Cybersecurity Glossary

A sophisticated, targeted cyberattack in which an attacker gains unauthorized access to a network and remains undetected for an extended period.

Application security is the set of processes, tools, and controls used to keep software safe from attack.

The process of identifying unknown external assets within your environment.

An attack surface is the sum total of all possible paths that can be used to exploit a computer system or network.

The practice of minimizing the number of potential entry points that attackers could use to compromise your systems.

A type of external vulnerability scan that tests the security of web applications and APIs behind logins. Also known as credentialed scanning.

Automated security testing is the use of software tools to run repeatable security checks

A hacking method that uses trial and error to guess possible passwords or encryption keys until the correct one is found.

CSPM stands for Cloud Security Posture Management. It’s a type of tool that helps keep cloud environments safe by checking how they’re set up.

A unified security solution that protects cloud-native applications across their entire lifecycle.

A system that gives a unique name to publicly known cyber security issues.

A standardized framework used to measure the severity of security vulnerabilities.

A community-developed list of common software and hardware security weaknesses.

Container security is the set of controls and processes used to protect containerized applications and their infrastructure throughout the software lifecycle.

A cyber security framework focused on continuously identifying, assessing, and reducing your organization's exposure to real-world threats.

A type of external vulnerability scan that tests the security of web applications and APIs behind logins. Also known as authenticated scanning.

A type of web application vulnerability that allows attackers to trick users into performing actions they didn’t intend.

Cyber configuration management is the practice of setting, tracking, and enforcing secure configuration settings across IT assets to keep them consistent and resilient against attack.

Cyber hygiene is the ongoing set of routine actions that keep your IT environment secure, resilient, and harder to compromise.

Cybersecurity maturity describes how well an organization’s security capabilities are defined, implemented, measured, and continuously improved over time.

Cybersecurity posture is the real-world snapshot of how prepared an organization is to defend its systems, data, and users from threats.

A method of cyber security testing in which a running application is actively tested and probed using real traffic and requests.

The process of protecting user devices (e.g. laptops and mobile devices) from threats such as malware, ransomware, and zero-days.

An authorized attempt to gain unauthorized access to a computer system, application, or data.

An exploit is a piece of code, technique, or method that attackers use to take advantage of a security vulnerability in a system, application, or network

The Exploit Prediction Scoring System is a data-driven model for estimating how likely it is that a given software vulnerability will be exploited in the wild. 

The continuous process of detection, evaluation, and mitigation of attack vectors which are accessible from the internet.

The framework of policies, technologies, and processes that ensures the right individuals in an organization have appropriate access to resources.

Kubernetes security is the set of controls and processes that protect a Kubernetes cluster, its workloads, and its supporting infrastructure from misconfiguration, abuse, and attack.

A web application vulnerability that allows attackers to include and access files on a server by manipulating input fields or URL parameters.

Malware refers to any software intentionally designed to harm, exploit, or otherwise compromise a device, system, or network.

A security process that requires users to provide two or more verification factors to gain access to a system, application, or account.

A U.S. government agency that develops and promotes measurement standards and best practices across science, technology, and industry.

A nonprofit foundation that works to improve software security by providing free, vendor-neutral tools, documentation, and standards for developers and security professionals.

A security process that simulates real-life attacks on your IT systems to find weaknesses that could be exploited by hackers.

Any data that can be used to identify a specific individual.

A type of malicious software designed to block access to a victim's system or files, usually by encrypting them, until a ransom is paid.

A type of cyber security vulnerability that allows an attacker to run arbitrary code on a target system from a remote location.

An approach that prioritizes vulnerabilities based on real-world risk, not just technical severity.

Secrets detection is the process of identifying exposed or insecurely stored credentials in technical environments.

A web application vulnerability that occurs when user input is unsafely embedded into templates.

Hardware, software, or cloud services used within an organization without explicit approval or visibility from the IT or security team.

Shift left security means moving security activities earlier in the development lifecycle - toward planning, design, and coding rather than waiting for late-stage testing or production incidents.

A type of web application that loads a single HTML page and dynamically updates content without requiring a full page reload.

An authentication process that allows users to log in once and gain access to multiple applications or systems without needing to re-enter their credentials for each one.

A type of cyberattack where an attacker inserts malicious SQL code into a web application’s input field to interfere with its database.

When attackers claim an abandoned subdomain and use it to host malicious content or trick users into sharing sensitive information.

TTPs are commonly used in threat intelligence and cybersecurity frameworks like MITRE ATT&CK to categorize and track adversary behavior.

A type of network scanning that identifies open or closed User Datagram Protocol (UDP) ports on a system.

The continuous process of identifying, prioritizing, and managing vulnerabilities.

The use of software tools to identify and report on security issues that affect your systems.

A security tool that protects web applications by filtering and blocking malicious traffic before it reaches your site.

XSS stands for Cross-Site Scripting, a type of cyber attack where a hacker tricks a website into running harmful code in someone else’s browser.

A security flaw in software or hardware that the developer doesn't know about yet, so no fix exists at the time it’s discovered.