Threat Data and Intel
Term for malware that is available to be purchased on dark web
Commodity Malware
Name for isolated environment to purpose malware analysis or security testing
Sandbox
Tool that combines data from separate sources into an integrated and centralized dashboard
Single Pane of Glass
Overall effort to aggregate and automate various security resources and tasks using API's and feeds
SOAR (Security Orchestration, Automation, and Response)
Term for clues and evidence of a data breach
IoC (Indicators of Compromise)
A process created by Lockheed Martin that identifies what steps an adversary must complete in order to achieve their objective.
Cyber Kill Chain
Add a hidden malware or page overlay onto web site to execute covert code when you click an icon
Clickjacking
Used in place of virtualization and allows for an application to be packaged completely with all support files and ran in isolated environments
Containerization
Web Assessment tool used to test for vulnerabilities, as well as password and injection attacks (owned by PortSwigger)
Burp Suite
Testing type to ensure that the functionality of a new app is appropriate for all users
UAT (User acceptance testing)
A knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's attack lifecycle
Mitre ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge)
Occurs when the amount of data in the buffer exceeds its storage capacity which overflows into adjacent memory locations
Buffer Overflow
Cloud Infrastructure tool specifically designed to assess AWS cloud resources
Prowler or PACU
Protocol standard commonly used to uphold internal and external compliance requirements by adhering to standard processes, results reporting, scoring, and vulnerability prioritization.
SCAP Security Content Automation Protocol
Web tool available to analyze files or websites for malware
VirusTotal
Proactive process to discover threats that have not been identified by standard monitoring and alerting mechanisms
Threat hunting
Method of taking over a web user session by obtaining the session ID from a cookie and masquerading as the authorized user
Session hijacking
A component installed in a CPU to allow for dynamic and real-time reprogramming of the chip
eFuse
Term for when an automated scan is ran on a web server and does not alert to a vulnerability that does exist
False negative
A DNS-based TXT record that, in part, identifies hosts authorized to send emails from a domain
SPF (Sender Policy Framework)
Protocol and Application Programming Interface (API) for transferring STIX format CTI (cyber threat intelligence) securely over networks
TAXII (Trusted Automated eXchange of Indicator Information)
*STIX is the message, TAXII the vehicle for delivery
Client-side attack that injects a malicious script into a web browser, taking advantage of the browser-website trust
Cross-Site Script (XSS)
A specialized internal communications network that interconnects components in a vehicle
CAN BUS (Controller Area Network)
The idea that a country or jurisdiction has the authority and right to govern and control the data stored within its borders
Data sovereignty