Cybersecurity Glossary

CAPTCHA, short for Completely Automated Public Turing test to tell Computers and Humans Apart, is a security mechanism used to distinguish between human users and automated bots. It presents challenges or puzzles that are easy for humans to solve but difficult for bots, helping to prevent automated abuse, spam, or unauthorised access.

A certificate authority (CA) is a trusted third-party organisation or entity that issues digital certificates used in public key infrastructure (PKI). CAs verify the identity of entities and vouch for the authenticity of their public keys, enabling secure communication, authentication, and data encryption over the internet.

Certificate chaining is the process of validating a digital certificate by verifying its trustworthiness and authenticity through a sequence or chain of intermediate certificates leading to a trusted root certificate. Each certificate in the chain attests to the identity and validity of the subsequent certificate, establishing a trusted path of trust.

A certificate fingerprint, also known as a thumbprint, is a unique digital identifier derived from the content of a digital certificate. It is typically generated using cryptographic hash functions and serves as a concise representation of the certificate's contents. Certificate fingerprints are used to verify the integrity and authenticity of certificates.

Certificate pinning is a security technique that involves associating a specific digital certificate or its fingerprint with a specific domain or service. By pinning certificates, clients or applications can ensure that they only establish connections with servers presenting the expected certificates, protecting against potential man-in-the-middle attacks or certificate impersonation.

A certificate revocation list (CRL) is a list maintained by a certificate authority (CA) that contains the serial numbers or identifiers of digital certificates that have been revoked or are no longer valid. CRLs are used to inform clients or relying parties about certificates that should not be trusted due to compromise, expiration, or other reasons.

Certificate transparency is an open framework and set of protocols designed to improve the security and integrity of digital certificates. It provides a public log of issued certificates, enabling transparency, accountability, and early detection of malicious or fraudulent certificates.

An AI-powered software application designed to interact with users through text or speech, providing automated responses or assistance.

AI-based virtual agents designed to interact and communicate with humans through natural language. Chatbots utilize NLP techniques and dialogue systems to understand user queries and provide relevant responses or perform tasks.

A clean desk policy is a set of guidelines and procedures that promote the practice of keeping workspaces clear of sensitive or confidential information when not in use. It aims to prevent unauthorised access, information leakage, or data theft by ensuring that documents, media, or devices are properly secured or stored when unattended.

Clickjacking, also known as UI redressing or UI spoofing, is a technique used by attackers to trick users into clicking on a hidden or disguised element in a web page or application, usually resulting in unintended actions or disclosing sensitive information. Clickjacking attacks exploit the trust users place in visible elements and can be mitigated by implementing frame-busting techniques or web security headers.

The client-server model is a computing architecture in which clients (user devices or applications) request services or resources from servers (centralized systems or applications) over a network. The server provides the requested services, processes the data, and responds to the clients' requests. The client-server model forms the basis for many networked applications and services.

A cloud access security broker (CASB) is a security solution or service that acts as an intermediary between organisations and cloud service providers, providing visibility, control, and security enforcement for cloud-based applications and data. CASBs help organisations extend their security policies and controls to the cloud, ensuring compliance, data protection, and threat prevention.

Cloud backup refers to the process of storing copies of data or system backups in a cloud-based storage service. It provides an off-site, scalable, and convenient backup solution, allowing organisations to protect critical data from loss, disasters, or local hardware failures.

Cloud computing is a model for delivering computing services over the internet on-demand, allowing users to access scalable resources, applications, or infrastructure as a service. Cloud computing provides flexibility, cost-efficiency, and easy resource provisioning, but it also introduces security challenges that need to be addressed, such as data privacy, access control, and cloud-specific vulnerabilities.

Cloud security encompasses the practices, technologies, and controls used to protect data, applications, and infrastructure in cloud computing environments. It involves securing cloud-based resources, implementing access controls, encrypting data, managing identities, and ensuring compliance to mitigate the risks associated with cloud adoption.

A technique in unsupervised learning used to group similar data points together based on their inherent characteristics or patterns. Clustering algorithms aim to discover the underlying structure or relationships within data without prior knowledge of the class labels.

Code injection is a type of security vulnerability where an attacker inserts or injects malicious code into a legitimate application or system, leading to unexpected behaviours, unauthorised actions, or system compromise. Common types of code injection attacks include SQL injection, cross-site scripting (XSS), and remote code execution.

Code obfuscation is a technique used to intentionally obscure or transform the source code of an application or software to make it difficult for attackers to understand or reverse-engineer. Obfuscated code complicates analysis, reduces vulnerability exposure, and adds an extra layer of protection against reverse engineering or unauthorised modifications.

A cold boot attack is a method of extracting sensitive information, such as encryption keys or login credentials, from a computer's RAM (random-access memory) even after the system has been powered off or restarted. Attackers use specialised techniques to preserve the data in memory before it fades away, potentially bypassing security measures that rely on memory clearing upon system shutdown.

A cold site is a backup or disaster recovery facility that provides basic infrastructure and resources, such as physical space, power, and connectivity, but does not have active or pre-configured systems or data. Cold sites require longer recovery times compared to warm or hot sites, as the necessary systems and data need to be restored or deployed from backups.

Cold site recovery is a disaster recovery strategy that involves restoring critical systems, applications, and data in a cold site after a disruptive event or system failure. In cold site recovery, organisations rely on off-site backups and infrastructure resources to rebuild the IT environment, resulting in longer recovery times compared to warm or hot site strategies.

Cold storage refers to a storage method for long-term data retention, archiving, or backup that utilizes offline or disconnected storage devices or media, such as external hard drives, tape libraries, or optical discs. Cold storage is typically used for infrequently accessed data or information that requires long-term preservation while reducing the cost and power consumption associated with online storage.

Command and control (C&C) is a centralized infrastructure or communication system used by attackers or malware to manage compromised devices or networks. C&C servers enable attackers to issue commands, receive data, coordinate actions, and control the activities of infected systems or botnets.

Command injection is a security vulnerability that occurs when an attacker inserts malicious commands or code into an application or system command-line interface (CLI) input, resulting in the execution of unintended actions or arbitrary commands. Command injection attacks are typically carried out by manipulating input fields or parameters that are improperly validated or sanitized.

A computer emergency response team (CERT) is a group of cybersecurity experts, analysts, or incident responders responsible for handling and coordinating the response to cybersecurity incidents, vulnerabilities, or emergencies. CERTs provide incident response services, threat intelligence, guidance, and support to organisations or communities in managing and mitigating cyber threats.

A computer virus is a type of malicious software that replicates itself and spreads from one computer or system to another, often without the knowledge or consent of the user. Viruses can corrupt files, disrupt system operations, steal information, or perform other malicious activities, and they usually require human action to propagate.

The field of AI that focuses on enabling computers to understand and interpret visual information from images or videos. It involves tasks like object recognition, image classification, and image segmentation.

The use of AI algorithms and image analysis techniques to assist healthcare professionals in diagnosing diseases or conditions.

Confidentiality is one of the fundamental principles of information security, focusing on protecting data from unauthorised access, disclosure, or exposure. It ensures that sensitive or confidential information is only accessed or disclosed to authorized individuals or entities and is kept private from unauthorised parties.

A confidentiality agreement, also known as a non-disclosure agreement (NDA), is a legal contract between parties that outlines the terms and obligations regarding the protection of confidential or proprietary information shared between them. It helps maintain the confidentiality of sensitive information and prevents its unauthorised use or disclosure.

Container security refers to the protection and security measures applied to containerized applications or microservices deployed within containerization platforms, such as Docker or Kubernetes. It involves securing container images, implementing access controls, managing container runtime security, and monitoring container environments to prevent unauthorised access, data breaches, or container-specific vulnerabilities.

Content filtering is the process of selectively blocking, allowing, or restricting access to certain types of content or online resources based on predetermined policies or criteria. It is commonly used to enforce acceptable use policies, prevent access to malicious or inappropriate websites, or filter content for compliance or regulatory purposes.

Control system security, also known as industrial control system (ICS) security or SCADA security, focuses on protecting critical infrastructure, such as power plants, water treatment facilities, or manufacturing systems, from cyber threats. It involves securing supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs), and other control system components to ensure their availability, integrity, and confidentiality.

A type of neural network commonly used for computer vision tasks, where it applies filters to input data to extract meaningful features.

A type of neural network designed for processing grid-like data, such as images or sequences. CNNs use convolutional layers to automatically learn spatial hierarchies of patterns or features from the input data.

Cookie security relates to the protection of HTTP cookies, which are small text files stored on a user's device by a website visited. Proper cookie security involves implementing measures to prevent unauthorised access or tampering with cookies, protecting sensitive information stored in cookies, and enforcing secure cookie handling practices to mitigate session hijacking or cross-site scripting (XSS) attacks.

Cross-site scripting (XSS) is a type of security vulnerability that allows attackers to inject and execute malicious scripts into web pages or applications viewed by other users. XSS attacks can lead to unauthorised access, data theft, session hijacking, or the delivery of malicious content to unsuspecting users.

A technique used to assess the performance and generalization ability of a machine learning model. Cross-validation involves splitting the data into multiple subsets, training the model on a portion of the data, and evaluating its performance on the remaining data. It helps to estimate how well the model will perform on unseen data.

Cryptanalysis, also known as codebreaking or cryptographic analysis, is the practice of studying and analysing cryptographic systems to uncover weaknesses, vulnerabilities, or methods to decrypt or circumvent encryption. Cryptanalysis helps identify potential flaws in encryption algorithms or implementations and contributes to the development of stronger cryptographic techniques.

Cryptocurrency security encompasses the measures, practices, and technologies used to protect digital currencies, such as Bitcoin or Ethereum, from theft, fraud, or unauthorised access. It involves securing cryptocurrency wallets, implementing multi-factor authentication, using secure key management, and safeguarding against phishing or hacking attempts targeting cryptocurrency assets.

Cryptography is the science and practice of secure communication in the presence of adversaries. It involves the use of mathematical algorithms, encryption, and decryption techniques to protect data, ensure confidentiality, integrity, and authenticity, and enable secure communication or storage of information.

Cross-Site Request Forgery (CSRF) is a type of web security vulnerability where an attacker tricks a victim into unknowingly executing unwanted actions on a web application in which the victim is authenticated. CSRF attacks exploit the trust between a user's browser and a vulnerable website, potentially leading to unauthorised operations, data manipulation, or account compromise.

Cyber threat intelligence refers to information or insights about potential or current cyber threats, including tactics, techniques, procedures, vulnerabilities, or indicators of compromise (IOCs). Cyber threat intelligence helps organisations understand the threat landscape, proactively identify potential risks, and enhance their ability to detect, prevent, or respond to cyberattacks.

A cyberattack refers to a deliberate and malicious attempt to compromise the confidentiality, integrity, or availability of computer systems, networks, or data. Cyberattacks can target individuals, organisations, or even nations, and they encompass a wide range of activities, including malware infections, phishing, DDoS attacks, ransomware, or data breaches.

Cyberespionage, also known as cyberspying or intelligence hacking, is a form of cyberattack in which attackers infiltrate computer systems or networks to gain unauthorised access to sensitive information or intellectual property. The primary objective of cyberespionage is to gather intelligence, steal classified information, or gain a competitive advantage.

A cybersecurity framework is a structured set of guidelines, best practices, and standards that organisations can follow to assess, develop, and improve their overall cybersecurity posture. Frameworks provide a systematic approach to managing cybersecurity risks, implementing security controls, and aligning with industry-recognized security frameworks or regulatory requirements.