Threat Data and Intel
Term for viruses, worms, adware/spyware, ransomware, and DDOS tools that are available to be purchased on dark web
Commodity Malware
What utility is this output coming from
Get-ChildItem -Path C:\
Powershell
Spoof some element of a web page by adding a hidden element or page overlay to get victim to click it
Clickjacking
Application or service that helps you securely control access to resources. You can centrally manage permissions that control which resources users can access. You use it to control who is authenticated (signed in) and authorized (has permissions) to use resources.
IAM Identity and Access Management
Testing type to ensure that the functionality of a new web app is appropriate for all users
User acceptance testing UAT
A model created by Lockheed Martin for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective.
Kill Chain
reconnaissance, weaponization, delivery, exploitation, installation, command and control (C2), and actions on objectives
Term for clues and evidence of a data breach
IoC Indicators of Compromise
Method of taking over a web user session by obtaining the session ID from a cookie and masquerading as the authorized user
Session hijacking
Dispenses with the idea of a hypervisor and instead enforces resource separation at the operating system level
Containerization
Scanning type that probes the device's configuration using some sort of network connection with the target. It consumes more network bandwidth and runs the risk of crashing the target
Active
A knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's attack lifecycle and the platforms they are known to target. TTP( Tactics, Techniques and Procedures)
(ATT&CK) Adversarial Tactics, Techniques, and Common Knowledge
The idea that a country or jurisdiction has the authority and right to govern and control the data generated within its borders
Data sovereignty
XSS attack type in which hacker injects malicious code into a data store on the server used by the trusted page
Persistant (stored) XSS
Tool you would use to prevent the exposure of PII in emails and file transfer
DLP (Data Loss Prevention)
A validated vulnerability tool that adheres to standard checklist for scanning processes, results reporting, scoring, and vulnerability prioritization. This protocol standard is commonly used to uphold internal and external compliance requirements.
SCAP Security Content Automation Protocol
Proactive process to discover threats that have not been identified by standard monitoring and alerting mechanisms
Threat hunting
Metric that measures how long it takes a cybersecurity team to identify a security incident
MTTD (Mean Time to Detect)
Occurs when the amount of data in the buffer exceeds its storage capacity. That extra data overflows into adjacent memory locations and corrupts or overwrites the data in those locations
Buffer overflow
A specialized internal communications network that interconnects components in a vehicle
CAN Controller Area Network
Generates a score from 0 to 10 based on the severity of the vulnerability. A score of 0 means the vulnerability is less significant than the highest vulnerability with a score of 10
CVSS Common Vulnerability Scoring System
Protocol and Application Programming Interface (API) for transferring STIX format CTI (cyber threat intelligence) over networks securely
(TAXII) Trusted Automated eXchange of Indicator Information
Outputs a summary of RAM usage, including total, used, free, shared, and available memory and swap space on Linux
Free
XSS attack type in which hacker injects malicious code from the client browser in the context of a trusted page
Reflected XSS
Encrypted container for sensitive data inside of CPU or memory
Secure Enclave
Term for when a real vulnerability is overlooked by scanner
False negative