Cybrary = Cybersecurity Library
Welcome to CyberHoot’s Cybersecurity Library. Here you can learn the basic meaning of various cybersecurity and technology terms. While we strive hard to accurately describe terms factually, if you have suggestions for us for missing terms, incorrect definitions, or excellent resources, please send those to cybrary@cyberhoot.com. We’ll do our best to respond but cannot reply to all incoming messages. We hope you enjoy this free resource.
Sincerely,
Cyber Al, the Knowledge Owl behind the curtain of CyberHoot
A
- Access Control Mechanism
- Access Control (Physical and Logical)
- Accidental Insider Threat
- Account Hijacking
- Active Attack
- Active Content
- Active Directory (AD)
- Administrator Rights
- Advanced Persistent Threat
- Adversary (or Attacker)
- Advertising/Data Clean Rooms Protect Consumer Privacy and Build Trust
- Adware
- AES Encryption
- Agile Development Methodology
- Air Gap
- Allow List, Permit List
- All-Source Analysis
- Antivirus Software
- Anti-Censorship
- Anti-Malware
- Apple Wireless Direct Link (AWDL)
- Application Fuzzing
- Application Programming Interface (API)
- Application Proxy
- Application Security Assessment
- Artificial Intelligence (AI)
- Assembly Language
- Attack
- Attacker
- Attack Signature
- Attack Surface
- Attribution
- Authentication
- Authenticity
- Authorization
- Availability
B
- Backdoor
- Backup Versioning
- Bandwidth
- Biometrics
- Bitcoin
- Black Box Testing
- Blended Threat
- Bloatware
- Blockchain
- Block List, Deny List
- Bluejacking
- Blue Team
- Bogon
- Boot Sector Virus
- Bot, Botnet, Bot Herder, and Bot Master
- Brute Force Attack
- Buffer Overflow Attack
- Bug
- Bug Bounty Programs
- Built-In Security
- Business Continuity and Disaster Recovery Plan
- Business Email Compromise (BEC)
- BYOD
C
- Call Admission Control (CAC)
- Castle-and-Moat Network Security Model
- Catfishing
- ChatGPT
- Checksum
- Check Digits
- Ciphertext
- Clickbait
- Clickjacking
- Closed Source
- Cloud Computing
- Command and Control (C&C) Server
- Command Line Interface (CLI)
- Commercial Off-The-Shelf (COTS)
- Common Vulnerabilities and Exposures (CVE)
- Compromised Credentials
- Computer Emergency Response Team (CERT)
- Computer Network Defense
- Confidentiality
- Contact Tracing
- Container
- Containment
- Content Delivery Network (CDN)
- Continuity of Operations Plan
- Controlled Unclassified Information (CUI)
- Cookie
- Coronavirus Advisory
- Countermeasure
- Cracker
- Credential Stuffing
- Critical (Confidential) Information
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Cryptanalysis
- Cryptocurrency Wallet
- Cryptographic Algorithm
- Cryptography
- Crypto-Mining or Cryptojacking
- Customer Relationship Management (CRM)
- Cybersecurity
- Cybersecurity and Infrastructure Security Agency (CISA)
- Cybersecurity Ecosystem
- Cybersecurity Maturity Model Certification (CMMC)
- Cyberspace
- Cyberwarfare
- Cyber Criminals
- Cyber Espionage
- Cyber Insurance
D
- Data Aggregation
- Data Breach
- Data Classification
- Data Exfiltration
- Data Loss
- Data Loss Prevention
- Data Mining
- Data Normalization
- Data Sanitization
- Data Spill
- Decrypt
- Decryption
- Deepfake
- Deep Learning
- Demilitarized Zone (DMZ)
- Denial of Service (DoS)
- Digital Content Management (DCM)
- Digital Forensics
- Digital Rights Management (DRM)
- Digital Signature
- Discretionary Access Controls (DAC)
- Disinformation
- Distributed Denial of Service (DDoS)
- DKIM
- DMARC
- DNS Reflection and Amplification Attacks
- Domain Name System (DNS)
- Doxxing
- Drive-By Download
- Dwell Time
- Dynamic Code Analysis
E
- Eavesdropping
- Education and Training
- Electronic Signature
- Elliptic Curve Cryptography
- Email Impersonation
- Emergency Data Request (EDR)
- Encipher
- Encode
- Encrypt
- Encryption
- Endpoint Detection and Response (EDR)
- End-Of-Life (EOL) – End-Of-Support (EOS)
- Enterprise Resource Planning (ERP)
- Enterprise Risk Management
- Eradication
- Error Correction Code (ECC)
- Error Detection
- Event
- Exploit
- Exploitation Analysis
- Exploit Chain
- Exposure
- Extended Detection and Response (XDR)
F
G
H
I
- Identification
- Identity and Access Management
- Identity Theft
- ILOVEYOU Virus
- Incident
- Incident Management
- Incident Reponse
- Incident Response Plan
- Indicator
- Indicators of Compromise (IoC)
- Industrial Control System
- Influencer
- Information and Communication(s) Technology
- Information Assurance
- Information Assurance Compliance
- Information Disclosure
- Information Dissemination
- Information Resources Management (IRM)
- Information Sharing
- Information Systems Security Operations
- Information System Resilience
- Information Technology
- InfraGard
- Infrastructure as a Service (IaaS)
- Input Validation
- Insider Threat
- Integrated Risk Management
- Integrity
- Intellectual Property
- International Traffic in Arms Regulations (ITAR)
- Internet Control Message Protocol (ICMP)
- Internet Engineering Task Force (IETF)
- Internet Message Access Protocol (IMAP)
- Internet of Things (IoT)
- Internet Protocol Security (IPSec)
- Internet Service Provider (ISP)
- Interoperability
- Interpol
- Intrusion
- Intrusion Detection
- Investigation
L
M
- Machine Learning and Evolution
- Macro Virus
- Malicious Applet
- Malicious Code
- Malicious Insider Threat
- Malicious Logic
- Malicious URL
- Malware
- Managed Service Provider (MSP)
- Management Information Base (MIB)
- Mandatory Access Controls (MAC)
- Mantrap
- Man-In-The-Middle Attack
- Master Boot Record (MBR)
- MAZE Ransomware
- MAZE Ransomware: 3x Threat to Data Security
- MD5 Hash
- Mean Time To Detect (MTTD)
- Mean Time to Failure (MTTF)
- Mean Time To Respond (MTTR)
- Media Access Control (MAC) Address
- Melissa Virus
- Memory-Resident Virus
- Metadata
- Metropolitan Area Network (MAN)
- Monero Coin (XMR)
- Monthly Recurring Revenue (MRR)
- Moore’s Law
- Morris Worm
- Moving Target Defense
N
- National Institute of Standards and Technology (NIST)
- Nation State Hackers
- Near Field Communications (NFC)
- Need to Know
- Network Access Control (NAC)
- Network Attached Storage (NAS)
- Network Based Intrusion Detection System (NIDS)
- Network Behavior Analysis (NBA)
- Network Interface Card (NIC)
- Network Management System (NMS)
- Network Resilience
- Network Segmentation
- Network Services
- Network-Based Intrusion Prevention
- Non-Fungible Token (NFT)
- Non-Public Personal Information (NPPI)
- Non-Repudiation
O
P
- Packet
- Packet Sniffing
- Parasitic Virus
- Passive Attack
- Passphrase
- Password
- Password Cracking
- Password Manager
- Password Salting
- Password Sniffing
- Paste
- Patch
- PCI-DSS
- PDF (Portable Document Format)
- Peer-to-Peer (P2P) Network
- Penetration Testing
- Periodic Backups
- Personal Identifying Information (PII)
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- Phishing
- Piggybacking
- Ping of Death (PoD)
- Plaintext
- Platform as a Service (PaaS)
- Point-to-Point Tunneling Protocol (PPTP)
- Polyinstantiation
- Polymorphic Virus
- POS Intrusions
- Privacy
- Private Key
- Private Virtual Local Area Network (PVLAN)
- Privileged User
- Privilege Escalation Attack
- Public Key
- Public Key Cryptography
- Public Key Infrastructure
- Purple Team
R
- Radio Frequency Identification (RFID)
- RADIUS Authentication
- Rainbow Tables
- RAM Disk
- Randomization Function
- Random Access Memory (RAM)
- Ransomware
- Ransomware Task Force (RTF)
- Read-Only Memory (ROM)
- Real User Monitoring (RUM)
- reCAPTCHA
- Reconnaissance
- Recovery
- Recovery Point Objective (RPO)
- Recovery Time Objective (RTO)
- Redundancy
- Red Team
- Remote Access Trojan (RAT)
- Remote Code Execution (RCE)
- Remote Desktop Protocol (RDP)
- Remote Monitoring and Management (RMM)
- Response
- Responsible Disclosure
- Restore (Recovery)
- Revenge Porn
- Reverse Engineering
- Reverse Intent
- Reverse Proxy
- Revision
- RFC 1918
- Risk
- Risk Acceptance (Accept)
- Risk Analysis
- Risk Assessment
- Risk Avoidance
- Risk Management
- Risk Mitigation
- Risk Reduction (Limitation)
- Risk-Based Data Management
- Role-Based Access Control (RBAC)
- Rootkit
- Root Cause Analysis
S
- Safe Links | URL Protection | Link Protection
- Sandboxing
- SASE or Secure Access Service Edge
- Scareware
- Script
- Script Kiddie
- Secret Key
- Secure Shell (SSH)
- Secure Socket Layer (SSL)
- Secure Web Gateway (SWG)
- Security Automation
- Security Event and Incident Management (SEIM)
- Security Operations
- Security Operations Center (SOC)
- Security Orchestration, Automation, and Response (SOAR)
- Self Assessment Questionnaire (SAQ)
- Sender Policy Framework (SPF)
- Sensitive (Restricted) Information
- Separation of Duties
- Service Set Identifier (SSID)
- Session Hijacking Attack
- Signature
- Simple Network Management Protocol (SNMP)
- SIM Swapping
- Single Sign-On (SSO)
- Situational Awareness
- Smishing
- Social Engineering
- Social Media Bots
- SOC 1
- SOC 2
- SOC 3
- Software Assurance
- Software as a Service (SaaS)
- Software Development Life Cycle (SDLC)
- Solid State Drive (SSD)
- Spam
- Spear-Phishing
- Spoofing
- Spyware
- SQL Slammer Virus (Harbinger of things to come)
- SSAE Compliance
- Stalkerware
- Starlink
- Static Code Analysis
- Steganography
- Stuxnet
- Subject
- Supervisory Control and Data Acquisition
- Supply Chain
- Supply Chain Risk Management
- Supply Chain Threat
- Swatting
- Symmetric Cryptography
- Symmetric Key
- Synthetic Transaction Monitoring (STM)
- System Integrity
T
- Tactics, Techniques, and Procedures (TTP)
- Tailored Trustworthy Space
- Test Oracle
- Third-Party Risk Management (TPRM)
- Threat
- Threat Actor
- Threat Agent
- Threat Analysis
- Threat Hunting
- Threat Intelligence
- Ticket
- Time-To-Live (TTL)
- Tokenization
- Tornado Cash
- Torrent
- Tor Browser
- Traceroute
- Traffic Light Protocol (TLP)
- Transaction Lock
- Transmission Control Protocol (TCP)
- Transport Layer Security (TLS)
- Trialware
- Trojan Horse
- Trusted Wi-Fi Network
- Two-Factor Authentication
- Typosquatting