SaaS Security Glossary

Programmable ways to define or restrict access for users. An access key, generated by an API, can be defined by role or other parameters to ensure that the access allowed is situation-specific and legitimate.

A type of cyberattack in which hackers overtake security provisions in place and assume control of an account. This is often the result of data breaches, when cybercriminals steal usernames, passwords, and other personally identifiable information (PII).

A Microsoft application that serves as a gatekeeper to ensure users are matched with the correct level of access permissions appropriate for their defined profiles.

Collective points of vulnerability between and across applications and network systems that put a system at risk of cyberattack.

An attack vector is a means for exploiting a computer system that places it, its network, and the sensitive information it contains at risk of a data breach. Attack Vector FAQs What is an Attack Vector? Attack vectors allow hackers to gain unauthorized access to operating systems (OS). For example, an attacker may exploit unpatched […]

Automatic protective actions that are triggered by predefined alerts or scenarios to address cybersecurity concerns.

Processes that rely on technology and artificial intelligence (AI), while minimizing human involvement, to implement security protocols, safeguard systems, and maintain network health.

What is CASB in cyber security? A cloud access security broker (CASB) sits between cloud application providers and users, offering visibility and control over cloud data, usage, access, and security. CASBs typically offer encryption, access control, threat protection, and monitoring, helping organizations enforce security policies and ensure compliance. This aids in protecting sensitive data as […]

Developed to give consumers more control over how businesses use their personal data. Specifically, it establishes the rights for consumers to.

A software development approach that is based entirely on cloud computing, cloud native development is typically adopted by businesses seeking to drive agility.

CSPM, or Cloud Security Posture Management, is a tool or set of practices designed to manage and improve the security stance of cloud environments. CSPM FAQs What is CSPM? CSPM is essential for organizations using cloud services to ensure their environments remain secure, compliant, and protected against potential threats. CSPM tools automatically assess cloud configurations, […]

The practice of assessing and testing the security of an organization’s software and application configurations in conjunction with the overall risk management of the IT infrastructure.

Is a security risk that can happen when software and application updates are rolled out without corresponding adjustments throughout the tech stack. It can also happen when changes are made to devices without consideration for follow-on impact within the IT system.

A configuration management database (CMDB) is a centrally located storage tool for information about dependencies between components of organizational IT infrastructure. These are referred to as configuration items (CIs) and include hardware, software, and individual network elements such as routers and machines. A CMDB (configuration management database) provides a comprehensive view of these relationships and […]

Continuous threat exposure management (CTEM) is a security management process that exposes an organization’s assets, systems, and networks to ongoing attack simulations to uncover security risks and identify vulnerabilities. Continuous Threat Exposure Management FAQs What is an CTEM? CTEM proactively identifies cyber threats across an organization’s digital ecosystem to allow security teams to analyze and […]

Occurs when a cyber intruder penetrates the security system of an organization and is able to access sensitive information.

Data leakage is a subtype of data loss. Data leakage occurs when sensitive data is exposed to the public, typically due to errors in configuration. Negligence, malicious intent, and human error can all play a role in data leaking, but a close focus on secure configuration can help prevent it. Data leakage also occurs when […]

An approach that includes processes, policies, software, and other technologies to keep data safe from unauthorized access, destruction, or theft. It also applies to preventing employees from sharing sensitive content outside the corporate network.

A philosophical approach that knits the development of software (Dev) with the deployment by IT operations (Ops). The purpose is to create rapid, agile workflows that shorten the development cycle while yielding high quality software.

DevSecOps Definition DevSecOps stands for Development, Security, and Operations. It’s a modern approach that builds security into every stage of the software development lifecycle instead of treating it as a final step. The goal is to make security a shared responsibility between developers, IT, and security teams, so code is tested, secured, and deployed faster […]

A U.S. federal law that was enacted in 2002 to hold federal agencies accountable for securing the information and information systems they are responsible for. Agency officials and officers are required to develop, document, and implement specific controls and conduct annual reviews of their security programs.

A set of governing rules in Europe that is designed to give consumers control over their personal information. It prescribes specific guidance for how businesses can handle consumer data and includes hefty fines for organizations that don’t comply. 

U.S. legislation enacted in 1999 that requires financial institutions to both disclose to consumers how their data is shared and to secure all sensitive information.

The Health Insurance Portability and Accountability Act was enacted in 1996 to protect patients and their data. While it was designed to prevent healthcare fraud and abuse, it also aimed to guarantee that health information remains secure and private.

Includes employees that work remotely and in-office. The nature of this setup can expand an organization’s attack surface.

A methodology that governs which individuals can access specific resources and data. IAM is integral to meeting compliance regulations and reducing risk across disparate systems.

A practice in which workloads, devices, networks, or communication requests (versus workers) are assigned identity privileges to dictate what resources can be accessed. This approach is based on zero trust policy and can prevent lateral movement of cyber attackers in the network.

An entity that is relied upon for managing user identities and issuing credentials.

A practice that monitors inbound and outbound network traffic for suspicious activity and threats. Intrusion detection systems with sensors on the network are called NIDS (network intrusion detection systems), while intrusion detection systems that have sensors planted on devices are called HIDS (host intrusion detection systems). NIDS monitor and analyze in real-time, while HIDS look at historical data, typically on machines that aren’t expected to have changes.

Focused on preemptive activity. It scans for potential malicious activity or policy violations to ensure a strong line of defense.

Provides requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using these standards enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties. 

The sum of applications, software, and IT elements that comprise the IT system in a network.

Responsible for installing, implementing, and managing technology across the entire network system of an organization.

Identity Threat Detection and Response (ITDR) refers to a cybersecurity approach focused on identifying, detecting, and mitigating threats targeting identity and access management (IAM) systems. ITDR specifically aims to address the growing risks associated with compromised identities, which are often a critical attack vector in data breaches and other security incidents. ITDR FAQs What is […]

Are in real-time use by active business users.

Malicious software created by cybercriminals.

Occurs when software or systems have been set up incorrectly, perhaps with default settings that are not appropriate for the organization. This becomes especially important when connected through the cloud, making misconfigurations a common risk for cyberattack.

An approach to ensure appropriate access for individuals seeking data or use of applications, which requires at least two layers of proof of identity.

Part of the U.S. Department of Commerce. NIST measurements support the smallest of technologies to the largest and most complex of human-made creations — from nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair up to earthquake-resistant skyscrapers and global communication networks.

An open standard authorization protocol for access delegation. It’s a secure way for users to grant access to their personal information on a website with another website or application without sharing their password. For example, logging in to a website using your Google or Facebook account.

Requires organizations that work with credit cards to implement security measures to protect cardholder data and prevent credit card fraud.

Pentest Definition A penetration test (pentest) is an authorized, simulated cyberattack performed by security professionals to find and exploit real-world vulnerabilities in systems, applications, networks, or APIs so those weaknesses can be fixed before attackers find them. Penetration Testing FAQs What is Penetration Testing (Pentest)? A penetration test (pentest) is an authorized, simulated cyberattack designed […]

Any information that is associated with a person’s identity and which can be used to profile an individual. Examples include name, address, email address, cell phone number, and other sensitive details. This type of data is sought after by cyber attackers in data breaches for the purpose of stealing identities and/or selling the information on the dark web.

An approach to stealing identities or sensitive information based on social engineering. Cybercriminals will pose as friends, family members, or businesses in an attempt to capture personal or account information for fraudulent activity.

Provides a holistic view of an organization’s security readiness, based on the sum of cataloged vulnerabilities, security technologies and processes in place, and the overall ability to detect and respond to threats or attacks.

An IT term that refers to an elevated level of access to accounts, data, or applications beyond what standard users can access.

A method of restricting network access based on the roles of individual users within an enterprise. RBAC helps ensure that employees access only the information they need to do their jobs and prevents them from accessing information that isn’t relevant to their role. Roles could include “end user,” “administrator,” “executive,” and more.

The acronym for Software as a Service, a usage model where software is hosted in the cloud by a third party and accessed on demand, via subscription.

An attack vector is a means for exploiting a computer system that places it, its network, and the sensitive information it contains at risk of a data breach.A SaaS attack targets software-as-a-service (SaaS) applications or services provided over the internet. Unlike traditional software installed on individual devices or local servers, SaaS applications are hosted on […]

SaaS platforms and providers must each adhere to standards relevant to their business and industry, such as data protection laws, industry regulations, security guidelines, and contractual agreements to achieve Software as a Service (SaaS) compliance. For example, this includes protecting user data, maintaining customer privacy, and following any requirements that set industry norms. SaaS compliance […]

SaaS Identity Management Definition SaaS identity management allows security teams to control access to SaaS applications. These tools and processes are critical to maintaining compliance, efficiency, and security for digital operations. Strong SaaS identity management enables authorized employees to access only the resources they need at critical times for valid, job-related reasons—and limits access there. […]

SaaS security management is a methodology that accounts for the dynamic nature of SaaS environments and provides security solutions that pick up where traditional security technologies leave off.

A suite of solutions that helps discover, protect, and monitor third party SaaS applications and platforms to prevent security concerns, like misconfigurations.

An isolated area of the network that is set up as a test environment and designed to mirror the end user network environment. It is used to test code or inspect potential threats.

A U.S. regulation designed to protect investors from accounting fraud by requiring specific practices in financial reporting and record keeping.

A collaborative approach that joins Security and IT to eliminate silos and fortify cross-functional workflows for more secure platforms and computing environments.

The state of how secure or vulnerable an organization is, based on security solutions in play, processes in place, and awareness of existing risks and vulnerabilities.

A group within an organization responsible for testing and maintaining the security of the company’s network infrastructure and building or sourcing solutions. It is responsible for setting policy, as well as investigating suspicious cyber activities. Because there is a lot of ground to cover with limited resources, security teams often rely on automated solutions in SaaS environments.

Classified or confidential information, including PII, that must be protected to prevent harm to companies or individuals. With the rise in data breaches over the past decade, government regulations have been put in place to hold companies accountable for safeguarding sensitive data. 

Shadow IT Definition Shadow IT refers to hardware, software, or cloud services used within an organization without the knowledge, approval, or oversight of the IT or security department. This can include things like: • Employees using personal devices for work tasks • Teams signing up for unsanctioned SaaS tools (e.g., using Google Drive or Trello […]

A practice championed by government and industry that calls for the responsibility of cloud security to be shared by cloud providers, product vendors, and customers, based on the security measures that fall under their control. With SaaS, the application provider assumes responsibility for the physical infrastructure, network, OS, and application, while the customer is responsible for data and identity management.

These are acronyms for the terms Secure Socket Layer and Transport Layer Security, which are encryption protocols designed to ensure secure communications across the internet. TLS runs in the application layer and replaced SSL in 1999. It was created for privacy and data integrity between computer applications that communicate with one another. 

An acronym for Single Sign-On, which is a method that allows users to log in to multiple applications and services with a single authentication.

An application developed by a business that is not the same manufacturer as the device the app is used on. For example, a music streaming service like Spotify, used on a mobile phone.

The ability to identify and analyze malicious activity on the network to prevent a cyberattack from gaining entry and inflicting harm. Accuracy is critical in threat detection, to prevent “alert fatigue” resulting from false positives.

Data that helps security professionals understand emerging and existing threats, how they behave, and best practices to keep cyber risk in check. It is a pooling of evidence-based knowledge captured via tools, analysis, and observation.

Requires a user to prove their identity two different ways before access to an account or computer system is allowed. For example, a password used in conjunction with a code sent to a user’s phone.

A situation where a cybercriminal has breached a system and has been able to take control.

A cybersecurity method that flags anomalous user activities based on profiles of their typical habits and behaviors.

The process of deploying policies and security measures to safeguard applications, resources, virtual machines, and the like as they communicate within the cloud. Workload protection is an integral part of posture management.

An exploit by cyber attackers that takes advantage of a vulnerability that is unknown to the software provider, or through a known vulnerability that does not yet have a patch.

A security policy that assumes any and every device or user could be malicious and requires proper authentication before allowing access to data or services.