google Cloud Platform offered by Google is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products

GRC

## H

HIDS

Host IDS Intrusion Detection System

IAG

Identity Access Governance the practice of managing access granted to identities

IAM

Identity and Access Management a wide field covering things like IGA SSO PAM MFA IDM and others

IAST

Interactive Application Security Testing analyzes code for security vulnerabilities while the app is run by an automated test human tester or any activity with the application functionality.

ICS

Industrial Control Systems

IDS

Intrusion Detection System technology used for detection of network threats unable to prevent this threats but cable of sending alerts upon detection (passive)

IGA

Identity Governance and Administration products used to govern and manage identities and their access (coarse or granular)

IGW

Integrnet Gateway

IIoT

Industrial Internet of Things

IPS

Intrusion Prevention System technology used for detection and prevention of network threats (active)

IPSEC

Internet Protocol Security — one of the technologies used for traffic encryption between peers

IaaS

Infrastructure as a Service

IaaS

Infrastructure as a Service are mainly public cloud services such as AWSAZURE and GCP

IoMT

Internet of Medical Things

IoT

Internet of Things

LEEF

Log Event Extended Format

MDR

Managed Detection and Response is a managed security service providing threat intelligence from incident detection and response to incident monitoring and analysis

MFA

Multi-Factor Authentication

MUD

Manufacturer Usage Descriptions a file containing YANG-based JSON that describes a Thing and associated suggested specific network behavior. RFC [8520](https://tools.ietf.org/html/rfc8520)

Malware

Software designed to intentionally cause damage to a computer server client or computer network. A wide variety of Malware types exists including computer viruses worms Trojan horses ransomware spyware adware and more

NAC

Network access control is a method of enhancing the security of a private organizational network by restricting the availability of network resources to endpoint devices that comply with the organization’s security policy

NBA

Network Traffic Analysis/Network Behavior Analysis describe technologies that use rule based analysis tools machine learning or other tools for suspicions network activity detection.

NGAV

Next Generation Anti Virus

NGFW

Next-Generation Firewall (Application control User-ID Parallel traffic inspection)

NIC

Network Interface Card Network Interface Controller Network Adaptor

NIDS

Network IDS (Intrusion Detection System)

NOC

Network Operations Center NOC is a central point for software distribution and updating performance monitoring coordination with affiliated networks network troubleshooting and router and domain name management.

NTA

Network Traffic Analysis/Network Behavior Analysis describe technologies that use rule based analysis tools machine learning or other tools for suspicions network activity detection.

PAM

Privileged Access Management is a type of password management used to secure the passwords for login IDs that have elevated security privileges.

PaaS

Platform as a Service

Private key

My secret key that I can use to decrypt data that was sent to me encrypted with the public key I shared with the world

Public key

Encryption key that can be shared with the world so they can encrypt data and send to me

RASP

Run-time Application Security Protection works inside the application but it is less a testing tool and more a security tool. It’s plugged into an application or its run­time environment and can control application execution.

SASE

Secure Access Service Edge is a term defined by Gartner in 2019. This term represents collections of security functions under one umbrella. It focuses on security as a service. Terms such as CASB SWG/CSWG ZTA/SDP Firewall as a Service IAM SDWAN DLP DNS security and many more are all associated with SASE

SAST

Static Application Security Testing scans a project at the code level for vulnerabilities which makes it easier for individual team members to make the changes recommended by the technology

SBOM

Software bill of materials includes analysis of all the software running on the system fingerprinting the files and libraries. Some of the SBOMs can include data about hardware vulnerabilities credentials certificates keys etc.

SCA

Software Composition Analysis

SDP

Software Defined Perimeter

SDWAN

SD-WAN is an acronym for software-defined networking in a wide area network. SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from control pane

SIEM

Security information and event management

SLA

Service Level Agreement

SOAR

Security Orchestration Automation and Response

SOC

Security Operations Center A security operations center is a centralized unit that deals with security issues on an organizational and technical level.

SSL

Secure Socket Layer v2(deprecated) v3(deprecated) see TLS

SSL inspection

Technology for encrypted traffic inspection (SSL or TLS)

SSO

Single Sign On

SWG

Network device that inspects user web traffic going towards the internet

SYSLOG

Protocol to deliver logs to SIEM (port 514)

SaaS

Software as a Service

Sandboxing

Technology to safety inspect potentially malicious files

Security Theater

Reffering to the practice of investing in countermeasures intended to provide the feeling of improved security while doing little or nothing to achieve it.

Sniffer

Software or hardware solution to capture raw packets exchanged wired or wireless networks

Split tunneling

Splitting of traffic between corporate gateway and your standard internet gateway

TAP

A network TAP is a system that monitors events on a local network in order to aid administrators (or attackers) in analyzing the network.

TLS

Transport Layer Security v1.0(phasing out) v1.1(phasing out) v1.2 (common) v1.3(emerging)

Traffic shaping

Technology to limit or prioritize certain traffic on the network

UBA

User Behavior Analytics

URL Filtering

Security control to block malicious URLs or URL blocked by the company’s Policy

User-id

User identification

VA

Vulnerability assessment is done on the software source code or a binary file to determine vulnerabilities that can be affecting the software components application or a whole firmware in case of embedded devices

VPN

Virtual Private Network

VPN tunnels

Term that used to describe a tunnel created using IPSEC or TLS technologies

WAF

Web Application Firewall a technology that designed to protect websites from malicious actors

WFH

Work From Home

ZTNA

Zero Trust Network Access (ZTNA) solutions also referred to as a software-defined perimeter or SDP. ZTNA used to provide secure access to private applications without allowing users to access the whole enterprise network. They are often described as a replacement for traditional technologies like VPN and introduce various methods of authentication to remain identity and context aware of users who are accessing enterprise applications. ZTNA solution types include self-hosted from the cloud and self-managed or as and cloud fully managed.

x.509

In cryptography X.509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols including TLS/SSL which is the basis for HTTPS - the secure protocol for browsing the web. x.509 is also used for offline applications as electronic signatures. RFC [2459](https://tools.ietf.org/html/rfc2459) [4158](https://tools.ietf.org/html/rfc4158) [5280](https://tools.ietf.org/html/rfc5280)

Subscribe