APT
An Advanced Persistent Threat: a well-resourced attacker that quietly maintains long-term access to a target.
Cybersecurity glossary
Plain-English definitions of the security terms you'll meet in our courses and on the job. Search, or browse by letter.
Attack Surface
The full set of points where an attacker could attempt to enter, affect, or extract data from a system.
Authentication
Verifying that a user, device, or service is who or what it claims to be before granting access.
Authorization
Deciding what an authenticated user or system is allowed to do or access.
Blue Team
The defenders who monitor, detect, and respond to attacks on an organization.
Botnet
A network of compromised devices controlled by an attacker, often used for spam or denial-of-service attacks.
Brute Force
An attack that tries many passwords or keys in sequence until the correct one is found.
CIA Triad
The core security goals of Confidentiality, Integrity, and Availability.
Cyber Range
A safe, simulated environment where teams practice attacking and defending real systems.
DDoS
A Distributed Denial-of-Service attack that overwhelms a service with traffic from many sources.
Defense in Depth
Layering multiple, overlapping controls so that no single failure exposes the whole system.
DLP
Data Loss Prevention: tools and policies that stop sensitive data from leaving an organization.
EDR
Endpoint Detection and Response: software that monitors devices to detect and contain threats.
Encryption
Converting data into an unreadable form so that only authorized parties can decode it.
Exploit
A piece of code or technique that takes advantage of a vulnerability to compromise a system.
Firewall
A control that filters network traffic, allowing or blocking it based on defined rules.
Hardening
Reducing a system's attack surface by removing weaknesses and tightening configuration.
Hashing
A one-way transformation of data into a fixed-length value, used to verify integrity and store passwords.
IAM
Identity and Access Management: governing who can access what, and under which conditions.
IDS / IPS
Intrusion Detection / Prevention Systems that spot and optionally block malicious network activity.
Incident Response
The structured process of detecting, containing, eradicating, and recovering from a security event.
Malware
Malicious software such as viruses, worms, trojans, and spyware designed to cause harm.
MFA
Multi-Factor Authentication: requiring two or more proofs of identity to sign in.
MITRE ATT&CK
A knowledge base of real-world attacker tactics and techniques used to plan defenses.
NIST CSF
A widely used framework for organizing cybersecurity activities around five core functions.
Patch
An update that fixes a vulnerability or bug in software or firmware.
Penetration Test
An authorized, simulated attack used to find and demonstrate exploitable weaknesses.
Pentest Report
The deliverable that documents findings, risk, and remediation steps from a penetration test.
Phishing
Fraudulent messages that trick people into revealing credentials or installing malware.
Privilege Escalation
Gaining higher access rights than originally granted, often after an initial foothold.
Purple Team
A collaborative approach where offensive and defensive teams work together to improve defenses.
Ransomware
Malware that encrypts data and demands payment to restore access.
Red Team
A group that emulates real adversaries to test an organization's detection and response.
Risk Assessment
Identifying, analyzing, and prioritizing risks to guide where to invest in security.
Sandbox
An isolated environment used to safely run and analyze untrusted code or files.
SIEM
Security Information and Event Management: a platform that aggregates and analyzes security logs.
SOAR
Security Orchestration, Automation, and Response: automating repetitive security workflows.
SOC
A Security Operations Center: the team and tooling responsible for continuous threat monitoring.
Social Engineering
Manipulating people into breaking security practices, rather than attacking technology directly.
SQL Injection
Inserting malicious database commands through unvalidated input to read or alter data.
Tabletop Exercise
A discussion-based drill where teams walk through their response to a simulated incident.
Threat Actor
Any individual or group responsible for a malicious action against systems or data.
Threat Hunting
Proactively searching systems for hidden threats that evaded automated detection.
Threat Intelligence
Analyzed information about adversaries and their tactics that informs defensive decisions.
VPN
A Virtual Private Network that encrypts traffic between a user and a trusted network.
Vulnerability
A weakness in a system that an attacker could exploit to cause harm.
XSS
Cross-Site Scripting: injecting malicious scripts into web pages viewed by other users.
Zero Day
A vulnerability unknown to the vendor, with no patch available when first exploited.
Zero Trust
A model that verifies every access request and trusts no user or device by default.
No terms match your search.
Start your journey
Skills Today. Security Tomorrow.
Build the expertise and confidence to thrive in the digital world. Talk to our team about the right training path or consulting engagement for your goals.