Attacks
A manipulation technique that exploits human psychology to trick individuals into revealing confidential information or performing actions that compromise security.
Social engineering
A weakness or flaw in a system, application, or network that could be exploited by attackers to gain unauthorized access or cause harm.
Vulnerability
Information that organizations use to understand, mitigate, and respond to current and emerging threats to their cybersecurity posture.
Cyber Threat Intelligence (CTI)
The process of managing updates for software applications and technologies. This involves installing, testing, and deploying patches to fix vulnerabilities.
Patch management
An attack that aims to make a computer or network resource unavailable to its intended users by overwhelming it with traffic or requests.
denial of service
The selective restriction of access to a place or resource, ensuring that only authorized users can access certain data or systems.
Access control
A device or software application that monitors networks or systems for malicious activity or policy violations and alerts administrators.
Intrusion Detection System (IDS)
The process of converting data into a coded format that is unreadable without a decryption key. This is used to protect sensitive information from unauthorized access.
Encryption
Malicious software designed to harm, exploit, or otherwise compromise a computer system. Types include viruses, worms, trojans, and ransomware.
Phising
A comprehensive solution that provides real-time analysis of security alerts generated by applications and network hardware, helping organizations monitor and respond to security threats.
Security Information and Event Management
An extra layer of security used to ensure that people trying to gain access to an online account are who they say they are, typically requiring a second form of verification beyond just a password.
Two-factor authentication (2FA)
An extra layer of security used to ensure that people trying to gain access to an online account are who they say they are, typically requiring a second form of verification beyond just a password.
Two-Factor Authentication
A type of malware that encrypts a victim's files and demands payment (ransom) for the decryption key. It can cause significant data loss and financial damage.
Ransomware
A network of compromised computers or devices that are controlled by an attacker to perform tasks, often without the users’ knowledge, such as sending spam or launching attacks.
Botnet
An attack that aims to make a computer or network resource unavailable to its intended users by overwhelming it with traffic or requests.
Denial of Service (DoS)
A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks.
Firewall
An incident where unauthorized individuals gain access to sensitive, protected, or confidential data, often leading to data theft and compromise.
Data breach
An attack that occurs on the same day a vulnerability is discovered and before a patch is released. This type of exploit takes advantage of the window of time when no defense is available.
Zero-day exploit
A comprehensive solution that provides real-time analysis of security alerts generated by applications and network hardware, helping organizations monitor and respond to security threats.
Security Information and Event Management (SIEM)
A device or software application that monitors networks or systems for malicious activity or policy violations and alerts administrators.
Instrusion Detection System