Skip to content

Glossary

Over 301 definitions covering cybersecurity, IT infrastructure, and cloud computing. Complex IT concepts explained in plain language.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

Access Management

Access Management is the process of controlling and monitoring who has access to an organization's IT resources and to what extent. It includes managing user identities, permissions, and access policies to ensure that only authorized individuals can access data and systems.

AI Act

AI Act is an EU regulation establishing requirements for artificial intelligence systems. AI Act classifies AI systems by risk (unacceptable, high, limited, minimal) and introduces obligations for providers and users, including transparency, testing, and human oversight requirements.

AI Security

AI Security is a cybersecurity discipline focused on protecting artificial intelligence systems from attacks and securing organizations against threats arising from AI usage.

Amazon Web Services (AWS)

Amazon Web Services (AWS) is a comprehensive and widely adopted cloud platform offered by Amazon. AWS provides a broad range of infrastructure services such as compute power, data storage, databases, analytics, networking, mobile tools, developer tools, management and monitoring, security, and enterprise applications.

Anonymization

Anonymization is the process of transforming personal data in such a way that the person to whom the data relates cannot be identified, even with the use of additional information. The goal of anonymization is to protect individuals' privacy by removing or modifying identifying data, making it impossible to link them to specific persons.

Anti-DDoS

Anti-DDoS is a set of technologies and strategies designed to protect networks, servers, and applications from Distributed Denial of Service (DDoS) attacks. DDoS attacks involve overloading network or server resources by simultaneously sending massive amounts of traffic from multiple infected devices, leading to service disruption or complete shutdown.

Antimalware

Antimalware is software designed to detect, prevent, and remove malicious software (malware) from computer systems. Malware includes viruses, trojans, worms, spyware, adware, ransomware, and other harmful programs that can damage computer systems, steal data, or disrupt normal device operation.

Antivirus

Antivirus is software designed to detect, neutralize, and remove computer viruses and other malicious programs such as trojans, worms, spyware, or adware. Antivirus protects computer systems from infections that can cause file damage, data theft, system slowdown, or other IT security problems.

API

API (Application Programming Interface) is a set of rules and protocols enabling communication between different applications. API allows for data and function exchange between software, enabling system integration and creation of new applications based on existing services.

API Security Testing

API security testing is the process of evaluating and verifying the security of Application Programming Interfaces (APIs) to detect and fix potential vulnerabilities and threats. These tests aim to ensure that APIs are resistant to attacks and unauthorized access, protecting application data and resources.

Application Security

Application security encompasses a set of practices, tools, and processes aimed at identifying, preventing, and responding to potential threats to applications. It applies to web, mobile, and desktop applications. The goal is protection against unauthorized access, modification, or destruction of data, and ensuring application continuity.

APT Attack

APT (Advanced Persistent Threat) is an advanced, long-term cyber attack conducted by highly skilled actors, often state-sponsored. APT attacks are characterized by sophisticated techniques, targeted approach, and multi-month or multi-year presence in victim systems.

Artificial Intelligence

Artificial Intelligence (AI) is a field of computer science focused on creating systems and algorithms that can perform tasks requiring human intelligence. AI encompasses machines' ability to learn, reason, solve problems, recognize patterns, understand natural language, and make decisions.

Attack Surface

Attack Surface is the sum of all points through which an unauthorized user can attempt to enter data or extract information from a system. The larger the attack surface, the more potential attack vectors.

Attack Surface Management

Attack surface management is the process of identifying, analyzing, monitoring, and minimizing all potential entry points through which attackers can gain unauthorized access to an organization's systems, networks, and data. It includes a holistic view of external and internal IT resources that may be exposed to cyber attacks.

Authentication

Authentication is the process of verifying the identity of a user, device, or system attempting to access digital resources. It is a key element of cybersecurity, aimed at ensuring that only authorized entities can use protected resources.

Authorization

Authorization is the process of granting users permissions to access specific resources in information systems. It involves determining what actions a user can perform after successful authentication. Authorization is a key element of access management, ensuring that only authorized individuals can use specific functions, data, or services.

B

Backdoor

A backdoor is a hidden method of bypassing standard authentication or encryption mechanisms in a computer system, application, network, or device. Backdoors can be intentionally built in by developers for future system access or installed by cybercriminals to gain unauthorized access.

Backup

Backup, also known as a backup copy or safety copy, is the process of creating a duplicate of data to protect it from loss. Backup involves copying files, folders, databases, or entire systems to a separate medium or location to enable data recovery in case of loss, damage, or unavailability.

Baiting

Baiting is an advanced form of psychological manipulation in which an attacker exploits deeply rooted human desires and emotions. The goal is to create a situation where the victim, driven by curiosity, greed, or other strong impulses, takes actions potentially harmful to themselves or their organization.

Blue Team

Blue Team is a group of cybersecurity specialists responsible for defending an organization's information systems against cyberattacks. This team focuses on detecting, analyzing, and responding to security threats, as well as strengthening the organization's overall security posture.

Bot

A bot is a computer program designed to perform repetitive tasks in an automated manner. The name 'bot' comes from the word 'robot.' Bots are based on artificial intelligence algorithms and aim to mimic human behaviors, especially in the context of online interactions.

Botnet

A botnet is a network of infected computer devices (called bots or zombies) that are remotely controlled by cybercriminals. The name botnet comes from combining the words 'robot' and 'network'. Botnets consist of many devices - from personal computers to IoT devices - that have been infected with malware allowing the attacker (botmaster) to take control of them without the owners' knowledge.

Breach and Attack Simulation

Breach and Attack Simulation (BAS) is an innovative approach to cybersecurity that uses automated tools to continuously simulate a full attack cycle on an organization's infrastructure. BAS allows organizations to test their defenses against simulated cyberattacks, identify security gaps, and evaluate the effectiveness of existing protective mechanisms.

Brute Force

A brute force attack is a security-breaking method that involves systematically checking all possible combinations to discover the correct password or key. The attacker tries to 'guess' the password by testing various combinations one by one until finding the right one.

Business Continuity Management

Business Continuity Management (BCM) is a comprehensive management process that identifies potential threats to an organization and their impact on business operations. BCM provides a framework for building organizational resilience and the ability to effectively respond to crisis situations, protecting the interests of key stakeholders, reputation, and brand of the organization.

Business Email Compromise

Business Email Compromise (BEC) is an advanced type of phishing attack in which cybercriminals impersonate trusted individuals or organizations to induce victims to perform specific actions, most commonly money transfers or disclosure of confidential information. BEC uses social engineering techniques and often relies on thorough reconnaissance of the attacked company's structure and processes.

BYOD (Bring Your Own Device)

BYOD, or Bring Your Own Device, is a policy that allows employees to use their own devices, such as laptops, smartphones, and tablets, for work purposes. The BYOD policy has gained popularity in recent years, enabling employees greater flexibility and convenience at work.

C

CASB

CASB (Cloud Access Security Broker) is a security solution positioned between users and cloud service providers. CASB provides visibility into SaaS usage, protects data in the cloud, detects threats, and enforces security policies for cloud applications.

Change Management

Change management is a systematic process of planning, implementing, monitoring, and evaluating changes in an organization to minimize disruptions and maximize benefits from these changes. It includes managing technological, process, organizational, and cultural changes to ensure smooth transition and adaptation to new conditions.

CIEM

CIEM (Cloud Infrastructure Entitlement Management) is a cloud security solution category that manages permissions and access in multi-cloud environments. CIEM detects excessive permissions, unused accounts, and risky IAM configurations in AWS, Azure, and GCP.

CIS (Center for Internet Security)

CIS is an organization dedicated to creating and promoting best practices in cybersecurity. It develops globally recognized standards, tools, and resources that help organizations protect against cyber threats.

CIS Security Audit

A CIS security audit is a thorough assessment of an organization's IT systems based on Center for Internet Security (CIS) standards. CIS is a non-profit organization that develops and promotes cybersecurity best practices. The CIS security audit aims to detect security vulnerabilities, assess compliance with CIS guidelines, and ensure the organization follows best information security practices.

Cloud Data Protection

Cloud data protection refers to a set of practices, technologies, and policies aimed at securing data stored and processed in cloud environments from unauthorized access, loss, modification, and other threats. This includes both data at rest and data in transit.

Cloud Environment Management

Cloud environment management is a comprehensive process of overseeing, optimizing, and controlling cloud resources and services used by an organization. It includes a range of activities aimed at ensuring effective functioning of cloud infrastructure, including performance monitoring, cost management, security and compliance assurance, and resource utilization optimization.

Cloud Environment Security

Cloud environment security refers to the technologies, procedures, policies, and control mechanisms used to protect cloud-based data, applications, and services. The goal is to ensure the confidentiality, integrity, and availability of cloud resources, as well as protection against unauthorized access, attacks, and other threats.

Cloud Management

Cloud management is the process of administering, controlling, and optimizing cloud resources such as servers, storage, networks, and applications to ensure their efficient and secure operation. This includes managing cloud infrastructure, cloud services, and data stored in the cloud.

Cloud Migration

Cloud migration is the process of moving data, applications, computing power, and other digital resources from local data centers to a cloud service provider's infrastructure. This can include moving applications, databases, development platforms, and other technologies supporting organizational operations to the cloud.

Cloud Solutions

Cloud solutions are a model of delivering IT services in which computing resources, storage, applications, and other IT services are provided over the internet. Instead of locally storing and processing data on their own servers, users can use resources delivered by external cloud service providers.

CNAPP

CNAPP (Cloud-Native Application Protection Platform) is an integrated platform combining multiple cloud security tools: CSPM, CWPP, CIEM, and container security. CNAPP provides comprehensive protection for cloud-native applications from development to runtime.

Code Review

Code review, also known as code inspection or code review, is the process of systematic source code analysis by other developers to detect errors, improve code quality, and share knowledge within the team. It is a key element of the software development process, involving verification of code before its inclusion in the main project branch.

Computer Network

A computer network is a system of interconnected electronic devices that can exchange data and resources. It enables communication between computers, servers, smartphones, and other devices, allowing them to share information, applications, and hardware resources.

Computer Virus

A computer virus is a type of malicious software designed for self-replication and spreading to other computers. Computer viruses can modify or destroy data, disrupt computer system operations, and utilize system resources without user consent.

Configuration Management

Configuration management is the process of identifying, controlling, maintaining, and verifying the configuration of hardware, software, and documentation in an organization's IT systems. It includes tracking and managing configuration changes, ensuring consistency and integrity of IT systems.

Configuration Review

Configuration review is a systematic process of evaluating and verifying settings and configurations of IT systems, network devices, and applications to ensure they comply with security policies, industry standards, and best practices. The goal of configuration review is to identify and correct potential vulnerabilities and non-compliance that may pose a threat to IT security.

Consulting Services

Consulting services in the field of cybersecurity are professional advice and support offered to organizations to improve their information security level. Cybersecurity consultants help companies identify, assess, and manage risks related to cyber threats, as well as develop and implement effective protection strategies.

Cracking

Cracking is the process of breaking software security to gain unauthorized access to systems, data, or services. Cracking is often associated with reverse engineering, involving analysis and modification of compiled programs to bypass their protections without access to source code. Cracking is usually illegal and involves copyright infringement.

Credential Stuffing

Credential stuffing is an automated attack using stolen username/password combinations from data breaches to attempt logins on other services. The attack exploits password reuse by users across different platforms.

Crisis Management

Crisis management is a systematic process of preparation, response, and recovery of control in crisis situations that may threaten the functioning of an organization, its reputation, or security. In the context of cybersecurity, crisis management focuses on minimizing the effects of incidents related to information and IT system security.

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is a type of attack on web applications in which an attacker injects malicious code (usually JavaScript scripts) into website content, which is then displayed to other users. The goal of XSS attacks is data theft, user session hijacking, content manipulation, or other malicious activities.

Cryptojacking

Cryptojacking is the unauthorized use of computing resources (servers, computers, browsers) for cryptocurrency mining. Attackers install cryptominers on compromised systems or inject mining scripts into websites to profit at the expense of victims.

CSPM (Cloud Security Posture Management)

CSPM (Cloud Security Posture Management) is a category of cloud security tools that automatically detect and remediate misconfigurations, compliance violations, and security risks in IaaS, PaaS, and SaaS environments.

CVE

CVE (Common Vulnerabilities and Exposures) is an international system for identifying and cataloging publicly known security vulnerabilities. Each vulnerability receives a unique CVE identifier that allows unambiguous reference to a specific security issue.

CWPP

CWPP (Cloud Workload Protection Platform) is a security solution that protects workloads in the cloud - virtual machines, containers, and serverless functions. CWPP provides runtime protection, vulnerability management, and compliance for workloads regardless of location.

Cyber Hygiene

Cyber hygiene is a set of fundamental practices and behaviors that users and organizations should regularly follow to maintain the security of systems, networks, and data. The NIS2 Directive requires implementation of cyber hygiene practices as one of the mandatory risk management measures.

Cyber Kill Chain

Cyber Kill Chain is an attack model developed by Lockheed Martin describing seven stages of a cyber attack: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, Actions on Objectives. The model helps understand and break the attack chain.

Cyber Resilience Act

Cyber Resilience Act (CRA) is an EU regulation establishing cybersecurity requirements for products with digital elements. CRA requires manufacturers to implement security by design, provide security updates, and report vulnerabilities throughout the product lifecycle.

Cyber Resilience Services

Cyber resilience services are a set of actions, strategies, and technologies aimed at increasing an organization's ability to protect against cyber threats, respond quickly to incidents, and minimize the effects of attacks. The goal of these services is to strengthen the overall resilience of the organization against cyber threats.

Cyberattack

A cyberattack is the deliberate use of computer technology to damage, disrupt, or gain unauthorized access to computer systems, networks, or data. Cyberattacks can include various activities such as installing malware, data theft, conducting Denial-of-Service (DoS) attacks, and manipulating communication between users.

Cybersecurity

Cybersecurity is a collection of techniques, processes, and practices used to protect computer systems, networks, devices, programs, and data from attacks, damage, or unauthorized access. Cybersecurity encompasses various protection measures aimed at ensuring the confidentiality, integrity, and availability of information processed in cyberspace.

Cybersecurity Incident Management

Cybersecurity incident management is the process of identifying, analyzing, responding to, and restoring normal operations after incidents related to information security. These incidents may include hacker attacks, data breaches, malware, phishing, and other cyber threats.

D

DaaS (Desktop as a Service)

DaaS (Desktop as a Service) is a cloud-based virtual desktop delivery model in which a service provider hosts the desktop virtualization back-end infrastructure. DaaS enables users to access a fully functional desktop environment from any device and location via the internet.

Dark Web

The Dark Web is a part of the internet not accessible through standard browsers, requiring special software (e.g., Tor) for access. It is used for both anonymous communication and illegal activities.

Darknet

Darknet is a hidden part of the internet that is not accessible through standard web browsers and requires special tools to access, such as Tor, I2P, or Freenet. Darknet is characterized by a high degree of anonymity and privacy, which makes it often used for both legal and illegal purposes.

DAST (Dynamic Application Security Testing)

DAST (Dynamic Application Security Testing) is a method of application security testing by simulating attacks on a running application from the outside, without access to source code, detecting runtime vulnerabilities such as configuration errors, authentication problems, or dependency vulnerabilities.

Data Center

A Data Center is a specially designed facility or group of facilities intended for storing, processing, and managing large amounts of data and IT infrastructure. Data centers are a key element of modern digital infrastructure, ensuring the continuity of critical information systems.

Data Classification

Data classification is the process of categorizing an organization's data by sensitivity level and protection requirements. Classification enables applying appropriate security controls for different data types and is the foundation of information protection programs.

Data Loss Prevention (DLP)

Data Loss Prevention (DLP) is a comprehensive approach to data protection, encompassing a set of processes, procedures, and tools aimed at preventing loss, misuse, or unauthorized access to sensitive information. DLP focuses on identifying, monitoring, and protecting data in three key states: in use, in transit, and at rest.

Data Protection

Data protection is a set of practices, policies, and technologies aimed at securing data from unauthorized access, use, disclosure, modification, or destruction. It includes both personal data and business data that are crucial for organizational operations.

Data Recovery

Data recovery is the process of restoring data that has been lost, deleted, damaged, or become inaccessible for various reasons. This process can include recovering data from various media such as hard drives, SSDs, USB drives, memory cards, as well as from file systems and databases.

DDoS

DDoS (Distributed Denial of Service) is a type of cyberattack that overloads a system or network service by flooding it with an enormous amount of fake traffic, leading to resource unavailability for legitimate users.

Deepfake

Deepfake is a technology that uses artificial intelligence and deep learning to create realistic but fake video, audio, or image materials in which people's faces or voices are replaced or synthetically generated.

Desktop Application Security Testing

Desktop application security testing is the process of evaluating and verifying the security of computer programs installed and run locally on user computers. The goal of these tests is to identify and eliminate potential security vulnerabilities that could be exploited by attackers to gain unauthorized access to the system or user data.

DevOps

DevOps is a methodology that combines software development and IT operations to improve collaboration, automate processes, and shorten the lifecycle of information systems. DevOps emphasizes continuous delivery, integration, and automation, enabling faster and more reliable deployment of software changes.

DevSecOps

DevSecOps, an acronym for Development, Security, and Operations, is an approach to software development that integrates security practices at every stage of the application lifecycle. DevSecOps brings together development, operations, and security teams to ensure security is considered from the very beginning, not added at the end.

Disaster Recovery

Disaster Recovery (DR) is a set of processes, policies, and procedures aimed at restoring an organization's critical IT infrastructure after a natural or man-made disaster. The goal of DR is to minimize downtime and data loss, enabling the organization to quickly return to normal operations.

Disk Array

A disk array is an advanced data storage system that combines multiple hard drives into a single logical unit. This enables managing large amounts of data more efficiently and securely. Disk arrays are used to ensure high availability, performance, and data redundancy.

DKIM

DKIM (DomainKeys Identified Mail) is an email authentication method using digital signatures. The sending server signs messages with a private key, and the recipient verifies the signature using a public key in DNS. DKIM confirms message integrity and sender authenticity.

DMARC

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication standard that builds on SPF and DKIM. DMARC enables domain owners to specify how unauthenticated messages should be handled (none, quarantine, reject) and receive reports on sender verification.

DNS Attack

DNS (Domain Name System) is a system that translates domain names (e.g., nflo.pl) into IP addresses (e.g., 192.168.1.1), enabling web browsers and other applications to communicate with servers. DNS attacks target this critical infrastructure to disrupt services, redirect users, or steal data.

DNS Poisoning

DNS poisoning (also known as DNS cache poisoning) is a type of cyber attack in which an attacker introduces false information into the cache of a DNS server. The goal of this attack is to redirect users to malicious websites by manipulating DNS responses.

Docker

Docker is an open-source platform that enables creating, deploying, and managing applications in containers. Containers are lightweight, self-contained units that contain everything needed to run an application, including code, libraries, system tools, and settings.

Domain Spoofing

Domain spoofing is a type of cyberattack in which an attacker impersonates a legitimate internet domain to deceive users and trick them into revealing confidential information or performing harmful actions.

DORA

DORA (Digital Operational Resilience Act) is a European Union regulation establishing uniform requirements for digital operational resilience in the financial sector. The regulation imposes obligations regarding ICT risk management, incident reporting, and resilience testing.

Doxing

Doxing, also known as 'doxxing', is a practice of collecting and publicly disclosing private information about a specific person without their consent. The term 'doxing' comes from the English words 'docs' (documents) and 'dropping', referring to the publication of documents containing private data.

DRaaS

DRaaS (Disaster Recovery as a Service) is a cloud service model that provides organizations with a comprehensive disaster recovery solution. DRaaS enables companies to replicate and host their entire IT infrastructure, including servers, applications, and data, in a secure cloud environment provided by the service provider.

DSPM

DSPM (Data Security Posture Management) is a security solution category that automatically discovers, classifies, and protects data in cloud and on-premise environments. DSPM identifies where sensitive data is located, who has access to it, and whether it's properly secured.

E

Edge Computing

Edge Computing, also known as edge processing, is a data processing model in which computations are performed closer to the data source, at the 'edge' of the network, instead of in centralized data centers or the cloud. The goal is to bring data processing and applications closer to users and devices that generate and use them.

Email Spoofing

Email spoofing is a cyberattack technique involving falsifying the sender's email address to hide the true source and impersonate trusted individuals or organizations. Attackers manipulate email headers to make messages appear to originate from a credible source.

Encryption

Encryption is the process of converting data from a human-readable format to ciphertext, which is unreadable without the appropriate decryption key. Encryption is a form of cryptography aimed at protecting data confidentiality by preventing access to unauthorized persons.

Endpoint Detection and Response

Endpoint Detection and Response (EDR) is an advanced cybersecurity solution that monitors, analyzes, and responds to threats on network endpoints such as computers, laptops, and mobile devices. EDR combines continuous real-time monitoring, data analysis, and automatic response to detected threats.

Endpoint Management

Endpoint management is the process of monitoring, managing, and securing endpoint devices such as desktop computers, laptops, smartphones, and tablets that have access to an organization's network and resources. It includes control over configuration, software, security, and access to these devices.

Endpoint Security

Endpoint security is a set of practices, processes, and technologies aimed at protecting network endpoints, such as computers, laptops, smartphones, and tablets, from cyberattacks and unauthorized access. It includes securing both hardware and software of these devices, which represent potential entry points to an organization's network.

Essential Entity

An essential entity under NIS2 is a large organization operating in a sector of high criticality (energy, transport, banking, healthcare, digital infrastructure), subject to the highest cybersecurity requirements and proactive supervision by competent authorities.

Ethical Hacker

An ethical hacker, also known as a 'white hat hacker', is a cybersecurity specialist who uses their skills and knowledge to identify and fix security vulnerabilities in IT systems. Unlike cybercriminals, ethical hackers operate with consent and on behalf of organizations to improve their cybersecurity.

Exploit

An exploit is a piece of software, script, or command sequence that takes advantage of a vulnerability in a computer system, application, or network. The goal of an exploit is to take control of a system, gain unauthorized access to data, or disrupt normal system operation.

Extended Detection and Response

Extended Detection and Response (XDR) is an advanced cybersecurity technology that integrates and analyzes data from multiple layers of IT infrastructure to detect, investigate, and respond to cyber threats. XDR extends the capabilities of traditional Endpoint Detection and Response (EDR), covering not only endpoints but also network, cloud, applications, and other IT environment elements.

H

Hacker

A hacker is a person with advanced technical IT skills who uses them to explore computer systems. Depending on intent, hackers are classified as ethical (white hat), malicious (black hat), or in the grey zone (grey hat).

Hacking

Hacking is the activity of exploiting vulnerabilities in computer systems or networks to gain unauthorized access. It includes analyzing, modifying, and manipulating IT systems, often in ways that go beyond the intended use by their creators.

Helpdesk

Helpdesk is technical support that ensures efficient and smooth operation for a company. It is the first line of IT support, whose main task is to solve current technical problems and provide assistance to customers or company employees. Helpdesk handles managing problem reports, resolving issues, reporting, and escalating to appropriate departments when needed.

Honeypot

A honeypot is a computer system or resource deliberately exposed to cyberattacks. It is a type of trap designed to attract potential attackers so their actions and methods can be studied. A honeypot simulates a poorly secured system, containing seemingly attractive but fake data.

Hybrid Cloud

Hybrid cloud is a cloud computing model that combines on-premises infrastructure (private cloud) with public cloud. This enables organizations to move data and applications between these two environments, allowing for flexible resource management and cost optimization.

Hypervisor

Hypervisor, also known as a virtual machine monitor (VMM), is software that enables creating and managing virtual machines (VMs). Hypervisor acts as an abstraction layer between physical hardware and operating systems, allowing multiple operating systems to run on a single physical server.

I

IAST

IAST (Interactive Application Security Testing) is an application security testing technique combining SAST and DAST elements. IAST uses an agent inside the application to analyze code during test execution, offering precise vulnerability detection with exact code location.

Identity and Access Management

Identity and Access Management (IAM) is a set of processes, policies, and technologies that enable organizations to manage digital identities and control access to resources and systems. IAM ensures that the right people have the right access to the right resources at the right time and for the right reasons.

Identity Management

Identity Management is a set of processes, policies, and technologies that enable organizations to manage digital user identities and control their access to resources and systems. It includes procedures that determine who can access information resources and what they can do with those resources.

Incident Management

Incident Management is a key process in IT service management, whose main goal is to restore normal service operation as quickly as possible after an incident occurs and minimize its negative impact on business operations.

Incident Response

Incident Response (IR) is an organized process of detecting, analyzing, and responding to security incidents such as cyberattacks, data breaches, or system failures. The goal of IR is to minimize damage, limit incident duration, and reduce costs associated with its consequences.

Industrial Security

Industrial Security is a set of practices, technologies, and procedures aimed at protecting industrial automation and control systems (IACS) from cyber and physical threats. It includes securing industrial infrastructure, data, and personnel from theft, sabotage, espionage, and other forms of attacks.

Information Security

Information security encompasses a set of principles, procedures, tools, and practices aimed at protecting information throughout its lifecycle. This applies to both data stored electronically and on paper. The goal is to ensure that information is protected against various threats, both internal and external.

Information Security Architecture

Information Security Architecture (ISA) is a structural approach to designing, implementing, and managing information security in an organization. ISA includes a set of principles, standards, processes, and tools aimed at protecting the confidentiality, integrity, and availability of data and IT systems.

Internet of Things

Internet of Things (IoT) is a network of interconnected physical devices that communicate and exchange data over the Internet. These devices can be equipped with sensors, software, and other technologies that enable them to collect and process data and perform specific tasks without human intervention.

IOC

IOC (Indicators of Compromise) are technical artifacts indicating a potential security incident - IP addresses, file hashes, domains, registry keys. IOCs enable detection of known threats and are a fundamental element of threat intelligence.

IP Spoofing

IP spoofing is a cyberattack technique involving falsifying the source IP address in data packets transmitted over a network. Attackers modify IP packet headers to hide their true identity or impersonate another trusted system.

ISA Security Audit

ISA security audit (Independent Safety Assessment) is an independent evaluation of system and process safety, particularly important in the railway sector. It is a comprehensive process aimed at verifying whether a given system or project meets required safety standards and norms.

ISO 22301

ISO 22301 is an international standard published by the International Organization for Standardization (ISO) that specifies requirements for business continuity management systems (BCMS). This standard provides organizations with a framework for planning, implementing, monitoring, and continuously improving a management system aimed at protecting against disruptions, reducing the likelihood of their occurrence, and ensuring quick recovery to normal operations in case of incidents.

ISO 27001

ISO 27001 is an international standard specifying requirements for information security management systems (ISMS). This standard provides organizations with a framework for protecting information and managing risks related to data security. ISO 27001 is part of the ISO/IEC 27000 family of standards covering various aspects of information security management.

ISO 31000

ISO 31000 is an international standard that provides guidelines and principles for risk management in organizations. This standard provides a universal approach to risk identification, analysis, assessment, and treatment, regardless of the type of organization or sector of activity.

IT Architecture

IT architecture is a strategic plan defining the structure and operation of information technologies in an organization. It encompasses both technical and organizational aspects, defining how IT systems support business processes and strategic company goals.

IT Asset Management

IT asset management is a systematic process of planning, acquiring, deploying, maintaining, and retiring an organization's IT resources. It includes comprehensive management of all IT infrastructure elements, including hardware, software, licenses, data, and services, to optimize their utilization and value to the organization.

IT Automation

IT automation is the process of using technology to perform IT tasks and processes without human intervention. It involves the use of software, scripts, tools, and systems that automate repetitive and routine tasks such as infrastructure management, system monitoring, application deployment, and data management.

IT Infrastructure

IT Infrastructure is a collection of technology resources and systems that support an organization's operations. It includes computer hardware, software, computer networks, and processes for managing these resources. IT infrastructure forms the foundation of modern enterprises, enabling data processing, storage, and transmission.

IT Infrastructure Audit

IT infrastructure audit is a comprehensive assessment of an organization's total technology resources, including hardware, software, networks, and IT management processes. It is a systematic examination aimed at verifying the state, performance, and security of a company's IT infrastructure.

IT Infrastructure Monitoring

IT infrastructure monitoring is a comprehensive process of continuous supervision and analysis of all elements of an organization's IT environment. It includes systematic data collection, analysis of performance, availability, and security of IT systems and network infrastructure to ensure their optimal operation.

IT Infrastructure Penetration Testing

IT infrastructure penetration testing is a controlled and ethical process of simulating cyberattacks on an organization's systems, networks, and devices to identify and assess vulnerabilities and security gaps. The goal is to detect weak points in IT infrastructure that could be exploited by real attackers.

IT Optimization

IT optimization is the process of improving IT infrastructure, systems, applications, and business processes to increase their performance, efficiency, and reliability. This includes both hardware modernization and software optimization, as well as managing IT resources in a way that maximizes their value for the organization.

IT Outsourcing

IT Outsourcing is the process of delegating information technology (IT) related tasks to external providers. This includes delegating various IT functions such as infrastructure management, software development, technical support, and consulting to companies specializing in these services. The goal of IT Outsourcing is to enable organizations to focus on their core business while external specialists handle technologies supporting company operations.

IT Planning

IT planning is a strategic process of determining how information technology will support and drive an organization's business goals. It involves creating a long-term vision for technology use, identifying IT needs, and developing strategies and action plans to achieve intended objectives.

IT Project Management

IT project management is the process of planning, organizing, directing, and controlling resources and activities necessary to achieve IT project goals. This includes managing scope, time, costs, quality, human resources, communication, risk, and project stakeholders.

IT Security

IT Security, also known as cybersecurity, is a set of practices, technologies, and processes designed to protect IT systems, networks, devices, and data from threats and cyber attacks. IT security aims to ensure the confidentiality, integrity, and availability of information, which is crucial for protecting organizational digital assets.

IT Security Architecture

IT security architecture is a structural approach to designing, implementing, and managing security measures in information systems. It encompasses a set of principles, standards, processes, and tools aimed at protecting the confidentiality, integrity, and availability of data and IT systems.

IT Security Audit

IT security audit is a systematic evaluation of an organization's information system security measures, aimed at identifying security vulnerabilities and compliance with industry standards and regulations. It includes analysis of technical infrastructure, processes, policies, and practices related to information security.

IT Security Management

IT security management is the process of planning, implementing, monitoring, and maintaining measures to protect an organization's IT resources. This includes protecting data, systems, networks, and applications from cyber threats, as well as ensuring compliance with regulations and industry standards.

IT Service Management

IT Service Management (ITSM) is a set of processes and practices aimed at designing, delivering, managing, and improving IT services in a way that meets the business needs of an organization. ITSM focuses on managing IT service quality, ensuring they are delivered according to established service levels (SLA) and customer expectations.

IT Services Outsourcing

IT services outsourcing is a business strategy that involves delegating some or all IT functions to external service providers specializing in managing and delivering IT solutions.

IT Solutions Implementation

IT solutions implementation is the process of transforming an abstract system or program description into a working IT system. It includes deployment, adaptation, and execution of information technologies in an enterprise to minimize disruptions to its operations and improve operational efficiency.

IT Systems Performance

IT systems performance refers to the efficiency with which information systems, including hardware, software, networks, and databases, perform their tasks. Performance encompasses speed, reliability, scalability, and availability of IT systems, as well as their ability to handle a specific number of users and operations in a given time.

ITDR

ITDR (Identity Threat Detection and Response) is a security solution category focused on detecting and responding to identity-related threats. ITDR monitors identity systems (Active Directory, Azure AD) for attacks like credential theft, privilege escalation, or lateral movement.

ITIL

ITIL (Information Technology Infrastructure Library) is a collection of best practices and standards in IT service management. It provides a comprehensive approach to delivering and maintaining high-quality IT services, focusing on aligning these services with the business needs of the organization.

ITSM

ITSM (Information Technology Service Management) is a strategic approach to designing, delivering, managing, and improving the way information technology (IT) is used in an organization. It focuses on aligning IT services with business and customer needs while ensuring operational efficiency and high service quality.

M

Machine Learning

Machine Learning is a field of artificial intelligence (AI) that focuses on creating algorithms and models that allow computers to learn from data. These algorithms are able to identify patterns, make decisions, and formulate predictions without the need for direct human programming.

Malvertising

Malvertising is a malicious practice that uses online advertising to spread malware. It is a combination of the words 'malicious' and 'advertising'. Cybercriminals use this technique to infect users' devices or direct them to dangerous websites.

Malware

Malware, short for 'malicious software,' is a general term encompassing various types of harmful software whose purpose is to damage, disrupt operation, or gain unauthorized access to computer systems, networks, or devices.

Man-in-the-Middle

Man-in-the-Middle (MitM) is an attack in which an adversary intercepts communication between two parties, enabling eavesdropping, data modification, or credential theft. MitM attacks can occur at the network level (ARP spoofing) or application level (SSL stripping).

Mass Storage System

A mass storage system is a technological infrastructure designed for storing, managing, and sharing large amounts of data. These systems are crucial for organizations that need to store and process large volumes of information efficiently and securely.

Microsegmentation

Microsegmentation is a network security technique that divides infrastructure into small, isolated segments with individual security policies. Microsegmentation limits attacker lateral movement and is a key element of Zero Trust architecture.

Mimikatz

Mimikatz is a penetration testing tool created by Benjamin Delpy, used for extracting passwords, hashes, and Kerberos tickets from Windows memory. It is widely used by both security professionals and cybercriminals.

MITRE ATT&CK

MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a global knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK matrix serves as the foundation for security testing, threat detection, and SOC team maturity assessment.

Mobile Application

A mobile application, also known as a mobile app, is a type of software designed specifically to run on portable devices such as smartphones, tablets, or smartwatches. These applications are created for specific operating systems, most commonly iOS (Apple) and Android (Google).

Mobile Application Security Testing

Mobile application security testing is the process of evaluating and verifying the security of programs installed and run on mobile devices such as smartphones and tablets. The goal of these tests is to identify and eliminate potential security vulnerabilities that could be exploited by attackers to gain unauthorized access to the device, application, or user data.

Mobile Device Management

Mobile Device Management (MDM) is a set of technologies and practices that enable organizations to centrally manage, secure, and monitor mobile devices used by employees.

Mobile Device Security

Mobile device security refers to protecting smartphones, tablets, and other portable electronic devices from threats that may compromise the confidentiality, integrity, or availability of data and applications stored on them.

MTTD

MTTD (Mean Time to Detect) is a security metric measuring the average time from the start of an attack or incident to its detection by security systems or the SOC team. Lower MTTD means faster threat detection and less potential damage.

MTTR

MTTR (Mean Time to Respond/Remediate) is a security metric measuring the average time from incident detection to neutralization or full remediation. MTTR shows team effectiveness in responding to threats and is critical for minimizing damage.

Multi-Factor Authentication

Multi-Factor Authentication (MFA), also known as multi-factor authentication, is a method of securing access to IT systems that requires the user to present two or more pieces of evidence (factors) of identity before gaining access. MFA significantly increases security because even if one factor is compromised, the others still protect the user's account.

N

NDR (Network Detection and Response)

NDR (Network Detection and Response) is a category of security solutions that monitor network traffic in real-time, using AI and machine learning to detect anomalies, threats, and suspicious activities such as lateral movement or data exfiltration.

Network Access Control

Network Access Control (NAC) is a set of technologies and practices used to monitor and control access to a computer network. NAC ensures that only authorized devices compliant with security policies can access network resources.

Network Design

Network design is the process of planning, creating, and implementing network infrastructure that enables communication between devices in an organization. It includes both physical and logical aspects, ensuring that the network is efficient, scalable, and secure.

Network Management

Network management is the process of planning, implementing, monitoring, controlling, and optimizing an organization's network infrastructure. It includes a range of activities aimed at ensuring performance, reliability, and security of computer networks, as well as efficient utilization of network resources.

Network Monitoring

Network monitoring is a process of continuous supervision and analysis of network traffic and the state of network infrastructure to ensure its optimal operation, detect anomalies, and identify potential threats.

Network Security

Network security is the practice of protecting the integrity, confidentiality, and availability of computer networks and data transmitted through these networks. It encompasses a set of strategies, technologies, and procedures aimed at protecting against unauthorized access, use, modification, or destruction of network resources.

Network Virtualization

Network virtualization is a technology that enables creating logical, virtual networks independent of physical network infrastructure. It allows for abstraction of network resources such as switches, routers, and firewalls from hardware, enabling more flexible and efficient network management.

NIS2

NIS2 (Network and Information Security Directive 2) is an EU directive establishing cybersecurity requirements for essential and important entities with personal management liability and mandatory incident reporting.

NIST Cybersecurity Framework

NIST Cybersecurity Framework (NIST CSF) is a set of standards and best practices for managing cybersecurity risk, developed by the National Institute of Standards and Technology. CSF organizes security activities into five functions: Identify, Protect, Detect, Respond, Recover.

Nmap

Nmap (Network Mapper) is a free, open-source network scanning and security auditing tool. It is used to discover hosts, services, open ports, and identify operating systems on computer networks.

O

OpenShift

OpenShift is a containerization and orchestration platform developed by Red Hat that enables organizations to quickly build, deploy, and manage applications in cloud and on-premise environments.

Operating System

An operating system is the fundamental computer software that manages hardware and resources, enabling interaction between the user and the device. It is an intermediary layer between computer hardware and user applications, ensuring efficient resource utilization and facilitating task execution.

OSINT

OSINT, or Open Source Intelligence, is the process of collecting, analyzing, and using information from publicly available sources. It is a form of white intelligence that relies on legal and ethical methods of obtaining data. OSINT does not include any illegal activities such as hacking or breaking security measures, focusing solely on publicly accessible information.

OT (Operational Technology)

OT (Operational Technology) refers to hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes, and events in the enterprise. OT systems are used in industrial environments to control and monitor manufacturing processes, energy production, transportation, and other critical infrastructure.

OT Security Architecture

OT Security Architecture (Operational Technology Security Architecture) is a structural approach to designing, implementing, and managing security in OT (Operational Technology) systems. The goal of OT security architecture is to protect industrial systems, devices, and processes from cyber threats while ensuring operational continuity and integrity.

OWASP Top 10

OWASP Top 10 is a ranking of the most critical security risks for web applications, published by the Open Web Application Security Project. The list is regularly updated (most recent 2021) and serves as the foundation for web application security testing.

P

Pass-the-Hash

Pass-the-Hash (PtH) is an attack technique that uses a stolen password hash (instead of plaintext password) for authentication. In Windows environments, NTLM hashes can be used directly for authentication without knowing the actual password.

Passkeys

Passkeys are a modern authentication method based on the FIDO2/WebAuthn standard, replacing passwords with cryptographic keys. Passkeys are synchronized between user devices and are phishing-resistant, representing the future of passwordless login.

Password Spraying

Password spraying is an attack technique that involves trying a small number of common passwords against many accounts. Unlike brute force (many passwords against one account), spraying avoids lockouts and is harder to detect.

Passwordless Authentication

Passwordless authentication is an authentication method that eliminates passwords in favor of more secure alternatives: biometrics, hardware keys (FIDO2), magic links, or passkeys. Passwordless authentication reduces the risk of phishing and credential stuffing.

Patch

A patch is a piece of code or set of changes applied to software to fix bugs, security vulnerabilities, improve performance, or add new features. Patches are essential for keeping software current and secure.

Patch Management

Patch management is the process of identifying, testing, deploying, and monitoring software patches to fix bugs, remove security vulnerabilities, and improve the performance and functionality of IT systems. Patches may apply to operating systems, applications, network devices, and other IT components.

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards developed by major card organizations to protect payment card data. This standard defines requirements for secure processing, storage, and transmission of credit card information.

Penetration Testing

Penetration testing, also known as pentesting, is a controlled process of simulating a real attack on an IT system, application, or network infrastructure to detect security vulnerabilities. Security testers, taking on the role of potential attackers, attempt to breach system security while maintaining ethical conduct.

Performance Management

Performance management is a systematic process of monitoring, analyzing, and optimizing the performance of IT systems, applications, and infrastructure to ensure their optimal functioning and meeting business requirements. It includes a range of activities aimed at identifying performance issues, resolving them, and continuously improving IT system efficiency.

Personal Data Protection

Personal data protection is a set of practices, policies, and technologies aimed at securing data identifying natural persons from unauthorized access, use, disclosure, modification, or destruction. This includes both data collected and processed by organizations and data stored by private individuals.

Pharming

Pharming is an advanced form of cyber attack aimed at redirecting users to fake websites to steal confidential information.

Phishing

Phishing is a type of social engineering attack that aims to deceive the victim and induce them to disclose confidential information or perform harmful actions.

Pretexting

Pretexting is a psychological manipulation method in which the perpetrator creates fictional scenarios to obtain confidential information without the victim's knowledge. People using this technique, known as social engineers, create situations or stories aimed at gaining the victim's trust and persuading them to disclose personal, financial, or other valuable information.

Private Cloud

Private cloud is a cloud computing model in which IT infrastructure is dedicated exclusively to a single organization. Unlike public cloud, private cloud resources are not shared with other entities. Private cloud can be located in the organization's internal data center or hosted by an external service provider, but is always managed and used exclusively by that organization.

Privileged Access

Privileged access is a level of access to IT systems that allows users to perform advanced administrative operations, such as system management, software installation, configuration modification, or access to sensitive data. Users with privileged access have greater permissions than standard users.

Privileged Access Management

Privileged Access Management (PAM) is a set of strategies, processes, and technologies aimed at managing, controlling, and monitoring privileged access in an organization. PAM focuses on protecting user accounts that have extended permissions to systems, applications, and data, minimizing the risk of abuse and cyber attacks.

Public Cloud

Public cloud is a cloud computing model in which IT resources such as servers, storage, databases, networks, and applications are provided by external cloud service providers via the internet. In public cloud, infrastructure is shared by multiple users, but data and workloads are isolated from each other and invisible to other customers.

Public Key Infrastructure

Public Key Infrastructure (PKI) is a set of roles, policies, procedures, hardware, software, and services needed to manage cryptographic keys and digital certificates. PKI enables secure communication and information exchange in digital environments by providing authentication, data integrity, and confidentiality.

Purple Team

Purple Team is a security testing approach that combines Red Team (offense) and Blue Team (defense) activities in a collaborative manner. Instead of competition, both teams work together to maximize threat detection and improve the organization's protection.

R

Ransomware

Ransomware is a type of malicious software (malware) that blocks access to a computer system or encrypts data, then demands a ransom for unlocking or decryption. The name comes from the English words 'ransom' and 'software'.

RASP

RASP (Runtime Application Self-Protection) is a security technology embedded in an application that monitors and protects it from within during runtime. RASP detects and blocks attacks in real-time, using application context for precise detection.

Red Team

Red Team is a group of highly skilled security specialists whose task is to simulate real attacks on an organization's systems, networks, and processes to identify security vulnerabilities and evaluate the effectiveness of existing defensive mechanisms.

Remote Desktop Protocol

Remote Desktop Protocol (RDP) is a network protocol developed by Microsoft that enables remote connection and management of a computer or server. RDP allows users to access the desktop, applications, and files on a remote device as if they were working directly on it.

Risk Assessment

Risk assessment is a systematic process of identifying, analyzing, and evaluating potential threats to an organization, its resources, and business objectives. In the context of cybersecurity, risk assessment focuses on threats related to IT systems and data.

Risk Management

Risk Management is a systematic process of identifying, analyzing, assessing, and controlling potential threats to an organization. It includes activities aimed at minimizing the negative impact of risk on business objectives and maximizing potential benefits from taking controlled risks.

Rootkit

A rootkit is a type of malicious software that allows unauthorized users to gain access to a computer and control it without the owner's knowledge. Rootkits are designed to hide their presence and the activity of other malicious programs, making them difficult to detect and remove.

S

SAML

SAML (Security Assertion Markup Language) is an open standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). SAML enables Single Sign-On (SSO) across different systems and applications, increasing security and user convenience.

SASE

SASE (Secure Access Service Edge) is a network architecture combining network connectivity (SD-WAN) and cloud-delivered security functions (SWG, CASB, ZTNA, FWaaS). SASE provides secure access to applications regardless of user or resource location.

SAST (Static Application Security Testing)

SAST (Static Application Security Testing) is a method of application security testing through analysis of source code, bytecode, or binary without running the application, detecting vulnerabilities such as SQL injection, XSS, or hardcoded secrets at an early stage of development.

SBOM

SBOM (Software Bill of Materials) is a formal record of all components, libraries, and dependencies in an application. SBOM enables vulnerability tracking in software supply chain and is increasingly required by regulations (US Executive Order, EU Cyber Resilience Act).

SCA

SCA (Software Composition Analysis) is a DevSecOps tool that analyzes external components and open source libraries in an application for known vulnerabilities, license issues, and supply chain risk. SCA is critical for security of modern applications dependent on dependencies.

SCADA

SCADA (Supervisory Control And Data Acquisition) is a computer system used for supervision, control, and data acquisition in industrial processes. SCADA enables monitoring and controlling technological processes in real-time, providing operators and engineers with complete visibility into industrial plant operations.

Scam

A scam is a form of fraud in which a fraudster attempts to extort money, personal data, or other valuable information from a victim by misleading them. Scams can take various forms, including fake emails, websites, SMS messages, phone calls, and many others.

Secure Coding

Secure coding is a set of practices, techniques, and tools used in the software development process aimed at minimizing the risk of security vulnerabilities. The goal of secure coding is to ensure that code is resistant to attacks and does not contain vulnerabilities that could be exploited by cybercriminals.

Security Architecture

Security architecture is a comprehensive approach to designing, implementing, and managing security systems and processes in an organization. It includes a set of principles, standards, procedures, and tools aimed at protecting information assets from threats, ensuring data integrity, confidentiality, and availability.

Security Architecture Analysis

Security Architecture Analysis is the process of evaluating, reviewing, and optimizing the structure of IT systems and security measures implemented in an organization. Its goal is to identify potential vulnerabilities and weaknesses in IT architecture and ensure that implemented protection mechanisms comply with best practices and security standards.

Security Audit

A security audit is a systematic, independent, and documented process for evaluating the effectiveness and compliance of policies, procedures, systems, and protection mechanisms in an organization. The goal of a security audit is to identify weaknesses, threats, and risks related to information security.

Security Awareness

Security Awareness is the knowledge and attitudes of employees regarding cyber threats and their ability to recognize and appropriately respond to potential attacks and security incidents.

Security Configuration

Security configuration is the process of setting and adjusting parameters of IT systems, applications, and network devices to ensure an optimal level of protection against cybersecurity threats. It includes a range of actions aimed at strengthening security and minimizing potential vulnerabilities in IT systems.

Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM) is a comprehensive information security management solution that combines Security Information Management (SIM) and Security Event Management (SEM) functions. SIEM collects, analyzes, and correlates data from various sources in IT infrastructure to detect potential threats, anomalies, and security incidents in real-time.

Security Operations Center (SOC)

Security Operations Center (SOC) is a central location where a team of security specialists monitors, analyzes, and responds to IT security threats in real-time. SOC is responsible for protecting the organization's IT infrastructure, data, and applications from cyberattacks and other threats.

Security Orchestration, Automation and Response

Security Orchestration, Automation and Response (SOAR) is a set of tools and technologies that enable organizations to manage security threats through process automation, action coordination, and rapid incident response. SOAR integrates various security systems, automates routine tasks, and enables security teams to more effectively manage incidents.

Security Policy

A security policy is a formal document that defines the rules, procedures, and guidelines for managing information security in an organization. It is a set of rules aimed at protecting data, IT systems, and resources from internal and external threats.

Server

A server is a specialized computer or software that provides services, resources, or data to other computers, called clients, in a computer network. Servers are designed for continuous operation, handling multiple simultaneous requests, and managing shared resources.

Server Solutions

Server solutions are a set of technologies, hardware, and software that enable storing, processing, and managing data and applications in a network environment. Servers play a key role in IT infrastructure, supporting various services such as website hosting, databases, business applications, and email.

Server Virtualization

Server virtualization is a technology that enables running multiple virtual servers on a single physical server. With server virtualization, hardware resources can be efficiently utilized, management flexibility increased, and IT infrastructure scalability improved.

Service Level Agreement

Service Level Agreement (SLA) is a formal agreement between a service provider and a customer that defines the expected level of quality, availability, and performance of a service. SLA defines specific measurable parameters by which service quality is assessed and specifies consequences for not meeting these standards.

Session Hijacking

Session hijacking is an attack that involves taking over a user's active session by stealing the session token or cookie. The attacker gains access to the application as the victim, bypassing authentication. Session hijacking is particularly dangerous after MFA implementation.

SHA-256

SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function producing a 256-bit hash. It is part of the SHA-2 family and is used for data integrity verification, password storage, and blockchain technology.

Shadow AI

Shadow AI refers to the unauthorized use of artificial intelligence tools and systems by employees without the knowledge, consent, or oversight of the organization's IT and security departments.

Shadow IT

Shadow IT refers to the practice of using IT systems, devices, software, applications, or services by organization employees without the knowledge and approval of the IT department or management. These are solutions that have not been officially approved, implemented, or supported by the organization's IT department.

Sharenting

Sharenting is the phenomenon of parents excessively sharing information and photos of their children on social media. This practice can lead to privacy threats, child identity theft, and cyberbullying.

Shift-left Security

Shift-left security is a DevSecOps approach that moves security practices to earlier stages of the software development lifecycle. Instead of testing security before deployment, security is integrated from the design and coding phases.

Shodan

Shodan is a search engine for internet-connected devices, often called 'Google for IoT'. It indexes information about servers, routers, cameras, industrial systems, and other devices visible on the network, revealing their configuration and potential vulnerabilities.

Significant Incident

A significant incident under NIS2 is a cybersecurity incident that has caused or is capable of causing severe operational disruption of services or financial loss for the entity, or has affected or is capable of affecting other natural or legal persons by causing considerable material or non-material damage.

Slowloris

Slowloris is a type of low-and-slow DDoS attack that keeps HTTP connections open with a server by sending incomplete requests. The attack effectively exhausts the server's connection pool with minimal bandwidth usage.

Smishing

Smishing (SMS phishing) is a form of cyberattack in which fraudsters use SMS messages to extract confidential information such as login credentials, credit card numbers, or other personal data. Attackers impersonate trusted institutions or individuals to trick victims into clicking malicious links or providing their data.

Sniffing

Sniffing is a technique for intercepting and analyzing network traffic. It involves monitoring data packets transmitted over a computer network to obtain information about communication between devices. Sniffing can be used for both legal purposes (e.g., network diagnostics) and illegal purposes (e.g., data theft).

SOC 2

SOC 2 (System and Organization Controls 2) is a security audit standard developed by AICPA that assesses the effectiveness of controls in service organizations. A SOC 2 report confirms that a company meets Trust Services Criteria in areas of Security, Availability, Confidentiality, Processing Integrity, and Privacy.

SOC as a Service

SOC as a Service (Security Operations Center as a Service), also known as Managed SOC, is an outsourcing model for services related to monitoring, analyzing, and responding to IT security threats. In this model, an external provider delivers comprehensive security operations center (SOC) services to organizations using advanced tools, technologies, and qualified personnel.

Social Engineering

Social engineering is a set of psychological manipulation techniques used by cybercriminals to persuade people to reveal confidential information or perform specific actions that compromise security.

Social Engineering Testing

Social engineering testing is a method of assessing organizational security that involves simulating social engineering attacks to identify human factor vulnerability to manipulation. The goal is to check how employees react to attempts to extract information, manipulation, or other forms of fraud, and to evaluate the effectiveness of existing security procedures.

Software Defined Network

Software Defined Network (SDN) is a modern approach to managing computer networks that separates the control layer from the data forwarding layer. SDN enables central management and programming of networks using software, allowing dynamic and flexible adjustment of network infrastructure to changing business needs.

Source Code Security

Source code security is a set of practices, tools, and processes aimed at protecting the integrity, confidentiality, and availability of software source code. It includes actions to prevent unauthorized access, modifications, and use of source code, as well as eliminating potential vulnerabilities in the code itself.

Source Code Vulnerability Analysis

Source code vulnerability analysis is the process of systematically examining and evaluating application source code to identify potential security vulnerabilities, programming errors, and other weaknesses that could be exploited by attackers. It is a key element in the secure software development lifecycle.

Spam

Spam refers to unsolicited, unwanted electronic messages that are mass-distributed to a large number of recipients. Most commonly, spam takes the form of emails, but it can also include SMS messages, blog comments, posts on internet forums, and social media messages.

Spear Phishing

Spear phishing is an advanced form of phishing in which attackers target specific individuals or organizations using personalized email messages or other forms of communication. Unlike traditional phishing, which is mass and non-personalized, spear phishing is precisely targeted, increasing its effectiveness.

SPF

SPF (Sender Policy Framework) is an email authentication method that verifies which servers are authorized to send email for a given domain. SPF uses a DNS TXT record listing authorized IP addresses, enabling spam and spoofing detection.

Spoofing

Spoofing is a cyberattack technique in which an attacker impersonates another person, device, or system to gain unauthorized access to data, systems, or networks. The goal of spoofing is to deceive the victim or system into believing they are communicating with a trusted source.

Spyware

Spyware is a type of malicious software that secretly installs itself on a user's device to collect and transmit information without their knowledge and consent. Spyware can collect various types of data, from internet browsing history to personal and financial data.

SQL Injection

SQL Injection is a cyberattack technique in which malicious SQL code is injected into application queries to manipulate the database. Attackers exploit vulnerabilities in applications to inject and execute unwanted SQL commands, which can lead to unauthorized access, modification, or theft of data.

SSE

SSE (Security Service Edge) is a SASE component encompassing cloud-delivered security functions: SWG, CASB, ZTNA, and FWaaS. SSE protects access to the internet, SaaS applications, and private applications without routing traffic through a central data center.

SSO (Single Sign-On)

SSO (Single Sign-On) is an authentication mechanism that allows a user to access multiple applications and systems using a single set of login credentials. After logging in once, the user gains access to all connected systems without having to re-enter authentication data.

Storage Virtualization

Storage virtualization is a technology that enables consolidation and management of different storage resources as a single, coherent logical unit. With storage virtualization, physical storage resources (such as hard drives, disk arrays) can be managed and allocated in a more flexible and efficient way.

Supply Chain Attack

A supply chain attack is an attack that compromises a trusted supplier or vendor to gain access to their customers. Instead of attacking the target directly, adversaries compromise software, hardware, or services used by the target organization.

System Integration

IT system integration refers to the process of connecting different IT systems to enable their cooperation and data exchange. The goal of integration is to create a coherent IT environment that enables smooth information flow between different applications and systems, which in turn increases operational efficiency and minimizes errors.

T

Tabletop Exercise

A tabletop exercise is a type of simulation exercise designed to test and evaluate an organization's readiness to respond to security incidents. Tabletop exercises take the form of table discussions where participants analyze and discuss hypothetical threat scenarios to identify potential gaps in procedures and improve incident response strategy.

Tailgating

Tailgating is a security breach method in which an unauthorized person gains access to a protected area by exploiting the politeness or inattention of authorized users. The attacker typically pretends to be an employee or guest and enters the secured zone immediately behind someone who has just used their access card or code.

Threat Analysis

Threat Analysis is the process of identifying, evaluating, and prioritizing potential threats that may affect the security of IT systems, data, and organizational operations. The goal of threat analysis is to understand the risks associated with different types of threats and develop strategies to minimize or eliminate them.

Threat Hunting

Threat hunting is a proactive cybersecurity approach that involves actively searching for threats in an environment that haven't been detected by automated tools. Threat hunters use hypotheses, TTP knowledge, and data analysis to identify advanced attackers.

Threat Intelligence

Threat Intelligence (TI) is evidence-based knowledge about existing or emerging threats. TI encompasses information about TTPs, IOCs, attacker attribution, and context enabling better security decisions and proactive threat defense.

Threat Modeling

Threat Modeling is a process of systematically identifying, assessing, and prioritizing potential threats that may affect the security of IT systems and organizational data. This process involves analyzing systems and applications to understand what weaknesses could be exploited by potential attackers, and then implementing appropriate countermeasures to minimize risk.

TISAX

TISAX (Trusted Information Security Assessment Exchange) is an information security assessment standard created by the German organization VDA (Verband der Automobilindustrie) for the automotive industry. TISAX provides a unified approach to information security assessment in the automotive industry supply chain.

Tokenization

Tokenization is a data protection technique that replaces sensitive data (e.g., card numbers) with random tokens that have no value outside the system. Original data is stored in a secure vault, and the token is used in business processes.

Trojan

A Trojan, also known as a Trojan horse, is a type of malware that masquerades as legitimate programs or files to infect a computer or mobile device. Unlike viruses, Trojans do not replicate themselves but can open doors to other malicious activities such as data theft, additional malware installation, or remote device control.

TTP

TTP (Tactics, Techniques, Procedures) is a framework describing how cybercriminals operate. Tactics define the attack goal, Techniques the methods to achieve the goal, and Procedures the specific implementations. TTP forms the foundation of threat intelligence and is key to understanding adversary behavior.

V

Virtual Desktop Infrastructure

Virtual Desktop Infrastructure (VDI) is a technology that enables creation and management of virtual desktops on a central server. Users can access their virtual desktops from any location and device, providing flexibility and mobility. VDI is often used in corporate environments for centralized management and increased security.

Virtual Machine

A virtual machine (VM) is a software equivalent of a physical computer that operates in an isolated environment on a physical host. Virtual machines enable running multiple operating systems and applications on a single physical server, increasing hardware resource utilization efficiency.

Virtual Private Network

Virtual Private Network (VPN) is a network technology that creates a secure, encrypted connection between a user's device and a target network over the internet. VPN enables users to securely use public networks while maintaining privacy and anonymity online.

Virtualization

Virtualization is a technology that enables creating virtual versions of computing resources such as servers, storage, networks, and even entire operating systems. With virtualization, multiple virtual machines (VMs) can run on a single physical host, allowing for more efficient utilization of hardware resources.

Virus

A computer virus is a type of malicious software designed to self-replicate and spread to other computers. Viruses can modify or destroy data, disrupt computer systems, and utilize system resources without user consent.

Vishing

Vishing (voice phishing) is a form of fraud in which attackers use phone calls to extract confidential information from victims. Vishing combines social engineering techniques with voice communication to convince victims to reveal personal, financial, or other sensitive information.

VPN

VPN (Virtual Private Network) is a technology that creates an encrypted, secure connection over a public network, enabling private communication and protecting data from interception.

Vulnerability Assessment

Vulnerability Assessment is a systematic process of identifying, analyzing, and classifying security vulnerabilities in IT systems, networks, applications, and infrastructure of an organization. The goal of vulnerability assessment is to detect potential weaknesses that could be exploited by attackers and provide information necessary for remediation.

Vulnerability Management

Vulnerability Management is a systematic process of identifying, assessing, prioritizing, and eliminating security gaps in an organization's IT systems, networks, and applications. The goal of this process is to reduce the risk of cyberattacks through proactive detection and remediation of weak points in IT infrastructure.

Vulnerability Scanner

A vulnerability scanner is a tool or software used to identify, analyze, and report potential security vulnerabilities in IT systems, networks, applications, or devices. Its main goal is to detect weak points in IT infrastructure that could be exploited by attackers to gain unauthorized access or conduct an attack.

W

WAN Network

A WAN (Wide Area Network) is a wide-area computer network that connects smaller networks, such as local area networks (LAN), over large geographical areas. WAN enables communication and data exchange between distant locations, often spanning entire countries or even continents.

Watering Hole Attack

A Watering Hole Attack is a targeted attack that involves compromising a website frequently visited by a specific target group. The attacker infects a trusted site with an exploit or malware, which then attacks visitors from the selected organization or sector.

Web Application

A web application, also known as an internet application or web app, is a type of software that runs in a web browser and does not require installation on the user's device. Unlike traditional desktop applications, web applications are accessible from any device with internet access and a browser.

Web Security

Web Security is a collection of practices, technologies, and strategies aimed at protecting websites, web applications, and user data from cyber threats. Web security includes protection against attacks that can lead to data theft, privacy breaches, company reputation damage, and other harmful activities.

Web Services

Web services are standards and technologies enabling communication between different applications over the internet or private networks. Web services allow for data and function exchange between systems regardless of platform, programming language, or geographical location.

Web Services Security Testing

Web services security testing is the process of evaluating and verifying the security of network services such as APIs, SOAP, and RESTful services that are used for communication between applications over the internet. The goal of these tests is to identify and eliminate potential security vulnerabilities that could be exploited by attackers to gain unauthorized access to data or systems.

Whaling Phishing

Whaling phishing, also known as whaling, is an advanced form of phishing that targets high-ranking organizational representatives such as CEOs, CFOs, and other board members. These attacks are carefully planned and personalized to deceive victims and induce them to reveal confidential information or take actions that could harm the organization.

Wi-Fi Network

A Wi-Fi (Wireless Fidelity) network is a wireless local area network (WLAN) that enables devices such as computers, smartphones, tablets, and other wireless devices to connect to the internet or other computer networks using radio waves. Wi-Fi is based on IEEE 802.11 standards and is widely used in homes, offices, schools, and public places.

Wi-Fi Network Penetration Testing

Wi-Fi network penetration testing is the process of assessing the security of wireless local area networks (WLAN) through attack simulation and unauthorized access attempts. The goal is to identify security vulnerabilities that could be exploited by potential attackers to gain unauthorized network access or intercept data.

Wi-Fi Security

Wi-Fi security is a collection of practices, technologies, and strategies aimed at protecting wireless networks from unauthorized access, attacks, and other threats. Wi-Fi security ensures confidentiality, integrity, and availability of data transmitted over wireless networks.

Wireless Network Security

Wireless network security refers to the measures and practices used to protect Wi-Fi networks from unauthorized access, attacks, and other threats. It includes securing data transmitted over wireless networks and ensuring that only authorized users can access the network and its resources.

Wireless Networks

Wireless networks are communication systems that enable data transmission between devices without the need for physical cable connections. They use radio waves or infrared to transmit information, providing mobility and flexibility in network access.

Wireshark

Wireshark is a free, open-source network protocol analyzer used to capture and analyze network traffic in real-time. It is one of the most popular tools for network diagnostics and security analysis.

Most Popular Terms

Frequently searched IT and cybersecurity concepts.

Ransomware Zero Trust NIS2 Phishing VPN

Knowledge Base

Hundreds of expert articles on IT and cybersecurity.

Cybersecurity Services

Penetration testing, SOC, vulnerability management.

Consultation

Talk to our experts about IT security solutions.

Want to Reduce IT Risk and Costs?

Book a free consultation - we respond within 24h

Response in 24h Free quote No obligations
Book a Call +48 22 487 86 36

Or download free guide:

Download NIS2 Checklist