Cybersecurity Glossary

Access control refers to the process of regulating and managing the permissions and privileges granted to users or entities for accessing systems, networks, applications, or data. It ensures that only authorized individuals or processes can gain entry and perform specific actions within an environment.

Access management involves the practices and techniques used to control and monitor user access to resources, systems, and information. It includes processes such as user provisioning, authentication, Authorisation, and privilege management to ensure that access is granted appropriately based on defined policies and security requirements.

An access token is a credential used in authentication to prove the identity of a user or application. It is typically obtained after successful authentication and is used to gain access to protected resources or services without the need to reauthenticate for every request.

Account lockout is a security measure that automatically disables an account temporarily or permanently after a specified number of failed login attempts. It helps protect against brute force attacks by preventing unauthorised access through repeated login attempts.

Active Directory security refers to the measures and practices implemented to protect the Active Directory (AD) service, which is a centralized directory service used in Windows-based networks. It involves securing the AD infrastructure, including domain controllers, user accounts, group policies, and access controls, to prevent unauthorised access, data breaches, or disruptions.

An advanced persistent threat (APT) is a sophisticated and stealthy cyberattack in which an unauthorised actor gains and maintains prolonged access to a targeted network or system. APTs are typically carried out by skilled and well-resourced adversaries who aim to remain undetected while stealing sensitive information, disrupting operations, or establishing persistent control.

A deliberate attempt to manipulate or deceive AI models by introducing specially crafted inputs or perturbations.

Adversarial machine learning refers to the study and practice of designing and deploying machine learning models that are robust against malicious attempts to manipulate or deceive them. It involves developing techniques to detect and defend against adversarial attacks, such as data poisoning, evasion, or model manipulation, which can undermine the accuracy and integrity of machine learning systems.

Adware is a type of software that displays unwanted advertisements to users. While adware is often considered a nuisance, some forms of adware may also collect user data or track browsing habits, raising privacy concerns.

Agent-based security refers to a security approach that involves deploying specialised software agents or agents within systems, networks, or endpoints to monitor, detect, and respond to security threats. These agents can perform various security functions, such as antivirus scanning, intrusion detection, or behaviour monitoring, to enhance overall security posture.

A step-by-step procedure or set of rules followed to solve a specific problem or perform a particular task.

Anomaly detection is a technique used to identify patterns or behaviours that deviate significantly from normal or expected patterns. In cybersecurity, anomaly detection is applied to detect suspicious or malicious activities, such as unusual network traffic, unauthorised access attempts, or abnormal system behaviour, which may indicate a security breach or threat.

Anonymity refers to the state of being unidentified or untraceable. In the context of cybersecurity, anonymity is often desired to protect privacy or hide one's identity while accessing online services, communicating, or browsing the internet.

Anti-malware refers to software or tools designed to detect, prevent, and remove malicious software, commonly known as malware, from computer systems or networks. Anti-malware solutions encompass antivirus, anti-spyware, and other security technologies to safeguard against various types of malware threats, such as viruses, worms, Trojans, ransomware, and spyware.

Anti-spoofing refers to techniques and measures employed to prevent or detect attempts to impersonate or forge the identity of a system, user, or network device. It involves implementing controls and protocols to verify the authenticity of communication sources and prevent unauthorised access or data manipulation through spoofing attacks.

Antispyware refers to software or tools designed to detect, block, and remove spyware, which is a type of malicious software that collects information without the user's consent. Antispyware solutions help protect against unauthorised data gathering, privacy violations, and other harmful activities associated with spyware.

Antivirus software, commonly known as an antivirus, is a security solution that detects, prevents, and removes computer viruses and other malware. Antivirus programs employ various techniques, such as signature-based scanning, heuristic analysis, and behavioural monitoring, to identify and eliminate malicious code that can harm computer systems or compromise data.

API authentication refers to the process of verifying the identity and credentials of an application or user accessing an API (Application Programming Interface). It ensures that only authorized entities can interact with the API and perform specific actions or retrieve data.

API security encompasses the measures, protocols, and best practices employed to protect APIs from unauthorised access, data breaches, or misuse. It involves securing API endpoints, implementing access controls, using encryption, and applying authentication and Authorisation mechanisms to ensure the integrity, confidentiality, and availability of API resources.

Application security focuses on protecting software applications from security vulnerabilities and threats throughout their development, deployment, and maintenance lifecycle. It involves implementing security controls, conducting code reviews, performing security testing, and applying secure coding practices to mitigate the risks associated with application-level attacks.

Application whitelisting is a security approach that allows only pre-approved or trusted applications to run on a system or network while blocking or preventing the execution of unauthorised or unverified programs. By limiting the software that can execute, application whitelisting helps mitigate the risks associated with malicious or unauthorised software installations.

APT group refers to a coordinated and organized group of threat actors or cybercriminals who conduct advanced persistent threats (APTs) against specific targets. These groups often possess advanced technical capabilities, resources, and knowledge, and they operate with specific objectives, such as espionage, financial gain, or disruption of critical infrastructure.

ARP spoofing, also known as ARP poisoning, is a technique used to manipulate or intercept network traffic by falsifying Address Resolution Protocol (ARP) messages. It enables an attacker to associate their own MAC address with the IP address of another network device, leading to potential unauthorised access, data interception, or network disruptions.

AI systems that possess the ability to understand, learn, and apply knowledge across a wide range of tasks and domains, similar to human intelligence.

The branch of computer science that aims to create intelligent machines capable of performing tasks that typically require human intelligence, such as learning, problem-solving, and decision-making.

Artificial intelligence (AI) in cybersecurity refers to the application of AI techniques, such as machine learning, natural language processing, and neural networks, to enhance the detection, analysis, and response to security threats. AI is utilized to improve threat intelligence, automate security operations, detect anomalies, and develop predictive capabilities to combat evolving cyber threats.

A computational model inspired by the structure and function of biological neural networks, used for pattern recognition, classification, and prediction tasks.

Asset management involves the identification, categorization, and tracking of an organisation's physical and digital assets, including hardware, software, data, and network resources. It encompasses practices for inventory management, risk assessment, vulnerability management, and ensuring the security and availability of assets.

Asset protection refers to the measures and strategies implemented to safeguard an organisation's critical assets, including information, systems, infrastructure, and intellectual property, from unauthorised access, theft, damage, or loss. It involves implementing security controls, access management, backup and recovery plans, and other protective measures based on the value and criticality of the assets.

An audit trail is a chronological record or log that captures and documents events, activities, or actions occurring within a system, network, or application. It provides a traceable history of user interactions, system events, configuration changes, or data access, which is crucial for forensic analysis, compliance, and security investigations.

Authentication is the process of verifying the identity of a user, device, or entity attempting to access a system, network, or application. It involves presenting credentials, such as usernames and passwords, biometrics, tokens, or certificates, and validating them against trusted sources to grant appropriate access privileges.

Authorisation, also known as access control, is the process of granting or denying permissions, privileges, or rights to authenticated users or entities based on their identities, roles, or attributes. It ensures that only authorized individuals or processes can access specific resources, perform actions, or exercise certain privileges within a system or network.

Neural network architectures used for unsupervised learning and dimensionality reduction. Autoencoders aim to learn a compressed representation of input data by training an encoder and a decoder network to reconstruct the original input, enabling efficient data compression and feature extraction.

Vehicles equipped with AI and sensors to operate and navigate without human intervention, such as self-driving cars.