📚 Cybersecurity Glossary

The use of machine learning algorithms to analyze network traffic, system logs, and user behavior in real-time to identify anomalies and potential cyber threats before they cause damage.

The total sum of all potential entry points where an unauthorized user or system could attempt to exploit data or systems within a network or organization.

A framework and set of tools that continuously monitors cloud environments for misconfigurations, compliance violations, and security risks across multi-cloud architectures.

The practice and study of techniques for secure communication in the presence of third parties, primarily involving encryption and decryption of data.

A cyberattack that floods a target server, service, or network with excessive traffic from multiple sources, causing legitimate users to be denied access.

The unauthorized transfer of data from a computer or server, often conducted by attackers after gaining initial access to the network.

A cybersecurity technology that continuously monitors and collects endpoint activity data to detect, investigate, and respond to sophisticated threats.

The process of converting plaintext data into ciphertext to prevent unauthorized access, requiring a cryptographic key to decrypt and read the original content.

A structured methodology to prepare for, detect, respond to, and recover from security breaches or cyberattacks to minimize damage and reduce recovery time.

Network security tools that monitor traffic for suspicious activity (IDS) and automatically block or mitigate detected threats (IPS) based on signature or anomaly analysis.

Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems. Includes viruses, worms, trojans, spyware, and ransomware.

A security mechanism that requires users to verify their identity using two or more independent credentials: something they know, have, or are.

An authorized simulated cyberattack on a computer system, performed by ethical hackers to identify exploitable vulnerabilities before malicious actors can.

A social engineering attack where attackers impersonate trusted entities via email, SMS, or calls to trick victims into revealing sensitive information or clicking malicious links.

A type of malware that encrypts a victim's files or locks them out of their system, demanding payment (usually cryptocurrency) in exchange for restoring access.

A centralized function within an organization's IT department that employs people, processes, and technology to continuously monitor and improve security posture.

A cyberattack targeting a third-party vendor or service provider to compromise the security of their clients or customers through trusted relationships.

A security model that requires all users, devices, and applications to be continuously authenticated and authorized before granting access to resources, regardless of network location.