Glossary
Advanced Persistent Threats (APTs)
APT groups are often nation-state actors or state-sponsored groups, and engage in sophisticated malicious cyber activities. Some APT groups are driven by political motivations. Their objectives include espionage, data theft, and network/system disruption or destruction. APT groups are often tracked based on their tactics, techniques and procedures (TTP).
Attack surface
Refers to the sum total of all possible points, vectors or vulnerabilities in a system, network or application that attackers can attack or exploit.
Attack vector
Attack vector refers to the path or method used by an attacker to gain unauthorized access, distribute malware or conduct a cyberattack on a targeted system, network or individual. Attack vectors can include a variety of techniques, such as phishing emails, social engineering, software vulnerabilities or network exploits.
Authentication
Authentication is the process of verifying the identity of an individual, device or system to ensure authorized access or use. Authentication methods may include passwords, biometrics, security tokens or multi-factor authentication (MFA).
Authority impersonation
Impersonation refers to a deceptive tactic used by malicious actors to impersonate individuals or organizations in positions of authority or trust.
Backdoor
A backdoor is an undocumented vulnerability in software, systems or networks. These are deliberately created and can be used to bypass normal security measures and gain unauthorized access. For example, an APT could leave backdoors in systems or networks it has accessed and allow itself to re-enter if necessary. Backdoors can also be intentionally created by software developers or manufacturers of a device. There are also cases where governments have been responsible for backdoors.
Botnet
A botnet is a collection of infected computers or other devices that are managed by a central server. Botnets are often used for malicious purposes such as DDoS attacks, malware distribution and spamming.
CASB (Cloud Access Security Broker)
It serves as a tool to enforce an organization’s security policies through risk identification and regulatory compliance whenever data residing in the cloud is accessed.
Endpoint
Another word for the workstation used by an end user in an organization. Refers to a computer or device at the end of a network cable.
FEDRAMP
FedRAMP provides a level playing field for assessing the security of cloud services against a known standard, including continuous monitoring and visibility into issues and responses. FedRAMP drives higher levels of security in commercial markets and led the way in the adoption of more secure Internet use.