hardware security module HSM

Hardware Security Module (HSM)

A Hardware Security Module (HSM) is a physical security device that safeguards and manages digital keys, performs encryption and decryption services, strong authentication, and often have tamper detection and prevention built …

mantrap cybrary

Mantrap

A Mantrap is a small room with an entry door on one wall and an exit door on the opposite wall. One door of a mantrap cannot be unlocked and opened …

managed service provider MSP

Managed Service Provider (MSP)

A Managed Service Provider (MSP) is a third-party business that provides network, application, and system management services to companies. MSPs allow businesses without IT expertise to improve their cybersecurity framework …

starlink cybrary

Starlink

Starlink is a satellite Internet constellation constructed by SpaceX to provide satellite Internet access. The constellation will consist of thousands of mass-produced small satellites in low Earth orbit, which communicate …

full disk encryption

Full-Disk Encryption (FDE)

Full-Disk Encryption (FDE) is the encryption of all data on a disk drive. It’s often done by disk encryption software installed on the hard drive during manufacturing. Users who operate …

on access scanning cybrary

On-Access Scanning

On-Access Scanning refers to a security tool configured to deliver real-time scans of each file for malware as the file is downloaded, opened, or executed. Many different vendors offer on-access …

quarantine cybrary

Quarantine

Quarantine in the cybersecurity world happens when files containing malware are placed into isolation for future disinfection or examination. This strategy puts the malware in a specific area of the …

knowledge based verification

Knowledge-Based Verification (KBV)

Knowledge-Based Verification (KBV) is a strategy used to verify identities based on knowledge of private information associated with the claimed identity. This is often referred to as knowledge-based authentication (KBA) or …

tactics techniques procedures cyber

Tactics, Techniques, and Procedures (TTP)

Tactics, Techniques, and Procedures (TTP) is the method used by IT and military professionals to determine the behavior of a threat actor (hacker). These three elements help you understand your …

stalkerware cybrary

Stalkerware

Stalkerware refers to tools, apps, software programs, and devices that let another person (a stalker) secretly watch and record information on another person’s device. Parents use this type of tool …

ssid cyber library

Service Set Identifier (SSID)

A Service Set Identifier (SSID) is a series of characters that uniquely names a Wireless Local Area Network (WLAN). An SSID is often referred to as a “network name.” This name …

input validation cybrary

Input Validation

Input Validation, also known as data validation, is the testing of any input (or data) provided by a user or application against expected criteria. Input validation prevents malicious or poorly …

5g network cybrary

5G

5G is the fifth generation of cellular data technology. It lives alongside 4G and related technologies, such as LTE. The first 5G cellular network was constructed in 2018, while 5G …

qr code definition cybrary

Quick Response (QR) Code

A Quick Response (QR) Code is a type of barcode that contains a pattern of dots and lines. It can be scanned using a QR scanner or on a smartphone camera. …

nist zero trust image

Zero Trust

Zero Trust is a security strategy focused on the belief that organizations shouldn’t automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to …

clickjacking cybrary

Clickjacking

Clickjacking, also known as a “UI Redress Attack”, is when an attacker uses multiple transparent or vague layers to trick a user into clicking on a button or link on …

ransomware task force cybrary

Ransomware Task Force (RTF)

The Ransomware Task Force (RTF) is a group of high-profile security vendors who teamed up with the Institute for Security and Technology (IST) in December of 2020 to combat ransomware. Members …

bluetooth bluejacking

Bluejacking

Bluejacking is the unauthorized sending of messages from one Bluetooth device to another. Bluetooth is a high-speed, short-range wireless technology for exchanging data between laptops, smartphones, smartwatches, etc. This sort …

rootkit cybrary

Rootkit

A Rootkit is a hacking program or collection of programs that give a threat actor remote access to and control over a computing device. While there have been legitimate uses …

cyber threat hunting

Threat Hunting

Threat Hunting is proactive hunting or searching through networks, endpoints, and datasets to find malicious, suspicious, or risky activity, patterns, or files that evaded existing detection tools. This is different …

third party risk management

Third-Party Risk Management (TPRM)

Third-Party Risk Management (TPRM) is the process of identifying, assessing, and controlling risks presented throughout the lifecycle of your relationships with third parties. This oftentimes starts during procurement and extends …

byod cybrary

BYOD

BYOD, also known as Bring Your Own Device, is a common practice of allowing employee-owned devices to connect to business networks. Smartphones are the most common example, but employees also …

data purging cybrary

Data Sanitization

Data Sanitization is the process of permanently and irreversibly destroying data on a storage device in a deliberate manner, often for compliance or cybersecurity purposes. After data sanitization, a storage …

aI

Artificial Intelligence (AI)

Artificial Intelligence (AI) refers to human-like intelligence presented by a computer, robot, or other machines. AI mimics human learning by building iterative learning capabilities into a computer.  AI machines learn …

hadoop

Hadoop

Hadoop is a software platform that makes it possible for users to manage large amounts of data. Hadoop processes extensive amounts of structured, semi-structured, and unstructured data. Some examples of data …

user behavior analytics

User Behavior Analytics (UBA)

User Behavior Analytics (UBA) is the tracking, collecting, and assessment of user data and activities using monitoring systems. UBA examine archived data from network and authentication logs collected and stored …

rfc 1918 cybrary term

RFC 1918

RFC 1918, also known as Request for Comment 1918, is the Internet Engineering Task Force (IETF) record on methods of assigning private IP addresses on TCP/IP networks. RFC 1918 outlines the usable private …

nft cyber term

Non-Fungible Token (NFT)

Non-Fungible Tokens (NFTs) are unique, easily verifiable digital assets that can represent items such as GIFs, images, videos, music albums, and more. Anything that exists online can be purchased as an …

leakware cybrary

Leakware

Leakware, also known as Doxware, is a new more potent, and dangerous form of ransomware. When a ransomware Attack containing Leakware occurs, the attacker threatens to publicize personal data (confidentiality …

packet cybrary term

Packet

A Packet is the unit of data that is routed between an origin and a destination on the Internet or any other packet-switched network. TCP packets, passed over TCP/IP networks …

ping of death

Ping of Death (PoD)

A Ping of Death (PoD) is a type of Denial of Service (DoS) attack that deliberately sends IP packets larger than the 65,536 bytes allowed by the IP protocol. One of …

common vulnerabilities exposures cve

Common Vulnerabilities and Exposures (CVE)

Common Vulnerabilities and Exposures (CVE) is a list of computer security flaws ranked on critical measures to aid individuals and companies with assessing the risk posed by the vulnerability or exposure …

real user monitoring rum

Real User Monitoring (RUM)

Real User Monitoring (RUM) is a form of performance monitoring that captures and analyzes user activity and transacations on a website or application. It’s also known as real user measurement, …

container cybrary

Container

Before we get into what a container is, we need you to understand the difference between today’s term ‘Container’ and the previous term CyberHoot published ‘Hypervisor‘. Knowing the difference between …

xss cybrary term

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is an attack vector where hackers inject malicious code into a vulnerable web application. XSS differs from other web attack vectors in that it does not directly …

hypervisor

Hypervisor

A Hypervisor, also known as a Virtual Machine Monitor or VMM, is software that creates and manages virtual machines (VMs). A hypervisor allows a computer to maintain many guest VMs …

csrf cybrary

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF), also known as XSRF, is an attack method that fools a web browser into performing unwanted actions in a user application. Similar to Phishing Attacks, CSRFs …

pci-dss cybrary

PCI-DSS

PCI-DSS (Payment Card Industry-Data Security Standard) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information manage it safely and in …

ietf cybrary

Internet Engineering Task Force (IETF)

The IETF (Internet Engineering Task Force) is the organization that defines standard Internet operating protocols such as TCP/IP. The IETF is a community of network designers, operators, vendors, and researchers concerned with …

dns cybrary

Domain Name System (DNS)

A Domain Name System (DNS) is essentially the ‘phonebook’ of the Internet. DNS is an elaborate, fault-tolerant way of connecting people to resources online.  While it is quite complex, this …

spf cybrary

Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is an anti-spam tool where email domains of the senders can be authenticated. SPF works hand-in-hand with DKIM and DMARC to help authenticate email messages to …

DKIM

DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. …

dmarc cybrary

DMARC

DMARC which stands for Domain-based Message Authentication, Reporting, and Conformance is an email security protocol. When enabled, your email domain is protected from spoofing by hackers.  DMARC sets up an …

Non-Public Personal Information (NPPI)

Non-Public Personal Information (NPPI) is personal and private information that’s provided by a consumer to some entity for their use. This information includes  the following examples: Name, address, income, social …

anti censorship

Anti-Censorship

Anti-Censorship are methods to combat censorship – for example, preventing search results from being blocked or interfered with.  The growth of online platforms (Facebook, Instagram, Twitter, etc.) raises important questions …

GUI Desktop Environments

Graphical User Interface (GUI)

A Graphical User Interface (GUI), often pronounced ‘gooey’, is a user interface that includes graphical elements, such as windows, icons, and buttons. The term was created in the 1970s to distinguish graphical interfaces from text-based …

ssd drive

Solid State Drive (SSD)

A Solid State Drive (SSD) is a type of storage device that supports reading and writing data and stores the data in a permanent state even without a power source …