Clear, concise definitions of key cybersecurity terms. From penetration testing to compliance frameworks.
Active Directory (AD) is a Microsoft directory service that provides centralized authentication, authorization, and management of users, computers, and resources within a Windows domain environment.
The Advanced Encryption Standard (AES) is a symmetric block cipher adopted by the U.S. government and used worldwide to encrypt sensitive data using key sizes of 128, 192, or 256 bits.
The Android Keystore is a system-level API that allows applications to generate, store, and use cryptographic keys within a secure container, optionally backed by hardware security modules such as a Trusted Execution Environment (TEE) or StrongBox, preventing keys from being exported or accessed by other processes.
API authentication is the process of verifying the identity of a client or user making an API request, ensuring that only authorized entities can access protected resources and operations.
API fuzzing is an automated security testing technique that sends large volumes of unexpected, malformed, or random input to API endpoints to discover vulnerabilities, unhandled errors, and logic flaws.
An API gateway is a server that acts as the single entry point for all API requests, handling cross-cutting concerns such as authentication, rate limiting, logging, and request routing.
API key management is the process of securely generating, distributing, storing, rotating, and revoking API keys used to authenticate and authorize access to API services.
API versioning is the practice of managing changes to an API by maintaining multiple versions simultaneously, allowing clients to migrate at their own pace while ensuring backward compatibility and security.
App Transport Security (ATS) is an iOS and macOS networking security feature introduced by Apple that requires applications to use HTTPS with strong TLS configurations for all network connections, blocking plaintext HTTP traffic by default.
Asymmetric encryption is a cryptographic system that uses a mathematically linked pair of keys -- a public key for encryption and a private key for decryption -- enabling secure communication without requiring a pre-shared secret.
The attack surface is the total sum of all points where an unauthorized user could attempt to enter or extract data from a system, including all exposed interfaces, services, and access points.
Binary protections are a collection of defensive techniques applied to compiled mobile application binaries to resist reverse engineering, tampering, debugging, and dynamic instrumentation by raising the cost and complexity of static and runtime analysis.
A blue team is the defensive security group within an organization responsible for detecting, preventing, and responding to cyberattacks and security incidents.
Bluetooth Low Energy (BLE) security covers the protocols, pairing mechanisms, and encryption methods that protect data exchanged between BLE-enabled IoT devices, as well as the known attack techniques that exploit weaknesses in BLE implementations.
Broken Object Level Authorization is a security vulnerability where an API fails to validate that the authenticated user has permission to access or modify the specific object referenced in their request.
Broken Object Level Authorization (BOLA) is an API vulnerability where an attacker can access or modify objects belonging to other users by manipulating object identifiers in API requests without proper authorization checks.
A bug bounty program is an initiative offered by organizations that rewards security researchers for discovering and responsibly reporting vulnerabilities in their systems, applications, or products.
The California Consumer Privacy Act (CCPA) is a state-level data privacy law that grants California residents specific rights regarding their personal information and imposes obligations on businesses that collect, process, or sell that data.
A Certificate Authority (CA) is a trusted entity that issues, manages, and revokes digital certificates, serving as the trust anchor that validates the identity of websites, organizations, and individuals in public key infrastructure.
Certificate pinning is a security technique that associates a mobile application with a specific X.509 certificate or public key, rejecting connections to servers presenting any other credential even if it is signed by a trusted certificate authority.
CIS Benchmarks are a set of best-practice security configuration guidelines developed by the Center for Internet Security (CIS) through a consensus-driven process, providing prescriptive guidance for hardening operating systems, cloud platforms, network devices, applications, and other technology components.
Clickjacking is a UI redress attack in which an attacker overlays a transparent or disguised iframe over a legitimate web page, tricking users into clicking on hidden elements and performing unintended actions such as changing settings or authorising transactions.
A Cloud Access Security Broker (CASB) is a security enforcement point positioned between cloud service consumers and providers that monitors activity, enforces security policies, and provides visibility into cloud application usage across the organization.
Cloud key management refers to the use of cloud-based Key Management Services (KMS) to create, store, rotate, and control access to cryptographic keys used for encrypting data at rest and in transit within cloud environments.
Cloud logging and monitoring refers to the collection, aggregation, analysis, and alerting on log data and metrics from cloud resources and services. It provides the visibility needed to detect security incidents, investigate breaches, and maintain compliance.
A cloud metadata service is an internal HTTP endpoint available to cloud instances that provides configuration information such as instance identity, credentials, network settings, and user data. It is a frequent target for server-side request forgery (SSRF) attacks.
Cloud Security Posture Management (CSPM) is a category of security tools that continuously monitors cloud infrastructure for misconfigurations, compliance violations, and security risks. It automates the detection and remediation of insecure cloud settings.
A Cloud Workload Protection Platform (CWPP) is a security solution that provides comprehensive threat detection, vulnerability management, and runtime protection for workloads running across cloud environments, including virtual machines, containers, and serverless functions.
Cloud-native security is an approach to securing applications and infrastructure that is designed specifically for cloud-native architectures, including microservices, containers, serverless functions, and dynamic orchestration platforms.
CMMC (Cybersecurity Maturity Model Certification) is a unified cybersecurity standard developed by the US Department of Defense that requires defense contractors to implement specific security practices and undergo third-party assessments to protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
Code obfuscation is the deliberate transformation of application source code or compiled bytecode into a functionally equivalent but significantly harder-to-read form, used to deter reverse engineering and protect sensitive logic embedded in mobile applications.
Container security encompasses the practices, tools, and policies used to protect containerized applications throughout their lifecycle. It covers image integrity, runtime isolation, vulnerability scanning, and orchestration platform hardening.
Content Security Policy (CSP) is a security standard implemented via an HTTP response header that allows website operators to control which resources the browser is allowed to load and execute. It serves as a critical defence against Cross-Site Scripting and other injection attacks.
Cookie security refers to the set of attributes, configurations, and best practices used to protect HTTP cookies from theft, tampering, and misuse. Properly secured cookies are essential for maintaining session integrity and preventing attacks like session hijacking and CSRF.
Cross-Origin Resource Sharing (CORS) is a browser security mechanism that uses HTTP headers to define which external origins are permitted to access resources on a web server. Misconfigured CORS policies can allow unauthorised cross-origin access to sensitive data.
Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit unwanted requests to a web application. It exploits the trust a site has in the user's browser by leveraging existing session credentials.
Cross-Site Scripting (XSS) is a web security vulnerability that allows an attacker to inject malicious client-side scripts into web pages viewed by other users. It occurs when an application includes untrusted data in its output without proper validation or encoding.
Cryptographic hashing is the process of using a one-way mathematical function to convert input data of any size into a fixed-length output (digest) that is deterministic, collision-resistant, and computationally irreversible.
CVE (Common Vulnerabilities and Exposures) is a standardized system of unique identifiers for publicly known cybersecurity vulnerabilities, maintained by the MITRE Corporation.
CVSS (Common Vulnerability Scoring System) is an open framework for scoring the severity of software vulnerabilities on a scale of 0.0 to 10.0, providing a standardized way to assess and prioritize risks.
A Data Protection Impact Assessment (DPIA) is a structured process used to identify, assess, and mitigate the data protection risks associated with a project, system, or data processing activity, particularly when that processing is likely to result in a high risk to individuals' rights and freedoms.
Defense in depth is a cybersecurity strategy that employs multiple layers of security controls throughout an IT system so that if one layer fails, additional layers continue to provide protection.
A Denial of Service (DoS) attack overwhelms a system, server, or network with excessive traffic or requests to make it unavailable to legitimate users. A Distributed Denial of Service (DDoS) attack uses multiple compromised systems to amplify the assault.
A digital signature is a cryptographic mechanism that uses asymmetric key pairs to verify the authenticity, integrity, and non-repudiation of a digital message or document.
Directory traversal (also known as path traversal) is a vulnerability that allows attackers to access files and directories stored outside the intended directory by manipulating file path references with sequences like ../ to navigate the file system.
A DMZ (Demilitarized Zone) is a perimeter network segment that sits between an organization's internal network and the external internet, hosting public-facing services while providing an additional layer of security isolation.
DNS security encompasses the practices, protocols, and tools used to protect the Domain Name System from attacks such as spoofing, cache poisoning, tunneling, and hijacking that exploit DNS vulnerabilities.
DOM-based attacks are a class of client-side vulnerabilities where the attack payload is executed as a result of modifying the Document Object Model (DOM) in the victim's browser. Unlike reflected or stored attacks, the malicious payload never reaches the server, making them harder to detect with server-side security controls.
Embedded system security encompasses the principles, techniques, and tools used to protect purpose-built computing systems — including microcontrollers, real-time operating systems, and their software — from exploitation, tampering, and unauthorised access.
Encryption is the process of converting plaintext data into an unreadable format (ciphertext) using a cryptographic algorithm and key, ensuring that only authorized parties with the correct key can access the original data.
Encryption at rest is the practice of encrypting data while it is stored on a physical medium such as a hard drive, database, or cloud storage, protecting it from unauthorized access if the storage is compromised.
Encryption in transit is the practice of encrypting data while it travels between systems over a network, protecting it from eavesdropping, interception, and tampering by unauthorized parties.
Endpoint security is the practice of protecting individual devices such as workstations, laptops, servers, and mobile devices from cyber threats through a combination of software, policies, and monitoring capabilities.
An exploit is a piece of code, software, or technique that takes advantage of a vulnerability in a system to cause unintended behavior, such as gaining unauthorized access or executing arbitrary commands.
FedRAMP (Federal Risk and Authorization Management Program) is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies.
A file upload vulnerability occurs when a web application allows users to upload files without adequately validating file type, content, size, or storage location. Attackers can exploit this to upload malicious files such as web shells, malware, or content that triggers other vulnerabilities.
A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules, acting as a barrier between trusted and untrusted networks.
Firmware analysis is the process of extracting, decompiling, and examining the software embedded in IoT and hardware devices to identify security vulnerabilities, hardcoded credentials, and insecure configurations.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union that governs how organizations collect, process, store, and transfer personal data of individuals within the EU and European Economic Area.
GraphQL security encompasses the practices and controls needed to protect GraphQL APIs from unique attack vectors such as introspection abuse, deeply nested query attacks, excessive data exposure, and authorization bypass.
A Hardware Security Module (HSM) is a dedicated, tamper-resistant physical device that generates, stores, and manages cryptographic keys and performs encryption, decryption, and signing operations in a secure, isolated environment.
A hash collision occurs when two distinct inputs produce the same output hash value from a cryptographic hash function, potentially undermining the integrity guarantees that the hash function is designed to provide.
HMAC (Hash-Based Message Authentication Code) is a mechanism that combines a cryptographic hash function with a secret key to produce a message authentication code, ensuring both data integrity and authenticity.
HIPAA (Health Insurance Portability and Accountability Act) is a United States federal law that establishes national standards for the protection of individually identifiable health information, known as Protected Health Information (PHI).
HTML injection is a vulnerability that occurs when an application includes user-supplied data in its HTML output without proper encoding, allowing attackers to inject arbitrary HTML markup. It can be used for phishing, content spoofing, and as a stepping stone to more severe attacks like XSS.
HTTP security headers are a set of HTTP response headers that instruct web browsers to enable specific security mechanisms. They provide an essential layer of defence against common web attacks including XSS, clickjacking, MIME sniffing, and protocol downgrade attacks.
Identity and Access Management (IAM) is a framework of policies and technologies that ensures the right individuals have appropriate access to technology resources. It governs user identities, authentication, and authorization across cloud platforms.
Incident response is the organized approach to detecting, managing, and recovering from cybersecurity incidents in order to minimize damage and reduce recovery time and costs.
Industrial Control System (ICS) security is the discipline of protecting the hardware, software, and network infrastructure that monitors and controls physical processes in critical infrastructure sectors such as energy, water, manufacturing, and transportation.
Infrastructure as Code (IaC) security is the practice of scanning and validating infrastructure templates such as Terraform, CloudFormation, and Pulumi configurations for security misconfigurations, compliance violations, and vulnerabilities before they are deployed.
Input validation is the process of verifying that user-supplied data meets defined criteria for type, length, format, and range before it is processed by the application. It is a fundamental defence against injection attacks and data corruption.
Insecure Direct Object Reference (IDOR) is an access control vulnerability that occurs when an application uses user-supplied input to directly access objects such as database records or files without verifying authorisation. Attackers can manipulate references to access other users' data.
An Intrusion Detection System (IDS) is a security tool that monitors network traffic or system activity for signs of malicious behavior, policy violations, or known attack signatures, and generates alerts for security teams.
An Intrusion Prevention System (IPS) is a network security technology that monitors traffic flows and actively blocks or prevents detected threats in real time, going beyond the passive alerting of an IDS.
The iOS Keychain is Apple's secure credential storage system that encrypts and stores sensitive data such as passwords, cryptographic keys, certificates, and tokens in a hardware-protected container accessible only to authorised applications through controlled API access.
ISO 27001 is an international standard published by the International Organization for Standardization (ISO) that specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).
A JSON Web Token (JWT) is a compact, URL-safe token format that encodes claims as a JSON object, digitally signed to ensure integrity and optionally encrypted for confidentiality.
JTAG is a hardware debugging interface standardised as IEEE 1149.1 that provides low-level access to a device's processor and memory, often used by security researchers to extract firmware, read flash storage, and debug embedded systems.
Kerberos is a network authentication protocol that uses a ticket-based system with a trusted third-party Key Distribution Center (KDC) to enable secure mutual authentication between clients and services without transmitting passwords over the network.
Key exchange is a cryptographic process by which two parties securely establish a shared secret key over an insecure communication channel, enabling subsequent symmetric encryption of their communications.
Kubernetes security refers to the set of practices and controls used to protect Kubernetes clusters, workloads, and data from unauthorized access and exploitation. It spans cluster configuration, network policies, role-based access control, and runtime protection.
Lateral movement refers to the techniques attackers use to progressively move through a network after gaining initial access, seeking higher-value targets and sensitive data.
LDAP (Lightweight Directory Access Protocol) is an open, vendor-neutral application protocol used for accessing and managing distributed directory information services, commonly used for user authentication and directory lookups in enterprise environments.
Malware is any software intentionally designed to cause damage to, gain unauthorized access to, or disrupt computer systems, networks, or devices.
A Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and potentially alters communications between two parties who believe they are communicating directly with each other.
Mobile Application Management (MAM) is a category of enterprise security software that provides IT administrators with the ability to provision, configure, secure, and retire specific mobile applications on employee devices without requiring full device management.
Mobile Device Management (MDM) is an enterprise security solution that gives IT administrators centralised control over mobile devices, enabling them to enforce security policies, deploy configurations, manage applications, and remotely wipe data to protect corporate resources.
Mobile Threat Defense (MTD) is a class of security solutions that continuously monitor mobile devices for threats at the device, network, and application layers, using on-device analysis and cloud-based intelligence to detect and respond to attacks in real time.
MQTT security encompasses the practices and configurations needed to protect the Message Queuing Telemetry Transport protocol — a lightweight publish-subscribe messaging standard widely used in IoT — from eavesdropping, unauthorised access, and message manipulation.
Multi-cloud security encompasses the strategies, tools, and practices used to protect workloads, data, and identities across multiple cloud service providers simultaneously. It addresses the challenge of maintaining consistent security policies in heterogeneous cloud environments.
Multi-factor authentication (MFA) is a security mechanism that requires users to provide two or more independent verification factors to prove their identity before granting access to a system or resource.
Network Access Control (NAC) is a security approach that enforces policies on devices attempting to connect to a network, ensuring only compliant and authorized endpoints are granted access.
Network forensics is the capture, recording, and analysis of network traffic and events to detect security incidents, investigate breaches, gather evidence, and understand attacker behavior within a network environment.
Network segmentation is the practice of dividing a computer network into smaller, isolated sub-networks to improve security, limit the blast radius of breaches, and control traffic flow between zones.
The NIST Cybersecurity Framework (CSF) is a voluntary guidance framework developed by the National Institute of Standards and Technology that provides organizations with a structured approach to managing and reducing cybersecurity risk.
NIST SP 800-53 is a publication by the National Institute of Standards and Technology that provides a comprehensive catalog of security and privacy controls for federal information systems and organizations, serving as the primary control framework for US government IT security.
OAuth 2.0 is an authorization framework that allows third-party applications to access a user's resources on another service without requiring the user to share their credentials directly.
An open redirect is a vulnerability that occurs when a web application accepts user-controlled input to determine the destination of a redirect without properly validating it. Attackers exploit this to redirect users to malicious sites while appearing to originate from a trusted domain.
The OpenAPI Specification (OAS) is a standardized, language-agnostic format for describing RESTful APIs, enabling both humans and machines to understand an API's capabilities without access to source code.
OTA (Over-the-Air) update security refers to the measures that protect the wireless delivery and installation of firmware and software updates on IoT devices, ensuring that updates are authentic, unmodified, and delivered securely.
Output encoding is the process of converting user-supplied or untrusted data into a safe representation before it is rendered in a specific output context such as HTML, JavaScript, or URLs. It is the primary defence against Cross-Site Scripting attacks.
OWASP (Open Worldwide Application Security Project) is a nonprofit foundation that works to improve the security of software through community-led open-source projects, tools, documentation, and standards, most notably the OWASP Top 10 list of critical web application security risks.
The OWASP Mobile Application Security Verification Standard (MASVS) is an open framework that defines a comprehensive set of security requirements for mobile applications, organised into categories covering architecture, data storage, cryptography, authentication, network communication, platform interaction, code quality, and resilience.
Password cracking is the process of recovering plaintext passwords from stored hashes or encrypted data using techniques such as brute force, dictionary attacks, rainbow tables, and rule-based mutations.
Patch management is the process of identifying, acquiring, testing, and deploying software updates (patches) to fix known vulnerabilities, bugs, and security flaws across an organization's systems.
A payload is the component of a cyberattack that performs the malicious action after a vulnerability has been exploited, such as executing commands, installing malware, or exfiltrating data.
PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards established by major credit card companies to protect cardholder data during and after financial transactions.
Penetration testing is a simulated cyberattack against a computer system, network, or application to identify exploitable vulnerabilities before malicious actors can discover them.
Perfect Forward Secrecy (PFS) is a property of key exchange protocols that ensures session keys cannot be compromised even if the server's long-term private key is later exposed, because each session uses unique ephemeral keys.
Phishing is a cyberattack technique where attackers send fraudulent communications, typically emails, that appear to come from trusted sources in order to steal sensitive data such as credentials, financial information, or to deliver malware.
Port scanning is a reconnaissance technique used to identify open ports and services running on a networked host by sending packets and analyzing the responses.
The principle of least privilege (PoLP) is a security concept that requires giving users, applications, and systems only the minimum level of access and permissions necessary to perform their intended functions.
Privilege escalation is the act of exploiting a vulnerability, misconfiguration, or design flaw to gain elevated access rights beyond what was originally authorized for a user or process.
Public Key Infrastructure (PKI) is a framework of policies, procedures, hardware, software, and roles that manage the creation, distribution, storage, and revocation of digital certificates and public keys.
A purple team is a collaborative cybersecurity approach where red team (offensive) and blue team (defensive) professionals work together in real time to improve an organization's security posture.
Ransomware is a type of malware that encrypts a victim's files or locks them out of their systems, demanding a ransom payment in exchange for the decryption key or restoration of access.
Rate limiting is a technique that restricts the number of API requests a client can make within a specified time period, protecting services from abuse, brute-force attacks, and resource exhaustion.
A red team is a group of security professionals who simulate real-world adversary tactics, techniques, and procedures (TTPs) to test an organization's detection and response capabilities.
Responsible disclosure is the practice of privately reporting discovered security vulnerabilities to the affected vendor or organization, giving them time to develop and deploy a fix before the vulnerability is made public.
REST API security refers to the set of practices, controls, and design principles used to protect RESTful web services from unauthorized access, data breaches, injection attacks, and other threats.
A risk assessment is a systematic process of identifying, analyzing, and evaluating cybersecurity risks to an organization's information assets, systems, and operations, providing the foundation for informed risk management decisions and appropriate control selection.
Root detection is a set of runtime checks a mobile application performs to determine whether the underlying device has been rooted (Android) or jailbroken (iOS), indicating that the operating system's security controls have been weakened or removed.
RSA is an asymmetric cryptographic algorithm that uses a pair of mathematically linked public and private keys to encrypt data, verify digital signatures, and facilitate secure key exchange.
Runtime Application Self-Protection (RASP) is a security technology embedded directly within a mobile application that monitors its own execution environment and behaviour in real time, detecting and automatically responding to attacks such as code injection, tampering, and debugger attachment without relying on external network-based defences.
S3 bucket security refers to the practices and configurations used to protect Amazon S3 and similar cloud object storage services from unauthorized access, data leakage, and misconfiguration. Publicly accessible storage buckets remain one of the most common causes of cloud data breaches.
The Same-Origin Policy (SOP) is a fundamental browser security mechanism that restricts how a document or script loaded from one origin can interact with resources from a different origin. An origin is defined by the combination of protocol, host, and port.
SCADA security focuses on protecting Supervisory Control and Data Acquisition systems — the networked architectures that provide centralised monitoring and control over geographically dispersed industrial processes such as pipelines, power distribution, and water treatment facilities.
A security audit is a systematic evaluation of an organization's information systems, policies, and procedures to assess compliance with security standards and identify areas for improvement.
Security compliance automation is the use of technology, tools, and automated processes to continuously monitor, assess, enforce, and report on an organization's adherence to security standards, regulations, and internal policies, reducing manual effort and improving compliance accuracy.
A Security Operations Center (SOC) is a centralized unit that deals with security issues on an organizational and technical level, providing continuous monitoring, analysis, and response to cybersecurity incidents.
Server-Side Request Forgery (SSRF) is a vulnerability where an attacker can make the server-side application send HTTP requests to an arbitrary destination chosen by the attacker. This can expose internal services, cloud metadata endpoints, and other resources not directly accessible from the internet.
Serverless security covers the practices and controls required to protect serverless functions and applications from threats such as event injection, overprivileged roles, and insecure dependencies. It shifts focus from infrastructure hardening to application-layer and configuration-level security.
Session management is the process of securely handling user sessions in a web application, including the creation, maintenance, and destruction of session identifiers. Weak session management can lead to session hijacking, fixation, and unauthorised account access.
The shared responsibility model is a cloud security framework that delineates which security obligations belong to the cloud service provider and which belong to the customer. It ensures both parties understand their roles in protecting data and infrastructure.
SIEM (Security Information and Event Management) is a technology platform that collects, aggregates, and analyzes log data and security events from across an organization's IT environment to detect threats and support compliance.
SMB security refers to the practices and configurations used to protect the Server Message Block protocol, which enables file sharing, printer access, and inter-process communication in Windows networks, from exploitation and unauthorized access.
SOAP security refers to the standards and practices for protecting SOAP-based web services, including WS-Security for message-level authentication and encryption, and defenses against XML-specific attack vectors.
A Security Operations Center (SOC) is a centralized facility and team responsible for continuously monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents.
SOC 2 (System and Organization Controls 2) is an auditing framework developed by the American Institute of CPAs (AICPA) that evaluates an organization's information systems based on five Trust Service Criteria: security, availability, processing integrity, confidentiality, and privacy.
Social engineering is the psychological manipulation of people into performing actions or divulging confidential information, exploiting human trust and behavior rather than technical vulnerabilities.
SQL Injection is a code injection technique that exploits vulnerabilities in an application's database layer by inserting malicious SQL statements into input fields. It allows attackers to read, modify, or delete data and in some cases execute system commands.
SSH (Secure Shell) security encompasses the configurations, practices, and controls used to protect the SSH protocol, which provides encrypted remote access and file transfer capabilities, from unauthorized access and exploitation.
Symmetric encryption is a cryptographic method where the same secret key is used for both encrypting plaintext and decrypting ciphertext, providing fast and efficient data protection.
Threat intelligence is evidence-based knowledge about existing or emerging cybersecurity threats, including context, mechanisms, indicators, implications, and actionable recommendations used to inform security decisions.
Threat modeling is a structured approach for identifying, evaluating, and prioritizing potential security threats to a system, and determining the mitigations needed to address them.
Transport Layer Security (TLS) is a cryptographic protocol that provides end-to-end encryption, authentication, and data integrity for communications over a network.
A Virtual Private Network (VPN) creates an encrypted tunnel between two endpoints over a public or untrusted network, ensuring confidentiality and integrity of data in transit.
A vulnerability is a weakness or flaw in a system's design, implementation, configuration, or operation that could be exploited by a threat actor to compromise the system's security.
A vulnerability assessment is the systematic process of identifying, quantifying, and prioritizing security weaknesses in a system, network, or application.
Vulnerability scanning is the automated process of probing systems, networks, and applications to identify known security weaknesses, misconfigurations, and missing patches that could be exploited by attackers.
A Web Application Firewall (WAF) is a security solution that monitors, filters, and blocks HTTP/HTTPS traffic to and from a web application. It protects against common web attacks such as SQL Injection, XSS, and CSRF by analysing request patterns against predefined security rules.
Webhook security encompasses the techniques used to protect webhook endpoints from spoofing, tampering, replay attacks, and server-side request forgery, ensuring that incoming webhook payloads are authentic and safe to process.
A zero-day vulnerability is a previously unknown software flaw that has no available patch or fix at the time of discovery, giving defenders zero days to prepare before it can be exploited.
Zigbee security refers to the encryption, authentication, and key management mechanisms built into the Zigbee wireless protocol, as well as the known vulnerabilities and attack techniques that target Zigbee-based IoT mesh networks.
154 of 154 terms