Vulnerability
A vulnerability is a characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible …
A Cyber Library of 300+ Cybersecurity Terms.
A vulnerability is a characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible …
An Allow list, also known as a Permit List or (deprecated: White List), is a list of entities that are considered trustworthy and are granted access or privileges. Allow lists may …
A Work Factor is an estimate of the effort or time needed by a potential adversary, with specified expertise and resources, to overcome a protective measure. Defense-in-Depth Cybersecurity programs seek …
Tokenization is a way for credit card information (also called the Primary Account Number or PAN) to not be used in credit card processing transactions and instead replaced with a …
Continuity of Operations Plan (COOP) is a document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption. What Should …
A White Team is a group responsible for refereeing an engagement between a Red Team of mock attackers and a Blue Team of actual defenders of information systems. What Should …
Network Segmentation is creating sub-networks within a corporate, enterprise, or another large network. When done correctly, network segmentation helps containment malware and other threat actors who might breach your network. …
Ransomware is a type of malicious software designed to block access to a computer system, and more importantly the critical data it contains, until a sum of money or ransom …
Access Control Access control is a security technique that regulates who or what can view or use resources in a computing environment. It is a fundamental concept in security that …
Advanced Persistent Threat (APT) is an adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception).
Public Key Cryptography is technically known as asymmetric encryption, is a cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. The …
An Adversary is an individual, group, organization, or government that conducts or has the intent to conduct malicious activities. An example of an adversary would be a hacker, an attacker, …
Antivirus Software is a program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes done by …
Compromised credentials are rampant online. Over 82% of breaches relate back to stolen passwords and phishing attacks. Learn what to do about it.
Typosquatting is also called URL hijacking. It is a form of cybersquatting which relies on mistakes such as typographical errors made by Internet users when inputting a website address into …