Threat Data and Intel
Term for malware that is available to be purchased on dark web
Commodity Malware
Attack that allows remote commands to be executed on target device
RAT (Remote Access Trojan)
Tool that combines data from separate sources into an integrated and centralized dashboard
Single Pane of Glass
Web Application Scanner that is published by OWASP
ZAP
Term for clues and evidence of a data breach
IoC (Indicators of Compromise)
A process created by Lockheed Martin that identifies what steps an adversary must complete in order to achieve their objective.
Kill Chain
reconnaissance, weaponization, delivery, exploitation, installation, command and control (C2), and actions on objectives
Add a hidden malware or page overlay onto web site to execute covert code when you click an icon
Clickjacking
Used in place of virtualization and allows for an application to be packaged completely with all support files and ran in isolated environments
Containerization
Type of input testing that attempts to use unexpected or random data
Fuzzing
Term for information collected concerning threats against your business and kept in-house
Closed-Source Intelligence
A knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's attack lifecycle
Mitre ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge)
Occurs when the amount of data in the buffer exceeds its storage capacity which overflows into adjacent memory locations
Buffer Overflow
Cloud Infrastructure tool specifically designed to assess AWS cloud resources
Prowler or PACU
Protocol standard commonly used to uphold internal and external compliance requirements by adhering to standard processes, results reporting, scoring, and vulnerability prioritization.
SCAP Security Content Automation Protocol
Requirement that you save information when required or asked to
Legal Hold
Proactive process to discover threats that have not been identified by standard monitoring and alerting mechanisms
Threat hunting
Method of taking over a web user session by obtaining the session ID from a cookie and masquerading as the authorized user
Session hijacking
A component installed in a CPU to allow for dynamic and real-time reprogramming of the chip
eFuse
Term for when an automated scan is ran on a web server and does not alert to a vulnerability that does exist
False negative
XDR
Extended Endpoint Detection & Response
Protocol and Application Programming Interface (API) for transferring STIX format CTI (cyber threat intelligence) securely over networks
TAXII (Trusted Automated eXchange of Indicator Information)
*STIX is the message, TAXII the vehicle for delivery
Client-side attack that injects a malicious script into a web browser, taking advantage of the browser-website trust
Cross-Site Script (XSS)
A specialized internal communications network that interconnects components in a vehicle
CAN BUS (Controller Area Network)
CVSS Score metric value that is considered of grave consequences to a target device/account under the "C" Metric
High (H)
The idea that a country or jurisdiction has the authority and right to govern and control the data stored within its borders
Data sovereignty