Internet of Things (IoT)

The Internet of Things (IoT) is any device or machine that has the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT is essentially any …

May 12th, 2020

zoom bombing coronavirus hackers

Zoom Bombing

Zoom Bombing is where an unauthorized person enters your Zoom video conference to cause disruptions or to gain sensitive information. Many companies and schools have begun using video conferencing extensively …

April 1st, 2020

Gateway

A Gateway is a hardware device that sits between two networks, acting as a “gate”. An example of a gateway is a router, firewall, server, or anything that allows traffic …

March 31st, 2020

Elliptic Curve Cryptography

Elliptic Curve Cryptography (ECC) is a public key encryption method that is based on elliptic curve theory that is used to create faster, smaller, and more efficient cryptographic keys. Historically, …

March 31st, 2020

White Box Testing

White Box Testing is a form of penetration testing  which tests internal structures of an application, as opposed to the applications functionality (also known as Black Box Testing). Programming skills …

March 31st, 2020

Fragment Overlap Attack

A Fragment Overlap Attack, also known as an IP Fragmentation Attack, is an attack that is based on how the Internet Protocol (IP) requires data to be transmitted and processed. …

March 31st, 2020

Infrastructure as a Service (IaaS)

An Infrastructure as a Service (IaaS) is a cloud based service that helps companies build and manage their data as they grow, paying for the storage and server space that …

March 31st, 2020

Steganography

Steganography (pronounced: steh·guh·naa·gruh·fee) is the technique of hiding data secretly within an ordinary, non-secret, file or message in order to avoid detection. The use of steganography can be combined with …

March 30th, 2020

Software as a Service (SaaS)

Software as a Service (SaaS) is a cloud-based service where instead of downloading software to your desktop PC or business network to run and update, you instead access an application …

March 26th, 2020

Human-Machine Interface (HMI)

Human-Machine Interface (HMI) is the hardware or software through which an operator interacts with a controller. An HMI can range from a physical control panel with buttons and indicator lights …

March 25th, 2020

Test Oracle

A Test Oracle is a mechanism for determining whether the program has passed or failed a test. The use of test oracles involves comparing the output of the system under …

March 25th, 2020

Black Box Testing

Black Box Testing is a method of software testing that examines the functionality of an application without peering into its internal software structures (which is known as White Box Testing). …

March 25th, 2020

Near Field Communications (NFC)

Near Field Communications (NFC) is a short-range wireless technology that enables simple and secure communication between electronic devices. It may be used on its own or in combination with other …

March 24th, 2020

Radio Frequency Identification (RFID)

Radio Frequency IDentification (RFID) is a system used to track objects, people, or animals using tags that respond to radio waves. RFID tags are integrated circuits that include a small …

March 24th, 2020

Dynamic Code Analysis

Dynamic Code Analysis is a method used to analyze an application during its execution. This Dynamic Code Analysis process is often broken up into these steps: Preparing input data; Running …

March 24th, 2020

Voice over Internet Protocol (VoIP)

Voice over Internet Protocol (VoIP) is essentially a telephone connection over the Internet. The data is sent digitally, using the Internet Protocol (IP) instead of analog telephone lines. This allows people …

March 24th, 2020

Content Delivery Network (CDN)

A Content Delivery Network (CDN) is a geographically distributed group of servers that work together to provide fast delivery of Internet content. A CDN allows for the fast transfer of …

March 20th, 2020

Application Fuzzing

Application Fuzzing, originally developed by Barton Miller at the University of Wisconsin in 1989, is a testing method used to discover coding errors and security loopholes in software, operating systems …

March 19th, 2020

Application Proxy

An Application Proxy is one of the most secure firewall types that can be deployed. The application proxy sits between the protected network and the rest of the world. Every packet …

March 19th, 2020

Application Security Assessment

An Application Security Assessment is performed either manually or automatically, generally continuing throughout the software development life cycle. It will typically include focusing on using secure protocols, performing defined security …

March 19th, 2020

Dwell Time

Dwell Time is the amount of time threat actors go undetected in an environment. In other words, when a hacker intrudes into your network or systems, the dwell time is …

March 19th, 2020

Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec) is a set of protocols that provides security for Internet Protocol using advanced cryptography. IPSec is similar to a Secure Socket Layer (SSL), except that SSLs …

March 6th, 2020

ssl cybrary term

Secure Socket Layer (SSL)

A Secure Socket Layer (SSL) is a security protocol developed by Netscape in the 1990’s for sending information securely (encrypted) over the Internet. Once upon a time, websites could only …

March 6th, 2020

Reverse Proxy

A Reverse Proxy is a server that sits in front of one or more web servers, intercepting requests from clients. This is different from a forward proxy, where the proxy …

March 5th, 2020

Web Application Firewall (WAF)

A Web Application Firewall (WAF) is used to protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks …

March 5th, 2020

Static Code Analysis

Static Code Analysis is the analysis of software code when the program is not running. The analysis of the running or compiled, executing code is called Dynamic Code Analysis. The …

March 4th, 2020

Hacking with Google Dorks

A Google Dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website. Google dorking, …

March 2nd, 2020

Point-to-Point Tunneling Protocol (PPTP)

A Point-to-Point Tunneling Protocol (PTTP) is a networking standard that is used when connecting to a Virtual Private Network (VPN). VPNs are a way to create online privacy and anonymity …

March 2nd, 2020

Drive-By Download

A Drive-By Download is the unintentional download of malicious code to your computer or mobile device that may compromise your computer leaving you open to further attack by hackers. Many …

March 2nd, 2020

Sandboxing

Sandboxing is a cybersecurity term relating to various techniques used to protect your network and computing infrastructure from compromise by malicious software (aka: Malware). In one method, sandboxing provides a …

February 28th, 2020

Wireless Application Protocol (WAP)

A Wireless Application Protocol (WAP) is an old standard that allowed early mobile phones to access the Internet through something called a WAP Gateway. The WAP Gateway identified the device …

February 27th, 2020

Wired Equivalent Privacy (WEP)

A Wired Equivalent Privacy (WEP) is a deprecated wireless security protocol that was designed to provide a wireless local area network (WLAN) with a high level of security and privacy …

February 27th, 2020

Linkjacking

Linkjacking, also known as click-jacking, is a method used to redirect the link of one website to another website. Generally speaking, this is accomplished by submitting someone else’s content to …

February 24th, 2020

Media Access Control (MAC) Address

A Media Access Control (MAC) Address is a hardware identification number that is uniquely assigned to each device on a network. The MAC address is manufactured into every network card, …

February 24th, 2020

Lightweight Directory Access Protocol (LDAP)

A Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. The networks …

February 24th, 2020

Zero Day Vulnerabilities

A Zero Day Vulnerability is a security flaw that is unknown to the software vendor or the business it is found in and there isn’t a patch released yet for …

February 24th, 2020

Responsible Disclosure

Responsible Disclosure refers to the best practice followed by most security researchers of not disclosing a critical vulnerability in a software product until a vendor patch or fix has been …

February 24th, 2020

Revenge Porn

Revenge Porn is sexually explicit images or videos of a person posted online without that person’s consent especially as a form of revenge or harassment. Revenge Porn is typically seen …

February 24th, 2020

Privileged User

A Privileged User is a user of a computer who is authorized to bypass normal access control mechanisms, usually to be able to perform system management functions. Cybersecurity governance policies …

February 21st, 2020

Command and Control (C&C) Server

A Command and Control (C&C) Server is a computer being controlled remotely by a cyber criminal that is used as a command center to send commands to systems that have …

February 21st, 2020

Honeypot

A Honeypot in cybersecurity refers to a strategy used to catch cyber criminals in the act of trying to exploit a vulnerability and compromise a company. A honeypot can be …

February 21st, 2020

Computer Emergency Response Team (CERT)

A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …

February 21st, 2020

Polyinstantiation

Polyinstantiation is a cybersecurity strategy where multiple instances of a shared resource are created to prevent a user without the correct privileges from seeing the more sensitive information. In simpler …

February 20th, 2020

File Transfer Protocol (FTP)

File Transfer Protocol (FTP) is a communications protocol used for transferring or exchanging files between two computers. These transferring of files generally is authenticated by username and password credentials. Anonymous …

February 20th, 2020

Kernel

A Kernel is the core component of an operating system. The kernel acts as a bridge between applications and the data processing performed at the hardware level. When an operating …

February 20th, 2020

Flooding

Flooding is a Denial of Service (DoS) attack that is designed to bring a network or other service down due to large amount of traffic, hence the term “flooding”. These …

February 20th, 2020

Internet Message Access Protocol (IMAP)

Internet Message Access Protocol (IMAP) is a standard email protocol, first widely deployed in the 1980s, that stores email messages on a mail server, but allows the end user to …

February 20th, 2020

Transport Layer Security (TLS)

Transport Layer Security (TLS) is a security protocol made for privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between …

February 16th, 2020

Information Dissemination

Dissemination of Information refers to the distributing of a company’s or customer specific information to the public, whether through printed or electronic documents, or other forms of media.  “Dissemination of information” …

February 12th, 2020

Information Resources Management (IRM)

Information Resources Management (IRM) is the planning, budgeting, organizing, directing, training, and control associated with an organization’s information.  The term encompasses both information itself and the related resources, such as personnel, …

February 12th, 2020