Knowledge Base

Cybersecurity Glossary

Clear explanations of the most important cybersecurity terms. From attack types to regulations.

100 terms.

Attack Types

Phishing

Phishing is an attack technique in which criminals impersonate a trusted party to steal sensitive in...

Ransomware

Ransomware is malicious software that encrypts files or systems and demands payment for decryption. ...

DDoS Attack

A DDoS attack (Distributed Denial of Service) floods a server, network or service with traffic from ...

Social Engineering

Social engineering is the manipulation of people into disclosing confidential information or perform...

Malware

Malware is malicious software designed to damage computer systems, steal data or gain unauthorised a...

Zero-day

A zero-day is a vulnerability in software that is unknown to the vendor and for which no patch is ye...

Man-in-the-Middle Attack

A man-in-the-middle attack (MitM) occurs when an attacker secretly intercepts and potentially manipu...

SQL Injection

SQL injection is an attack technique in which malicious SQL code is entered into a web application's...

Brute-force Attack

In a brute-force attack, an attacker systematically tries all possible combinations of passwords or ...

Credential Stuffing

Credential stuffing is an attack in which stolen usernames and passwords from previously leaked data...

Spear Phishing

Spear phishing is a targeted form of phishing where attackers tailor their attack to a specific indi...

APT (Advanced Persistent Threat)

An Advanced Persistent Threat (APT) is a prolonged, sophisticated cyberattack where an attacker gain...

Supply Chain Attack

A supply chain attack is a cyberattack where the attacker targets a supplier or software vendor rath...

Botnet

A botnet is a network of malware-infected computers (bots) controlled by an attacker (botherder). Bo...

Ransomware-as-a-Service (RaaS)

Ransomware-as-a-Service is a criminal business model where ransomware developers rent their malware ...

Data Breach

A data breach is a security incident in which confidential, protected, or sensitive data is exposed ...

Smishing (SMS Phishing)

Smishing is a form of phishing via SMS messages or WhatsApp. Attackers send misleading messages that...

Vishing (Voice Phishing)

Vishing is a social engineering attack via phone calls. Attackers call victims pretending to be empl...

Lateral Movement

Lateral movement is an attack technique where an attacker, after gaining initial access to a system,...

Privilege Escalation

Privilege escalation is an attack technique where an attacker elevates their access rights from limi...

BEC (Business Email Compromise)

Business Email Compromise (BEC) is a sophisticated fraud where attackers compromise or impersonate a...

Rootkit

A rootkit is a type of malware that hides itself in the operating system and gives an attacker undet...

Trojan Horse (Trojan)

A Trojan horse (Trojan) is malware that disguises itself as legitimate, useful software but secretly...

Worm (computer worm)

A computer worm is malware that automatically spreads across networks without user interaction. Unli...

Living off the Land (LotL)

Living off the Land (LotL) is an attack technique where attackers use legitimate, already present to...

Watering Hole Attack

A watering hole attack is a targeted attack where cybercriminals infect websites frequently visited ...

Spyware

Spyware is malware that secretly collects information about a user's activities and sends it to an e...

Keylogger

A keylogger is software or hardware that records all keystrokes made by a user. Attackers use keylog...

Identity Theft

Identity theft is stealing and misusing someone's personal data to commit criminal activities such a...

Insider Threat

An insider threat is a security risk originating from within the organization — employees, former em...

Security Concepts

Pentest

A pentest (penetration test) is an authorised, simulated cyberattack on a system, network or applica...

MDR (Managed Detection & Response)

MDR is a managed security service in which an external team of experts continuously monitors an orga...

SIEM (Security Information and Event Management)

A SIEM is a platform that centralises, correlates and analyses security logs and events from differe...

SOC (Security Operations Center)

A SOC is a centralised team of security specialists that continuously monitors an organisation's IT ...

Red Team

A red team is a group of security specialists who think and act as attackers to test an organisation...

Blue Team

A blue team is the defensive security team of an organisation that is engaged in detecting, preventi...

Purple Team

Purple teaming is a collaborative exercise in which the offensive red team and the defensive blue te...

Zero Trust

Zero Trust is a security model based on the principle "never trust, always verify". No user, device ...

Threat Hunting

Threat hunting is the proactive search for hidden threats and attackers already present in a network...

Incident Response

Incident response is the structured process by which an organisation responds to a cybersecurity inc...

EDR (Endpoint Detection & Response)

EDR stands for Endpoint Detection and Response: security software that detects, investigates, and au...

XDR (Extended Detection & Response)

XDR extends EDR by integrating threat detection and response across multiple security layers: endpoi...

MFA (Multi-Factor Authentication)

Multi-Factor Authentication (MFA) is a security method where a user confirms their identity through ...

Encryption

Encryption converts readable data (plaintext) into unreadable data (ciphertext) using an algorithm a...

Patch Management

Patch management is the systematic identification, testing, and installation of software updates (pa...

DLP (Data Loss Prevention)

Data Loss Prevention (DLP) is a set of tools and processes that prevent sensitive data from leaving ...

DevSecOps

DevSecOps is an approach that integrates security throughout the entire software development process...

Security Awareness Training

Security awareness training is a training program that teaches employees to recognize and respond co...

Firewall

A firewall is a security system that monitors and filters incoming and outgoing network traffic base...

VPN (Virtual Private Network)

A VPN is a technology that creates an encrypted connection (tunnel) over a public network such as th...

IDS/IPS (Intrusion Detection/Prevention System)

An IDS detects suspicious activities in a network and raises an alert. An IPS goes a step further an...

Cloud Security

Cloud security encompasses all technologies, policies, and procedures that protect cloud environment...

IAM (Identity and Access Management)

Identity and Access Management (IAM) is a framework of processes and technologies that ensures the r...

PAM (Privileged Access Management)

Privileged Access Management (PAM) is a security solution that manages and monitors the access of us...

SOAR (Security Orchestration, Automation and Response)

SOAR is a platform that helps security teams automate repetitive tasks, orchestrate security process...

Network Segmentation

Network segmentation divides a computer network into smaller, isolated subnets. It limits damage fro...

Penetration Testing

Penetration testing (see also: pentest) is an authorized, simulated cyberattack on a system, network...

Endpoint Security

Endpoint security protects endpoint devices such as laptops, smartphones, tablets, and servers again...

SSO (Single Sign-On)

Single Sign-On (SSO) is an authentication method that allows users to access multiple applications w...

CSPM (Cloud Security Posture Management)

CSPM is a category of security tools that automatically detect and remediate misconfigurations in cl...

MSSP (Managed Security Service Provider)

An MSSP is an external service provider that delivers cybersecurity monitoring and management as an ...

Bug Bounty

A bug bounty program invites ethical hackers to find vulnerabilities in exchange for financial rewar...

Responsible Disclosure

Responsible disclosure is the process where a security researcher reports a found vulnerability to t...

Least Privilege

The principle of least privilege states that every user, application, or process should have only th...

Security by Design

Security by Design is a design principle where security is built into systems, software, and process...

Defense in Depth

Defense in depth is a security strategy applying multiple layers of security controls. If one layer ...

IoT Security

IoT security covers the protection of connected devices: smart devices, industrial sensors, cameras,...

OT Security (Operational Technology Security)

OT security covers the protection of Operational Technology: hardware and software controlling physi...

Phishing Simulation

A phishing simulation is a controlled exercise where an organization sends fake phishing emails to i...

MXDR (Managed Extended Detection and Response)

MXDR combines XDR technology with the expertise of an external 24/7 SOC team, providing detection an...

Digital Forensics

Digital forensics is the science of identifying, collecting, analyzing, and preserving digital evide...

DFIR (Digital Forensics and Incident Response)

DFIR combines forensic investigation and incident response after a cyberattack. DFIR teams determine...

Regulations & Compliance

NIS2

NIS2 is the European directive for network and information security that requires organisations in c...

DORA

DORA (Digital Operational Resilience Act) is EU legislation specifically for the financial sector th...

GDPR

The GDPR (General Data Protection Regulation) is the European privacy law that requires organisation...

ISO 27001

ISO 27001 is the international standard for information security that provides organisations with a ...

CRA (Cyber Resilience Act)

The CRA is EU legislation that requires products with digital elements to meet cybersecurity require...

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a global security standard for organizatio...

ENS (Esquema Nacional de Seguridad)

ENS is the Spanish National Security Framework: a legally required security framework for Spanish go...

NIST CSF (Cybersecurity Framework)

The NIST Cybersecurity Framework is a voluntary framework from the US National Institute of Standard...

CIS Controls

The CIS Controls are a prioritized set of 18 security measures from the Center for Internet Security...

TIBER-EU

TIBER-EU (Threat Intelligence-Based Ethical Red Teaming) is a European framework for conducting adva...

Cyber Insurance

Cyber insurance is insurance that protects organizations from financial losses due to cyberattacks, ...

ISO 27017

ISO 27017 is an international standard providing guidelines for information security specific to clo...

SOC 2

SOC 2 is an American audit report demonstrating that a service provider meets security, availability...

Technical Terms

CVE

CVE (Common Vulnerabilities and Exposures) is the global standard for numbering known security flaws...

IOC (Indicator of Compromise)

An Indicator of Compromise (IOC) is a digital artifact indicating a possible cyberattack. Examples: ...

OSINT

OSINT (Open Source Intelligence) is the collection and analysis of information from publicly availab...

Vulnerability Scan

A vulnerability scan is an automated check of systems for known security vulnerabilities. Difference...

Honeypot

A honeypot is a deliberately vulnerable system or network designed to attract attackers and observe ...

Threat Intelligence

Threat intelligence is information about cyber threats that has been collected, processed, and analy...

API Security

API security protects Application Programming Interfaces (APIs) against attacks and misuse. APIs are...

Dark Web

The dark web is a hidden part of the internet accessible only through special software like Tor. It ...

MITRE ATT&CK

MITRE ATT&CK is a globally accessible knowledge base of adversary tactics and techniques based on re...

Sandboxing

Sandboxing is a security technique where suspicious code or files are executed in an isolated enviro...

C2 Server (Command and Control)

A C2 server is used by attackers to remotely control infected systems (bots, implants). The C2 infra...

TTP (Tactics, Techniques and Procedures)

TTP stands for Tactics, Techniques and Procedures — the methods and approaches cybercriminals use in...

IOA (Indicators of Attack)

Indicators of Attack (IOA) are behavioral indicators signaling an attack in progress — unlike IOCs w...

Zero-Knowledge Proof

A zero-knowledge proof is a cryptographic protocol where one party can prove to another that they kn...

OAuth 2.0

OAuth 2.0 is an open authorization standard that allows applications to gain limited access to user ...

Learn more about cybersecurity?

Talk to our experts Read our blog