Threat Data and Intel
Term for malware that is available to be purchased on dark web
Commodity Malware
The acting of attempting to run an SQL command in an input field
SQLi (Injection)
Tool that combines security data from separate sources into an integrated and centralized dashboard
Single Pane of Glass
The act of correcting or plugging a vulnerability found during an assessment
Patching or Updating
Term for clues and evidence of a data breach
IoC (Indicators of Compromise)
A process created by Lockheed Martin that identifies what steps an adversary must complete in order to achieve their objective.
Cyber Kill Chain
Add a hidden malware or page overlay onto web site to execute covert code when you click an icon
Clickjacking
Used in place of virtualization and allows for an application to be packaged completely with all support files and ran in isolated environments
Containerization
The CVSS Score Metric PR value that is detrimental to the target (/N, /L, or /H)
None (/N)
XDR
Extended Endpoint Detection and Response
A knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's attack lifecycle
Mitre ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge)
Occurs when the amount of data in RAM exceeds its storage capacity and spills out into adjacent memory locations
Buffer Overflow
Cloud Infrastructure tool specifically designed to assess AWS cloud resources
Prowler or PACU
Protocol standard commonly used to uphold internal and external compliance requirements by adhering to standard processes, results reporting, scoring, and vulnerability prioritization.
SCAP Security Content Automation Protocol
developing the data you currently have to make it more valuable
Data enrichment
Proactive process to discover threats that have not been identified by standard monitoring and alerting mechanisms
Threat hunting
Method of taking over a web user communication by obtaining the SID from a cookie and masquerading as the authorized user
Session hijacking
A component installed in a CPU to allow for dynamic and real-time reprogramming of the chip
eFuse
Term for when an automated scan is ran on a web server and does not alert to a vulnerability that does exist
False negative
Testing type to ensure that the functionality of a new app is appropriate for all users
UAT (User acceptance testing)
Protocol and Application Programming Interface (API) for transferring STIX format information securely
TAXII (Trusted Automated eXchange of Indicator Information)
*STIX is the message, TAXII the vehicle for delivery
Client-side attack that injects a malicious script into a web browser, taking advantage of the browser-website trust
Cross-Site Script (XSS)
A specialized internal communications network that interconnects components in a vehicle
CAN BUS (Controller Area Network)
The CVSS Score metric C value that is the most detrimental to a target (/H, /L, or /N)
High (/H)
The idea that a country or jurisdiction has the authority and right to govern and control the data stored within its borders
Data sovereignty