Glossary

A

Access Keys

Programmable ways to define or restrict access for users. An access key, generated by an API, can be defined by role or other parameters to ensure that the access allowed is situation-specific and legitimate.

Account Takeover

A type of cyberattack in which hackers overtake security provisions in place and assume control of an account. This is often the result of data breaches, when cybercriminals steal usernames, passwords, and other personally identifiable information (PII).

Active Directory

A Microsoft application that serves as a gatekeeper to ensure users are matched with the correct level of access permissions appropriate for their defined profiles.

Attack Surface

Collective points of vulnerability between and across applications and network systems that put a system at risk of cyberattack.

Attack Vector

Automated Remediation

Automatic protective actions that are triggered by predefined alerts or scenarios to address cybersecurity concerns.

Automation or Automated Security

Processes that rely on technology and artificial intelligence (AI), while minimizing human involvement, to implement security protocols, safeguard systems, and maintain network health.

C

CASB

CCPA (California Consumer Privacy Act)

Developed to give consumers more control over how businesses use their personal data. Specifically, it establishes the rights for consumers to.

Cloud Native

A software development approach that is based entirely on cloud computing, cloud native development is typically adopted by businesses seeking to drive agility.

Cloud Security Posture Management (CPSM)

Unlike SaaS Security Posture Management (SSPM), which centers around automating security for SaaS applications, CSPM focuses on securing the posture management of the assets and resources that comprise cloud infrastructure.

Configuration and Posture Management

The practice of assessing and testing the security of an organization’s software and application configurations in conjunction with the overall risk management of the IT infrastructure.

Configuration Drift

Is a security risk that can happen when software and application updates are rolled out without corresponding adjustments throughout the tech stack. It can also happen when changes are made to devices without consideration for follow-on impact within the IT system.

Configuration Management Database (CMDB)

CTEM

D

Data Breach

Occurs when a cyber intruder penetrates the security system of an organization and is able to access sensitive information.

Data Leakage

Data Loss Prevention (DLP)

An approach that includes processes, policies, software, and other technologies to keep data safe from unauthorized access, destruction, or theft. It also applies to preventing employees from sharing sensitive content outside the corporate network.

DevOps

A philosophical approach that knits the development of software (Dev) with the deployment by IT operations (Ops). The purpose is to create rapid, agile workflows that shorten the development cycle while yielding high quality software.

DevSecOps

An approach that integrates security from the beginning of the development cycle, versus overlaying it after the fact.

F

Federal Information Security Management Act (FISMA)

A U.S. federal law that was enacted in 2002 to hold federal agencies accountable for securing the information and information systems they are responsible for. Agency officials and officers are required to develop, document, and implement specific controls and conduct annual reviews of their security programs.

G

General Data Protection Regulation (GDPR)

A set of governing rules in Europe that is designed to give consumers control over their personal information. It prescribes specific guidance for how businesses can handle consumer data and includes hefty fines for organizations that don’t comply. 

GLBA (Gramm-Leach-Bliley Act)

U.S. legislation enacted in 1999 that requires financial institutions to both disclose to consumers how their data is shared and to secure all sensitive information.

H

HIPAA

The Health Insurance Portability and Accountability Act was enacted in 1996 to protect patients and their data. While it was designed to prevent healthcare fraud and abuse, it also aimed to guarantee that health information remains secure and private.

Hybrid Workforce

Includes employees that work remotely and in-office. The nature of this setup can expand an organization’s attack surface.

I

Identity and Access Management (IAM)

A methodology that governs which individuals can access specific resources and data. IAM is integral to meeting compliance regulations and reducing risk across disparate systems.

Identity Based Microsegmentation

A practice in which workloads, devices, networks, or communication requests (versus workers) are assigned identity privileges to dictate what resources can be accessed. This approach is based on zero trust policy and can prevent lateral movement of cyber attackers in the network.

Identity Provider (IdP)

An entity that is relied upon for managing user identities and issuing credentials.

Intrusion Detection

A practice that monitors inbound and outbound network traffic for suspicious activity and threats. Intrusion detection systems with sensors on the network are called NIDS (network intrusion detection systems), while intrusion detection systems that have sensors planted on devices are called HIDS (host intrusion detection systems). NIDS monitor and analyze in real-time, while HIDS look […]

Intrusion Prevention

Focused on preemptive activity. It scans for potential malicious activity or policy violations to ensure a strong line of defense.

ISO 27001

Provides requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using these standards enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties. 

IT Stack

The sum of applications, software, and IT elements that comprise the IT system in a network.

IT Team

Responsible for installing, implementing, and managing technology across the entire network system of an organization.

ITDR

Identity Threat Detection and Response refers to a cybersecurity approach focused on identifying, detecting, and mitigating threats targeting identity and access management (IAM) systems.

L

Live Environments

Are in real-time use by active business users.

M

Malware

Malicious software created by cybercriminals.

Misconfiguration

Occurs when software or systems have been set up incorrectly, perhaps with default settings that are not appropriate for the organization. This becomes especially important when connected through the cloud, making misconfigurations a common risk for cyberattack.

Multi-Factor Authentication (MFA)

An approach to ensure appropriate access for individuals seeking data or use of applications, which requires at least two layers of proof of identity.

N

National Institute of Standards and Technology (NIST)

Part of the U.S. Department of Commerce. NIST measurements support the smallest of technologies to the largest and most complex of human-made creations — from nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair up to earthquake-resistant skyscrapers and global communication networks.

O

OAuth

An open standard authorization protocol for access delegation. It’s a secure way for users to grant access to their personal information on a website with another website or application without sharing their password. For example, logging in to a website using your Google or Facebook account.

P

Payment Card Industry and Data Security Standard (PCI-DSS)

Requires organizations that work with credit cards to implement security measures to protect cardholder data and prevent credit card fraud.

Pentest (aka Penetration Test)

Pentesting is a method for testing the strength of a company’s security posture, which engages a team to launch cyberattacks on the network to test for vulnerabilities. Most security experts caution against over-reliance on pentests at the expense of ongoing security measures because it simply provides a snapshot of security posture at a single point […]

Personally Identifiable Information (PII)

Any information that is associated with a person’s identity and which can be used to profile an individual. Examples include name, address, email address, cell phone number, and other sensitive details. This type of data is sought after by cyber attackers in data breaches for the purpose of stealing identities and/or selling the information on […]

Phishing

An approach to stealing identities or sensitive information based on social engineering. Cybercriminals will pose as friends, family members, or businesses in an attempt to capture personal or account information for fraudulent activity.

Posture Assessment

Provides a holistic view of an organization’s security readiness, based on the sum of cataloged vulnerabilities, security technologies and processes in place, and the overall ability to detect and respond to threats or attacks.

Privileged Access

An IT term that refers to an elevated level of access to accounts, data, or applications beyond what standard users can access.

R

Role-Based Access Control (RBAC)

A method of restricting network access based on the roles of individual users within an enterprise. RBAC helps ensure that employees access only the information they need to do their jobs and prevents them from accessing information that isn’t relevant to their role. Roles could include “end user,” “administrator,” “executive,” and more.

S

SaaS

The acronym for Software as a Service, a usage model where software is hosted in the cloud by a third party and accessed on demand, via subscription.

SaaS Attack

SaaS Compliance?

SaaS Identity Management

SaaS Security Management (SSM)

SaaS security management is a methodology that accounts for the dynamic nature of SaaS environments and provides security solutions that pick up where traditional security technologies leave off.

SaaS Security Posture Management (SSPM)?

A suite of solutions that helps discover, protect, and monitor third party SaaS applications and platforms to prevent security concerns, like misconfigurations.

Sandbox

An isolated area of the network that is set up as a test environment and designed to mirror the end user network environment. It is used to test code or inspect potential threats.

Sarbanes Oxley Act (SOX)

SecOps

A collaborative approach that joins Security and IT to eliminate silos and fortify cross-functional workflows for more secure platforms and computing environments.

Security Posture

The state of how secure or vulnerable an organization is, based on security solutions in play, processes in place, and awareness of existing risks and vulnerabilities.

Security Team

A group within an organization responsible for testing and maintaining the security of the company’s network infrastructure and building or sourcing solutions. It is responsible for setting policy, as well as investigating suspicious cyber activities. Because there is a lot of ground to cover with limited resources, security teams often rely on automated solutions in […]

Sensitive Data

Classified or confidential information, including PII, that must be protected to prevent harm to companies or individuals. With the rise in data breaches over the past decade, government regulations have been put in place to hold companies accountable for safeguarding sensitive data. 

Shadow IT

Software, applications, devices, and other technologies that are used or deployed without the knowledge or authorization of the IT team.

Shared Responsibility Model

A practice championed by government and industry that calls for the responsibility of cloud security to be shared by cloud providers, product vendors, and customers, based on the security measures that fall under their control. With SaaS, the application provider assumes responsibility for the physical infrastructure, network, OS, and application, while the customer is responsible […]

SSL/TLS

These are acronyms for the terms Secure Socket Layer and Transport Layer Security, which are encryption protocols designed to ensure secure communications across the internet. TLS runs in the application layer and replaced SSL in 1999. It was created for privacy and data integrity between computer applications that communicate with one another. 

SSO

An acronym for Single Sign-On, which is a method that allows users to log in to multiple applications and services with a single authentication.

T

Third Party App (aka 3rd Party App )

An application developed by a business that is not the same manufacturer as the device the app is used on. For example, a music streaming service like Spotify, used on a mobile phone.

Threat Detection

The ability to identify and analyze malicious activity on the network to prevent a cyberattack from gaining entry and inflicting harm. Accuracy is critical in threat detection, to prevent “alert fatigue” resulting from false positives.

Threat Intelligence

Data that helps security professionals understand emerging and existing threats, how they behave, and best practices to keep cyber risk in check. It is a pooling of evidence-based knowledge captured via tools, analysis, and observation.

Two-factor Authentication (2FA)

Requires a user to prove their identity two different ways before access to an account or computer system is allowed. For example, a password used in conjunction with a code sent to a user’s phone.

U

Unauthorized Control

A situation where a cybercriminal has breached a system and has been able to take control.

User Entity and Behavior Analytics (UEBA)

A cybersecurity method that flags anomalous user activities based on profiles of their typical habits and behaviors.

W

Workload Protection

The process of deploying policies and security measures to safeguard applications, resources, virtual machines, and the like as they communicate within the cloud. Workload protection is an integral part of posture management.

Z

Zero Day

An exploit by cyber attackers that takes advantage of a vulnerability that is unknown to the software provider, or through a known vulnerability that does not yet have a patch.

Zero Trust

A security policy that assumes any and every device or user could be malicious and requires proper authentication before allowing access to data or services.