Glossary

Definitions of common cybersecurity terms.
Shield dashboard highlighting critical network information.

Attacker-centric vulnerabilitiy management

Go beyond CVEs and view your network like an attacker. Take action on the most critical risks on your most critical assets.
Book a demo
Shield dashboard highlighting critical network information.

Attacker-centric vulnerabilitiy management

Go beyond CVEs and view your network like an attacker. Take action on the most critical risks on your most critical assets.
Book a demo

APT (Advanced Persistent Threat)

A security breach that allows an attacker extended access or control over a system without the owner's awareness. Often exploits unknown vulnerabilities or zero day attacks, maintaining access even as some attack vectors are blocked.

Access Control

The means and mechanisms of managing access to and use of resources by users. Three primary forms: DAC (Discretionary Access Control) - manages access through on-object ACLs; MAC (Mandatory Access Control) - restricts access based on classification or clearance level labels; RBAC (Role Base Access Control) - controls access through job labels assigned with permissions and privileges. (Also known as authorization.)

Access Points

A device that creates a wireless local area network (WLAN), usually in an office or large building. It connects to a wired router, switch, or hub via an Ethernet cable and projects a Wi-Fi signal to a designated area.

Active Directory

Active Directory allows administrators to manage permissions and access network resources. It stores data such as users, groups, applications, or devices such as printers.

Active Monitoring

Active monitoring takes a proactive approach to network troubleshooting by highlighting potential problems before they impact end-users. The technology simulates end-user behavior rather than examining actual users and data. This helps to assess the impact of newly-integrated hardware devices on network performance and eliminates blind spots.

Anti-Spam

Services and solutions that focus on blocking and mitigating the effects of spam or unsolicited emails on email users.

Anti-Virus

Software used to prevent, scan, detect, and remove viruses from a computer to prevent malware from causing damage to your device.

Antivirus software

Software that monitors a computer system or network communications for known examples of malicious code. Also known as Malware Scanner. Uses pattern recognition or signature matching to detect known malicious code. Some adopt technologies like anomaly detection, behavioral detection, and heuristic detection to potentially detect new and unknown malware.

Application

A computer software package that performs a specific function directly for an end-user or, in some cases, for another application. Some examples are Microsoft Excel, QuickBooks, Sage, and AutoCAD.

Asset

Anything used in and necessary to the completion of a business task. Includes tangible and intangible items such as equipment, software code, data, facilities, personnel, market value, and public opinion.

Authentication

The process of verifying the identity of a person or device by checking to see if a user's credentials match the credentials in a database of authorized users. This enables organizations to keep their networks secure by permitting only authenticated users or processes to gain access to their protected resources.

Authorization

The security mechanism determining and enforcing what authenticated users are authorized to do within a computer system. The dominant forms of authorization are DAC, MAC, and RBAC. DAC (Discretionary Access Control) manages access using ACL (Access Control Lists) on each resource object where users are listed along with the permissions or privileges granted or denied them. MAC (Mandatory Access Control) manages access using labels of classification or clearance on both subjects and objects, and only those subjects with equal or superior clearance are allowed to access resources. RBAC (Role Based Access Control) manages access using labels of a job role that has been granted the permissions and privileges needed to accomplish a specific job or role.

Azure

A collection of various cloud computing services, including remotely hosted and managed versions of Microsoft technologies that are operated through a global network of Microsoft-managed data centers.

BCP (Business Continuity Planning)

A business management plan used to resolve issues that threaten core business tasks. (Also known as Business Continuity Management.) The goal of BCP is to prevent the failure of mission-critical processes when they have been harmed by a breach or accident. Once core business tasks have been stabilized, BCP dictates the procedure to return the environment back to normal conditions. BCP is used when the normal security policy has failed to prevent harm from occurring, but before the harm has reached the level of fully interrupting mission-critical processes, which would trigger the Disaster Recovery Process (DRP).

BYOD (Bring Your Own Device)

A company’s security policy dictating whether or not workers can bring in their own devices into the work environment, whether or not such devices can be connected to the company network and to what extent that connection allows interaction with company resources. A BYOD policy can range from a complete prohibition of personal devices being brought into the facility to allowing any device to be connected to the company network with full access to all company resources. Generally, a BYOD policy puts reasonable security limitations on which devices can be used on company property and severely limits access to sensitive company network resources. BYOD should address concerns such as data ownership, asset tracking, geo-location, patching and upgrades, security applications (such as malware scanners, firewalls and IDS), storage segmentation, appropriate vs inappropriate applications, onboarding, offboarding, repair/replacement due to damage, legal concerns, internal investigations and law enforcement investigations and forensics.

Backing Up

Creating a duplicate copy of data onto a separate physical storage device or online/cloud storage solution. A backup is the only insurance against data loss. With a backup, damaged or lost data files can be restored. Backups should be created on a regular, periodic basis such as daily. A common strategy is based on the 3-2-1 rule: you should have three copies of your data - the original and 2 backups; you should use 2 different types of media (such as a physical media (such as a hard drive or tape) and a cloud storage solution); and do not store the three copies of data in 1 plane (i.e. backups should be stored offsite). It is important to store backups for disaster recovery at an offsite location in order to insure they are not damaged by the same event that would damage the primary production location. However, additional onsite backups can be retained for resolving minor issues such as accidental file deletion or hard drive failure.

Backup Server

A server responsible for date, file, application, and/or database backups. It has the capability to manage and recover the backups, whether it is a locally-based or a remote backup server.

Backups

A process to copy computer files, databases, or information to create a second version that is taken and stored in a secondary location for preservation. It is used to protect your files in the event of data loss.

Bandwidth

The maximum amount of data that can be transmitted over an internet connection in a given amount of time. This is different from internet speed which measures the maximum rate at which data can be transmitted. Bandwidth is measured in megabits per second (Mbps) or gigabytes per second (Gbps).

Behavior Monitoring

Recording the events and activities of a system and its users. The recorded events are compared against security policy and behavioral baselines to evaluate compliance and/or discover violations. Behavioral monitoring can include the tracking of trends, setting of thresholds and defining responses. Trend tracking can reveal when errors are increasing requiring technical support services, when abnormal load levels occur indicating the presence of malicious code, or when production work levels increase indicating a need to expand capacity. Thresholds are used to define the levels of activity or events above which are of concern and require a response. The levels below the threshold are recorded but do not trigger a response. Responses can be to resolve conflicts, handle violations, prevent downtime or improve capabilities.

Blacklist

A security mechanism prohibiting the execution of those programs on a known malicious or undesired list of software. The blacklist is a list of specific files known to be malicious or otherwise unwanted. Any program on the list is prohibited from executing while any other program, whether benign or malicious, is allowed to execute by default. (See whitelist.)

Block Cipher

A type of symmetric encryption algorithm that divides data into fixed-length sections and then performs the encryption or decryption operation on each block. The action of dividing a data set into blocks enables the algorithm to encrypt data of any size.

Bluetooth

Technology that uses radio signals to enable the wireless exchange of data between devices within a short amount of distance. Bluetooth can be used in many applications, including connecting devices to play music, transfer photos, or use peripherals such as keyboards and mice.

Botnet

A collection of innocent computers which have been compromised by malicious code to run a remote control agent granting an attacker the ability to remotely take advantage of the system’s resources for illicit or criminal actions. These actions include DoS flooding attacks, hosting false Web services, spoofing DNS, transmitting SPAM, eavesdropping on network communications, recording VOIP communications, and attempting to crack encryption or password hashes. Botnets can be comprised of dozens to over a million individual computers. The term botnet is a shortened form of robotic network.

Browser

An application that provides a way to look at and interact with the World Wide Web, including web pages, videos, and images. Common browsers include Google Chrome, Firefox, and Microsoft Edge.

Starting with Shield is simple, fast, and free.

Book a demo