Cybersecurity Glossary

AV (Anti-virus)
Anti-virus is software that stops known malware. It is critical to stop viruses before they become active.
Advanced Persistent Threat
An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network without detection.
Anomali Copilot
Anomali Security Analytics
Anomali Security Operations Platform
Anomali ThreatStream
Authentication
Authentication is the process of verifying the identity of a user, device, or entity before granting access to a system, application, or network.
BYOD (Bring Your Own Device)
BYOD policies allow users to access company systems and data from their personal devices.
Backdoor
A backdoor is a hidden method of bypassing security to gain access to a restricted part of a computer system.
Black-Hat Hacker
A black-hat hacker is someone who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft.
Botnet
A botnet is a network of compromised computers or devices (referred to as "bots") that are controlled remotely by a cybercriminal.
Brute Force Attack
A brute force attack is an activity that involves repetitive, successive attempts to break into any website using various password combinations.
CASB (Cloud Access Security Broker)
CASB is a service that ensures access to cloud apps and monitors unsanctioned activities.
CSP (Content Security Policy)
CSP is a framework that protects against code injection attacks and other malicious content on trusted web pages.
DDoS (Distributed Denial of Service)
A DDoS attack is when a perpetrator seeks to make a machine or network resource unavailable to its intended users by disrupting the services of a host connected to a network.
DLP (Data Loss Prevention)
DLP is an application that monitors and restricts the sharing of sensitive information to prevent data breaches.
Data Breach
A data breach is when a hacker successfully breaks into a system, gains control of its network, and exposes its data.
Deepfake
Deepfake refers to any video in which faces have been either swapped or digitally altered, with the help of AI.
EDR (Endpoint Detection and Response)
EDR is an application or service that continuously monitors device health and responds to cyber threats on distributed devices.
Encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning.
Exploit
An exploit is a means of attack on a computer system, either a series of commands, malicious software, or a piece of infected data.
FWaaS (Firewall as a Service)
FWaaS provides firewall capabilities as a cloud service to monitor and block malicious traffic.
FedRAMP (Federal Risk and Authorization Management Program)
FedRAMP is a federal mandate that provides a standardized approach to security assessment and authorization for cloud products and services.
Firewall
A firewall monitors network traffic and decides whether to allow or block it based on a defined set of security rules.
HEAT (Highly Evasive Adaptive Threats)
Threats that use sophisticated techniques to evade multiple detection layers.
HTML Smuggling
HTML Smuggling uses legitimate browser features to sneak malicious content past traditional security measures.
Honeypot
A honeypot is a decoy system or network that serves to attract potential attackers.
LURE (Legacy URL Protection Evasion)
LURE is a type of cyberattack that exploits previously safe websites that have been compromised.
MFA (Multi-factor Authentication)
MFA is a technique that uses multiple methods to verify the identity of someone trying to access the network.
Malware
Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or unknowingly interfere with the user's computer security and privacy.
Man-in-the-Browser (MITB) Attack
A MITB attack is a proxy trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions
Man-in-the-Middle (MITM) Attack
A MITM attack is an attack on the “middleman” - the Wi-Fi system that connects users to the Internet.
Pentesting
Pentesting is an approach to security evaluation where manual exploitations and automated techniques are used by attack and security professionals.
Phishing
Phishing attacks trick victims into revealing sensitive information by pretending to be trustworthy entities.
Qakbot
Qakbot is a type of banking malware that steals banking credentials and financial data.
RBI (Remote Browser Isolation)
RBI is an application that runs dynamic content in a remote browser in the cloud to protect the user's device.
Ransomware
Ransomware is a type of malware that locks access to files and is followed by a ransom demand to release them.
SASE (Secure Access Service Edge)
SASE is a service that delivers security and network services through the cloud for secure, continuous access.
SD-WAN (Software Defined Wide Area Network)
SD-WAN is a service that optimizes traffic routes between locations across any network architecture.
SIEM (Security Information and Event Management)
SIEM is a cybersecurity technology that aggregates and analyzes log data from various sources within an organization's IT infrastructure, helping to identify, monitor, and respond to potential security incidents. 
SOAR (Security Orchestration, Automation, and Response)
SOC (Security Operations Center)
SOC teams investigate potential breaches using forensic and threat intelligence tools.
SWG (Secure Web Gateway)
A Secure Web Gateway (SWG) protects users from web-based threats by blocking malicious content before it reaches the device.
Security Data Lake
A data lake is a centralized repository that stores, processes, and secures large amounts of data in its original form.
Social Engineering
Social engineering is a type of cyberattack that relies on user manipulation and human psychology.
Spoofing
Spoofing attacks are where the attacker disguises as a trustworthy entity to steal money, data, or network access.
Spyware
Spyware is a type of software that collects user data without consent and sends it to third parties.
TIP (Threat Intelligence Platform)
Trojan Horse
A Trojan Horse is malware disguised as harmless software used to gain access to a system.
UEBA (User Entity and Behavior Analytics)
UEBA uses machine learning to detect anomalies in the behavior of users and devices connected to a corporate network.
VPN (Virtual Private Network)
A VPN allows remote users to connect securely to the corporate network as if they were in the office.
WAAPaaS (Web Application and API Protection as a Service)
WAAPaaS is a service that protects against malicious activities originating from web applications by monitoring web traffic.
WAF (Web Application Firewall)
WAF is a service that filters, monitors, and blocks HTTP traffic to and from a web service to prevent attacks like DDoS.
White-Hat Hacker
A white-hat hacker is invited to test out computer systems and servers to find vulnerabilities.
Worm
A worm is a type of malware that can reproduce itself for the purpose of spreading itself to other computers in the network.
ZTNA (Zero Trust Network Architecture)
ZTNA grants access only to necessary applications for a specific role, operating under the Zero Trust approach.
Zero Trust
Zero Trust is an approach that eliminates implicit trust, continuously validating every transaction.