Threat Data and Intel
Term for malware that is available to be purchased on dark web
Commodity Malware
Tool that combines data from separate sources into an integrated and centralized dashboard
Single Pane of Glass
Term for clues and evidence of a data breach
IoC (Indicators of Compromise)
A process created by Lockheed Martin that identifies what steps an adversary must complete in order to achieve their objective.
Kill Chain
reconnaissance, weaponization, delivery, exploitation, installation, command and control (C2), and actions on objectives
Add a hidden malware or page overlay onto web site to execute covert code when you click an icon
Clickjacking
Used in place of virtualization and allows for an application to be packaged completely with all support files and ran in isolated environments
Containerization
Testing type to ensure that the functionality of a new app is appropriate for all users
UAT (User acceptance testing)
A knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's attack lifecycle
Mitre ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge)
Occurs when the amount of data in the buffer exceeds its storage capacity which overflows into adjacent memory locations
Buffer Overflow
Cloud Infrastructure tool specifically designed to assess AWS cloud resources
Prowler or PACU
Protocol standard commonly used to uphold internal and external compliance requirements by adhering to standard processes, results reporting, scoring, and vulnerability prioritization.
SCAP Security Content Automation Protocol
Proactive process to discover threats that have not been identified by standard monitoring and alerting mechanisms
Threat hunting
Method of taking over a web user session by obtaining the session ID from a cookie and masquerading as the authorized user
Session hijacking
A component installed in a CPU to allow for dynamic and real-time reprogramming of the chip
eFuse
Term for when an automated scan is ran on a web server and does not alert to a vulnerability that does exist
False negative
Protocol and Application Programming Interface (API) for transferring STIX format CTI (cyber threat intelligence) securely over networks
TAXII (Trusted Automated eXchange of Indicator Information)
*STIX is the message, TAXII the vehicle for delivery
Client-side attack that injects a malicious script into a web browser, taking advantage of the browser-website trust
Cross-Site Script (XSS)
A specialized internal communications network that interconnects components in a vehicle
CAN BUS (Controller Area Network)
The idea that a country or jurisdiction has the authority and right to govern and control the data stored within its borders
Data sovereignty