Comprehensive cybersecurity glossary and resource hub for IT professionals. Understand key terms, frameworks, tools, and concepts shaping today’s threat landscape.
Online storage services for confidential data. These file-storing and sharing services act as a “virtual locker”, giving them their name.
When a threat actor uses software already existing in the environment to carry out malicious activities without being detected by security solutions like antivirus.
A.K.A “Data Libraries” is a large collection of organizational data; usually in archives or repositories to keep safe from unauthorized access.
When a user within an organization is given the minimum access to files, applications, software, or systems they need to conduct their job.
A.K.A. “Doxware” is ransomware that threatens to release a victim’s sensitive data if the ransom is not paid by a certain deadline.
A LAN is a group of electronic devices that are in the same physical location and are connected via a network.
A third-party organization that provides outsourced services in security for organizations.
A third-party organization that provides outsourced services, usually in IT, for organizations.
A method of authentication that utilizes two or more factors of providing proof of identification and authorization.
Software that is built for the sole purpose of malicious intent, usually for destructive purposes or financial gain (ransomware).
A single programming instruction that expands into a set of instructions to automate actions in your device, tools, or software in order to provide a certain output per user input. Macros are commonly found in office applications like Word and Excel.
NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
An endpoint firewall that enables you to have total control over all network traffic, using dynamic ACLs, all managed from a central location.
The gathering, appraisal, and assessment of publicly accessible data to answer a particular inquiry related to intelligence.
The ability to understand the inner workings of a system by observing only its external manifestations
PSA stands for professional services automation. In IT, a PSA system is used to manage teams, including tracking tickets to ensure tasks are completed.
Built into Windows, PowerShell is a programming language and shell that is used to automate tasks. Hackers commonly abuse PowerShell by using it to inject malicious code into memory to avoid detection by traditional antivirus software.
Port Control is the ability to control network traffic at the port level, opening and closing ports.
ThreatLocker® policies are the rules or guidelines admins implement to control applications, network activity, external storage access, and what activities to alert on and actions that should be taken in response to them.
Phishing is a malicious attempt by a threat actor to convince users to open malicious links or files and is the number one cause of ransomware.
