Cybersecurity Glossary

Eavesdropping, also known as interception or sniffing, is the unauthorised act of secretly listening to or monitoring private communications, such as phone calls, instant messages, or network traffic. Eavesdropping attacks can occur over wired or wireless networks and aim to capture sensitive information, such as passwords, financial data, or confidential business communications.

The deployment of AI models and algorithms on edge devices or local servers, enabling real-time processing and decision-making without relying on cloud services.

A paradigm where data processing and analysis are performed on or near the devices or sensors at the edge of a network, reducing latency and bandwidth requirements.

Email authentication refers to a set of techniques and protocols used to verify the authenticity and integrity of email messages and their senders. It helps prevent email spoofing, phishing, and email-based attacks. Common email authentication methods include SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance).

Email encryption is the process of encrypting the contents of an email message to protect its confidentiality and integrity during transit. It ensures that only authorized recipients can access and read the email by encrypting the message using encryption algorithms and keys. Email encryption safeguards sensitive information, such as personal data, financial details, or classified information, from unauthorised access or interception.

Email filtering is the process of inspecting and analysing incoming and outgoing email messages to detect and block spam, phishing attempts, malware, or other unwanted or malicious content. Email filtering solutions use various techniques, including content analysis, blacklisting, whitelisting, reputation-based filtering, and heuristics to classify and filter emails based on predefined rules and policies.

Email security encompasses measures and technologies implemented to protect email communication from unauthorised access, tampering, data loss, or other security risks. It involves deploying secure email gateways, spam filters, encryption, digital signatures, and user awareness training to mitigate the risks of phishing, malware, data breaches, or email-based attacks.

Encryption is the process of converting plain or readable data into an unreadable format known as ciphertext using encryption algorithms and keys. It is used to protect the confidentiality and integrity of sensitive information during storage, transmission, or processing. Encryption ensures that even if data is intercepted or accessed by unauthorised parties, it remains secure and unusable without the appropriate decryption key.

An encryption algorithm is a mathematical procedure or set of rules used to encrypt and decrypt data. It defines how plaintext is transformed into ciphertext and vice versa. Encryption algorithms can vary in complexity, strength, and suitability for different security requirements. Common encryption algorithms include Advanced Encryption Standard (AES), RSA, and Triple Data Encryption Standard (3DES).

An encryption key is a piece of data or a secret value used in encryption algorithms to transform plaintext into ciphertext or vice versa. The key is required for the encryption process to produce the ciphertext and for the decryption process to recover the original plaintext. The strength and secrecy of the encryption key are crucial to maintaining the security of encrypted data.

Endpoint detection and response (EDR) is a cybersecurity solution or technology that focuses on detecting, investigating, and responding to security incidents or threats on endpoints, such as desktops, laptops, servers, or mobile devices. EDR solutions provide real-time monitoring, threat intelligence, behavioural analysis, and incident response capabilities to identify and mitigate advanced threats and targeted attacks.

An endpoint device, also known as an end device or edge device, refers to any computing device or hardware that connects to a network and serves as the entry point for data communication. Examples of endpoint devices include desktop computers, laptops, smartphones, tablets, servers, IoT devices, or any other network-connected device where data is generated, processed, or consumed.

Endpoint encryption involves encrypting data stored on or transmitted from endpoint devices to protect it from unauthorised access, loss, or theft. It ensures that sensitive information remains secure, even if the device is lost, stolen, or compromised. Endpoint encryption solutions use encryption algorithms and keys to encrypt files, folders, hard drives, or entire devices, providing an additional layer of data protection.

Endpoint protection, also known as endpoint security, refers to the security measures and solutions implemented to protect endpoints, such as computers, mobile devices, or servers, from cybersecurity threats. Endpoint protection solutions typically include antivirus software, firewalls, intrusion detection/prevention systems, vulnerability assessment, patch management, and device control mechanisms to detect, prevent, and remediate security incidents.

Endpoint security encompasses the strategies, practices, and technologies used to protect endpoints, such as desktops, laptops, mobile devices, or servers, from various cybersecurity risks and threats. It focuses on securing the endpoint devices, data stored on or transmitted from them, and the users accessing the endpoints. Endpoint security aims to prevent unauthorised access, data breaches, malware infections, and other endpoint-related vulnerabilities.

A machine learning technique that combines predictions from multiple models (ensemble members) to make more accurate and robust predictions. Ensemble methods, such as bagging and boosting, reduce the risk of overfitting and improve generalization by leveraging the diversity and collective knowledge of the individual models.

The study and application of moral principles and guidelines to ensure the responsible development and deployment of AI systems. Ethical considerations in AI involve addressing issues such as fairness, transparency, privacy, bias mitigation, and societal impact, with the goal of promoting the ethical use of AI technology.

Evasion techniques are methods employed by attackers to avoid detection, bypass security controls, or exploit vulnerabilities without triggering alarms or raising suspicion. These techniques can involve obfuscating malicious code, utilizing encryption, polymorphism, or anti-analysis measures, or exploiting weaknesses in security solutions. Evasion techniques are used to increase the success rate of attacks and make it difficult for security systems to detect or block them.

AI systems designed to replicate the knowledge and decision-making processes of human experts in a specific domain. Expert systems use rules, heuristics, and knowledge representation to provide advice, solve problems, or make recommendations.

The ability to understand and interpret the decisions and actions made by AI systems, particularly when complex models are involved.

The field of research that aims to develop AI systems and algorithms that can provide transparent and understandable explanations for their decisions and actions. XAI techniques help to increase trust, accountability, and interpretability of AI systems, enabling users to understand the reasoning behind AI-generated outcomes.

An exploit is a piece of software, code, or technique used by attackers to take advantage of vulnerabilities or weaknesses in software applications, operating systems, or networks. Exploits can allow unauthorised access, privilege escalation, denial-of-service (DoS), or execution of arbitrary code. Attackers often develop or utilize exploits to carry out successful attacks against targeted systems.

Exploit development involves creating or designing software exploits to take advantage of vulnerabilities in software applications, protocols, or systems. Exploit developers analyse vulnerabilities, understand their root causes, and design specific code or techniques to exploit those vulnerabilities. Exploit development can be performed by both attackers seeking to compromise systems and security researchers aiming to uncover and patch vulnerabilities.

An exploit kit is a collection of pre-packaged malicious software or tools that automate the process of delivering and exploiting vulnerabilities in target systems. Exploit kits typically include various exploits, payloads, and techniques to exploit common vulnerabilities found in web browsers, plugins, or other software components. They are often distributed through compromised websites, malicious advertisements, or email spam campaigns.

Exploit mitigation refers to the techniques, strategies, and security measures implemented to reduce the impact or likelihood of successful exploitation of vulnerabilities in software applications or systems. It involves implementing security controls, such as sandboxing, address space layout randomization (ASLR), data execution prevention (DEP), or stack canaries, to make it more difficult for attackers to exploit vulnerabilities and execute arbitrary code.