Active Directory
Active Directory is a Microsoft Windows directory service. IT administrators use Active Directory to manage functions such as applications, users, and other network components. It's a key solution for identity and access management (IAM).
A
Active Directory Security
Active Directory security includes people, tools and technology to identify vulnerabilities, misconfigurations and other security issues within Active Directory, a Microsoft Windows directory service.
A
Active Directory Security Groups
IT administrators use Active Directory security groups to manage and grant access for Microsoft resources. Security groups may contain computer accounts, user accounts, or other groupings for IT management.
A
Active Scanning
Active Scanning is used to actively scan a network to discover assets and security issues. Active scans send transmissions across a network to assets to see if they respond, how long the response takes, and if there are issues with data loss.
A
Administrator (Admin)
Administrators, or admins, in terms of information security, are generally responsible for maintaining an organization's information security infrastructure, for example, networks, systems, and servers.
A
Advanced Persistent Threat (APT)
An Advanced Persistent Threat (APT) is a targeted cyber-attack where, once inside a network, the attacker generally remains undetected for an extended period of time. APTs are generally planned and sophisticated attacks and can be carried out by threat actors such as nation-states that have lots of resources and experience.
A
Advanced Threat Protection (ATP)
Advanced threat protection (APT) often encompasses a stack of cybersecurity solutions and security best practices that help organizations defend against malware and cyber-attackers.
A
Agent
In IT, an agent is generally known as a software agent. Software agents are responsible for automating actions, for example, archiving computer files. Agents often run in the background on a preset schedule.
A
Amazon Web Services (AWS)
Amazon Web Services (AWS) is a cloud platform encompassing platform as a service (PaaS), software as a service (SaaS), and infrastructure as a service (IaaS). There are more than 100 services within AWS, including compute, storage, data management, networking, and more.
A
Anomaly
In terms of IT and security, an anomaly is an unexplained output that differs from the norm or what is intended.
A
API Attack
An API attack happens when an attacker attempts unauthorized use of an API service. For example, in an API injection attack, an attacker may inject malicious code after exploiting a coding or misconfiguration issue to get software access. There are other times of API attacks such as Distributed Denial of Service (DDoS), Man in the Middle (MITM), SQL injection, broken user authentication, and others
A
Application Programming Interface (API)
An Application Programming Interface, also known as an API, is a technology that enables two applications to communicate with one another. An API requests information or services from one system to another.
A
Application Security
Application security commonly refers to the processes an organization uses to develop, update, and test application components to remove security vulnerabilities an attacker may be able to exploit.
A
Asset
An asset is any type of hardware or software within an IT environment. With rapid technology innovation and adoption, the list of items considered assets evolve. Some examples include computers, servers, laptops, tablets, smartphones, printers, routers, operational technologies, internet of things (IoT) devices, industrial internet of things (IIoT) devices, as well as software, firmware, licenses, and more.
A
Asset Inventory
An asset inventory is a way an organization tracks and documents details of all of its assets. This inventory isn't just for devices and hardware. It can also include intangible assets, for example, data or intellectual property.
A
Attack Path
An attack path is a path an attacker can take to exploit security weaknesses and gain access to assets within your network. The attack path enables the attacker to move between assets.
A
Attack Surface
An attack surface is all of the possible points within an enterprise an attacker could potentially gain unauthorized access and exploit security weaknesses to access systems, networks, and data.
A
Attack Vector
An attack vector is a way an attacker can gain unauthorized access to an asset and then exploit vulnerabilities and other security weaknesses.
A
Authentication
In IT, authentication is a way to verify that an asset, process, or user can access certain system resources. It's a way to validate the identity that the asset, user, or process is who it claims it is.
A
Bandwidth
Bandwidth is the maximum volume of data a system can transmit from one point to another, across a network, during a certain amount of time. Bandwidth is measured in megabits per second (Mbps).
B
Behavioral Analysis
In cybersecurity, behavior analysis is a way to evaluate how users and other assets, for example, servers and networks, behave in your environment. Today, many behavior analyses are conducted through analytics tools such as machine learning and artificial intelligence (AI). By analyzing and understanding normal behavior patterns, teams can better identify when there are changes that could indicate a potential security threat or incident.
B
Botnet
A botnet represents a computer network that may be infected with malware and is often controlled by an attacker group with unauthorized access. The goal is to conduct activities the network owner is unaware of, for example, to spam other computers or conduct DDoS attacks.
B
Breach
A breach is often referred to as a cyber breach. A breach is a security incident that results in the exposure of confidential data or protected information.
B
Breach Response
Breach response represents the actions an organization may take to respond to and recover from a security breach. The goal is to mitigate damage and resume business as usual as quickly as possible with minimal impact on operations.
B
Broken Access Control
Broken access controls allow attackers to access data and files. With broken access controls, attackers can change data, amend access rights and get access to other unauthorized functionalities within a system.
B
Center for Internet Security (CIS)
The Center for Internet Security (CIS) is a nonprofit responsible for CIS Controls and CIS Benchmarks. The organization is known around the world for the leading role it plays in establishing best practices to help organizations secure data and IT systems.
C
CIS Benchmarks
CIS Benchmarks are best practices to help organizations secure a target system. There are 100 CIS Benchmarks that span more than 25 vent families. According to the Center for Internet Security, these benchmarks "are the only consensus-based, best-practice security configuration guides both developed and accepted by the government, business, industry, and academia."
C
CIS Critical Security Controls
CIS Critical Security Controls are best practice actions organizations can take for cyber defense and to prevent cyber attacks. The controls are considered high-priority and effective. Organizations looking to implement or mature cyber hygiene practices can use CIS Security Controls as a starting point for a cybersecurity program.
C
Cloud
Instead of operating on-premises like traditional IT, in technology, the cloud refers to services and software offered through the web. This is generally through a network of servers, many operating simultaneously around the world.
C
Cloud Access Security Broker (CASB)
A cloud access security broker (CASB) consists of hardware and/or software that serves as a link between the cloud services provider and its users. A CASB can either be cloud-hosted or on-premises and generally serves as a security policy enforcement point.
C
Cloud Application
A cloud application is software users can access in the cloud via the internet. Unlike a traditional application that might be installed directly on a computer from a disc or other hardware, a cloud application is managed by a server and not a user's computer.
C
Cloud Application Virtualization
Cloud application virtualization enables users to access a cloud application on computers other than the one an application is installed on. Generally, these applications are set up on servers and a user can access it through a remote connection.
C
Cloud Application Visibility
A cloud application vulnerability is a vulnerability within a cloud environment in which an attacker may be able to exploit a misconfiguration or other security issue to gain unauthorized access to an asset.
C
Cloud Architecture
Cloud architecture represents all of the elements that make up your cloud computing environment. Cloud architecture may look different from one organization to the next. It generally consists of a front-end component, for example, the device to access the cloud; a back-end element, for example, storage and servers; a cloud-based delivery model, for example, infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS); and a network.
C
Cloud Attack Surface
A cloud attack surface represents all of the components within and connected to a cloud environment in which an attacker could discover a security weakness and exploit it to gain unauthorized access to the environment.
C
Cloud Computing
Cloud computing consists of all of the components required to deliver cloud-based services through the web. This could include software and networks, but also hardware, storage, and more. Many organizations are moving from on-premises technologies because of the cost savings, flexibility, and scalability cloud computing offers.
C
Cloud Control Plane
A cloud control plane facilitates orchestration and management activities across a cloud computing environment, for example, items such as user and role creation, configuration guidelines, and access management.
C
Cloud Cost Containment
Cloud cost containment, which is also known as cloud cost management or cloud cost management, is a process to efficiently manage and optimize cloud computing-related expenses.
C
Cloud Enablement
Cloud enablement is a process that looks at an organization's existing IT infrastructure (for example, hardware, software, and other assets), and develops a plan to create, deploy and manage either a cloud infrastructure, which could be a public, private or hybrid environment.
C
Cloud Firewall as a Service (FWaaS)
A cloud firewall filters unauthorized network traffic hosted within a cloud. It serves as a perimeter for a cloud environment. Cloud Firewall as a Service (FWaaS) is a service that operates within a cloud environment to create a barrier between your cloud resources and malicious activities.
C
Cloud Infrastructure
Cloud infrastructure represents all of the components needed to operate a cloud computing environment, for example, hardware, storage, and other resources.
C
Cloud Infrastructure Entitlements Management (CIEM)
Cloud Infrastructure Entitlements Management (CIEM) are solutions to help organizations manage access privileges for cloud environments. Also known as Cloud Permissions Management (CPM), these solutions embrace a least-privilege access approach to manage permissions related to cloud resource access.
C
Cloud Migration
Cloud migration represents the planning, development, and implementation of moving an organization's resources from a traditional IT environment, for example, hosted by on-site servers, into a cloud-computing environment. Cloud migration generally involves the movement of all or some of an organization's data, as well as other applications or services, to a cloud environment, for example, Microsoft Azure, Google Cloud Services, or Amazon Web Services.
C
Cloud Native
Cloud native is a term used to define applications built and run within the cloud. These applications are generally lightweight containers and enable the efficient deployment, as well as flexibility and scalability, across a range of environments.
C
Cloud Security
Cloud security is made up of processes, tools, resources, and policies to protect all of your data and resources stored off-premises and in the cloud. It continually assesses all of the assets within your cloud environments so you can discover and remediate vulnerabilities, misconfigurations, and other security issues to keep your organization safe.
C
Cloud Security Gateway
Cloud security gateways are also sometimes referred to as cloud access security brokers (CASB). A cloud security gateway represents the enforcement points an organization places between a cloud services environment and its consumers to enforce security policy at various points. These gateways can be either cloud-hosted or on-premises.
C
Cloud Security Posture Management (CSPM)
Cloud security posture management (CSPM) represents the tools and resources an organization may use to seek out cloud-based issues such as misconfigurations or other compliance or security risks. CSPMs generally alert security teams when they identify security or compliance issues within a cloud environment.
C
Cloud Security Tools
Cloud security tools consist of the policies, processes, procedures, technologies, and other resources an organization uses to reduce cloud security risks and identify security weaknesses.
C
Cloud Service Provider (CSP)
A cloud service provider (CSP) provides cloud-based services, for example, cloud-computing infrastructure, applications, storage, and other services. Some well-known CSPs include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
C
Cloud Vulnerability
A cloud vulnerability is a security weakness, for example, a misconfiguration or other security issue, that an attacker may be able to exploit to gain access to your cloud-based environment.
C
Cloud Workload Protection Program (CWPP)
A cloud workload protection program (CWPP) is a program that helps secure and manages workloads within and across cloud environments. CWPP approaches cloud security from a workload level, not at a typical endpoint perspective.
C
Cloud Workload Segmentation
Cloud workload segmentation is a process that creates rules to govern and manage access and services between different cloud workloads.
C
Cloud-Based Delivery Model
A cloud-based delivery model represents the way cloud computing services are delivered. Determining which model is best for an organization depends on a range of unique factors; however, there are three common cloud-based delivery models, IaaS, PaaS or SaaS.
C
Cloud-Native Application Protection Platform (CNAAP)
A cloud-native application protection platform (CNAAP) is a type of cloud security architecture that helps protect cloud applications from development through production. There are several benefits of adopting a CNAAP; for example, more visibility into cloud-based environments and earlier detection of cloud-based risks.
C
Common Weakness Enumeration (CWE)
A Common Weakness Enumeration (CWE) is a unified language used to address software vulnerabilities that might exist in development, code, design, or within architecture. The MITRE Corporation manages the CWE database and each CWE reflects a security weakness type. It's different from a CVE, which is a known instance of a specific vulnerability.
C
Compliance
In terms of privacy and security, compliance refers to an organization's ability to demonstrate it meets a set of specific requirements or standards that are managed or overseen by a third party. For example, healthcare organizations must demonstrate data security and privacy requirements through HIPAA audits.
C
Compliance as a Service (CaaS)
Compliance as a Service (CaaS) is often overseen by a managed service provider (MSP), which supports organizations by ensuring they're meeting requirements for specific compliance mandates.
C
Compliance Framework
A compliance framework outlines specific requirements or guidelines an organization must meet to demonstrate it's in compliance with a specific set of mandates or other requirements. There is a range of compliance frameworks available today that cover a gamut of the industry, state, federal and other requirements, for example, privacy frameworks, security frameworks, risk management frameworks, and others.
C
Computer Security
Computer security may also be referred to as information security or cybersecurity. Computer security encompasses all of the processes, tools, and resources used to protect computer systems, for example, your network or other environments, from potential breaches or other security issues.
C
Configuration
In information security, configuration refers to how systems, for example, hardware, software, or applications, are set up and managed.
C
Configuration Control
Configuration control refers to the processes used to manage any changes made to hardware or software within a computing environment.
C
Configuration Management
Configuration management establishes processes that ensure approved, consistent approaches are used when changes are made to a computing environment's functionality and performance.
C
Container
A container is a type of virtualized operating system. It packages an application and all of its needed components, for example, its libraries, as a run-time environment.
C
Container Environment
A container environment ensures containers have access to important resources, for example, information about the container and other objects, as well as the filesystem that includes the container image and its related volumes.
C
Container Image
A container image is a file of executable code that enables an application to run. It cannot be changed and helps ensure consistent deployment across any environment type.
C
Container Image Tag
A container image tag is a specific release or version of an application hosted inside of a container (for example, 14.04).
C
Container Registry
A container registry is a storage location for container images. Container registries enable developers and continuous integration (CI) systems to store pushed containers.
C
Container Security
Container security encompasses all the people, tools, and resources an organization uses to secure containers to ensure applications perform as intended.
C
Content Delivery Network (CDN)
A content delivery network (CDN) is a group of servers, which are generally in different geographical locations, that work together to deliver web content. It helps make content delivery faster by storing the content in areas closer to users.
C
Continuous Deployment
Continuous deployment is a development practice where operations (or DevOps) automatically push successfully tested builds to production environments. Continuous deployment makes this test builds immediately available.
C
Continuous Deployment (CD) System
A continuous deployment system enables monitoring for successful builds that have passed tests, which can then move into production environments. Essentially, a CD system automates successful build deployment.
C
Continuous Integration
Continuous integration is a process that enables developers to integrate code into a shared source control repository, routinely, as authorized changes occur.
C
Continuous Integration (CI) System
A continuous integration system monitors source control commits, such as merged pull requests in GitHub, to automatically trigger a build (to test) when there is a change in source control.
C
Continuous Integration and Continuous Deployment (CI/CD) System
Continuous integration and continuous deployment system monitor source control commit, such as merged pull requests in GitHub, to automatically trigger a build (to test) when there is a change in source control. When the build and test phase is successfully completed, the successful builds are pushed to production environments. This automates the deployment of a successful build.
C
Continuous Network Monitoring
Continuous network monitoring, for example with Nessus Network Monitor, enables non-intrusive insight into assets throughout all environments to discover vulnerabilities, traffic and bandwidth issues, misconfigurations, and other security issues.
C
Credential Stealing
Credential stealing is a type of cyber-attack where a threat actor obtains a user's identity, for example, username and password, to attempt unauthorized access into a system or network.
C
Credential Stuffing
In credential stuffing, an attacker will use automated tools to inject lists of stolen credentials, for example, username and password, to attempt unauthorized access into a system or network.
C
Credentialed Scan
A credentialed scan, also known as an authenticated scan, uses system privileges to conduct a deep evaluation of an asset. It's different from a non-credentialed (or unauthenticated) scan, which provides a higher-level look at vulnerabilities and other issues through exposed ports, protocols, and other services.
C
Cross-Site Request Forgery (CSRF)
OWASP defines cross-site request forgery as an attack that "forces an end user to execute unwanted actions on a web application in which they’re currently authenticated."
C
Cross-Site Scripting (XSS)
Inserting malicious code on websites to target visitors.
C
CVE
CVE is an abbreviation for Common Vulnerabilities and Exposures, which is managed by the MITRE organization. It's a database of common, publicly disclosed computer flaws and security issues such as vulnerabilities.
C
CVSS Score
A CVSS score stands for the Common Vulnerability Scoring System. It enables organizations to evaluate security vulnerabilities and numerically score them to determine which may pose the greatest risk for an organization and ultimately drive prioritization and remediation processes.
C
Cyber Attack
A cyber attack, also known as a cyber breach, happens when an unauthorized user, often referred to as a hacker, attempts to gain unauthorized access to an asset, system, or network. While motivations vary from attack to attack, often common goals include disabling access, damaging, exfiltrating, encrypting data, or facilitating other attacks.
C
Cyber Defense
Cyber defense is a strategy organizations use to prevent cyber attacks.
C
Cyber Exposure
Pioneered by Tenable, Cyber Exposure is a discipline that helps organizations see, predict and act on cyber risks across the entire attack surface. Built on principles of risk-based vulnerability management, Cyber Exposure management best practices introduce a common risk-focused and metric-based language that everyone understands—from security and IT Ops to executive leadership and key stakeholders.
C
Cyber Exposure Gap
A Cyber Exposure gap represents the vulnerabilities, misconfigurations, and other security issues an organization should find, prioritize and mitigate or remediate to mature its cybersecurity posture.
C
Cyber Exposure Lifecycle
The Cyber Exposure lifecycle is a framework organization can use to continuously assess the health and security of their cybersecurity program. Organizations that apply the Cyber Exposure lifecycle to their cybersecurity program should be better enabled to answer questions such as: where is the organization exposed? Where should the organization prioritize based on risk? Is the organization reducing exposure over time? How does the organization compare to its peers?
C
Cyber Exposure Score (CES)
Tenable’s Cyber Exposure Score (CES) is an objective measure of cyber risk, automatically calculated based on threats discovered vulnerabilities pose, the probability attackers may leverage the vulnerability, the criticality of the affected asset, and the predicted impact if the attack is successful.
C
Cyber Hygiene
Cyber hygiene is a term used to define all of the processes and practices an organization takes to establish, manage, improve and maintain security standards to protect assets, users and data.
C
Cyber Risk
Cyber risk is a term used for any potential damages an organization may face should it be compromised by a cyber attack. NIST defines cyber risk as "the risk of depending on cyber resources (i.e., the risk of depending on a system or system elements that exist in or intermittently have a presence in cyberspace)." NIST says that risk may include, "risk of financial loss, operational disruption, or damage, from the failure of the digital technologies employed for informational and/or operational functions introduced to a manufacturing system via electronic means from the unauthorized access, use, disclosure, disruption, modification, or destruction of the manufacturing system."
C
Cyber Risk Management
Cyber risk management includes all of the practices an organization uses to discover, analyze, protect, respond to and recover from any potential cybersecurity vulnerabilities or threats.
C
Cyber Threats
Cyber threats are weaknesses an organization may have that an attacker could potentially exploit to gain unauthorized access to systems or data. As enterprises evolve, so does the cyber threat landscape, which can include vulnerabilities, misconfigurations, or other security issues created by assets, users, or other network and system components.
C
CyberScope
CyberScope is a platform an organization can use to manage reporting related to the Federal Information Security Management Act (FISMA). The United States Depart of Homeland Security (DHS) mandates CyberScope for this reporting.
C
Cybersecurity
Cybersecurity represents all of the practices and processes an organization uses to secure all of its assets and data from a potential cyber attack. CISA defines cybersecurity as, "the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information."
C
Cybersecurity Lifecycle
There are five stages of a cybersecurity lifecycle based on NIST's Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover. An organization can use the voluntary framework as a guideline to establish cybersecurity best practices.
C
Cybersecurity Risk
Cybersecurity risk represents vulnerabilities and other security issues an organization may have that could potentially result in unauthorized access to any of its systems, networks, or data.
C
Data Classification
In information security, data classification represents how an organization organizes all of its assets, including value assignments, to help guide decisions on which assets are critical, should be protected, and how.
D
Data Protection
Data protection is how an organization protects its data to prevent unauthorized access or compromise. In a healthcare, organization, data protection encompasses all of the processes used to protect data confidentiality, integrity and availability.
D
Denial Of Service (DoS)
Denial of service, also known as DoS, is a type of cyber attack that can prevent authorized users from accessing a network or device.
D
Deserialization
OWASP defines deserialization as a process that takes data in one format and rebuilds it into an object, for example, serializing data with JSON.
D
DevOps
DevOps is an abbreviation for development and operations. DevOPs integrates the two disciplines to improve the speed, accuracy, and security of software or an application during the software development lifecycle.
D
Distributed Denial Of Service (DDoS)
In a distributed denial of service attack, also known as DDoS, an attacker, or a group of attackers, will flood a server (or multiple servers simultaneously) to stop authorized users from being able to access certain services or sites.
D
DLP
DLP is an abbreviation for data loss prevention. DLP represents all of the components an organization uses to discover and protect its data against any weaknesses that might lead to unauthorized access.
D
Docker
Docker is a containerization platform developers use to put their applications into containers so all of the components needed to run the application will function in any environment.
D
Domain Admin
A domain admin is short for a domain administrator. Domain admins are responsible for managing a domain's access privileges.
D
Double Extortion Ransomware
Double extortion ransomware is a type of ransomware attack where, in addition to successfully infiltrating an organization to encrypt data, an attacker will also exfiltrate some or all of the data in an attempt to collect even more ransom.
D
Dynamic Threat Assessment (DTA)
Dynamic threat assessment, DTA, is a process the U.S. Defense Intelligence Agency (DIA) created to assess the capabilities and intentions of adversaries as related to each Joint Strategic Capabilities Plan.
D
Effective Permissions
Effective permissions are used in Active Directory to grant a user access to an Active Directory object, for example, a file or a folder a user or user group may access.
E
Encryption
Encryption is a process used to change data into a type of code that's designed to prevent unintended users from gaining access to that data or information.
E
End User
In information technology, an end user is a person that has access to an organization's assets to perform job requirements.
E
Endpoint
In cybersecurity, an endpoint refers to a device that is at an endpoint on a network, for example, a computer, smartphone or laptop.
E
Endpoint Protection
Endpoint protection represents the processes an organization uses to protect all of its endpoints, such as computers, laptops, smartphones, tablets, and other devices that may be susceptible to a cyber attack.
E
Endpoint Security
Endpoint security includes all the resources an organization uses to protect all of its assets from cyber breaches. It's commonly used on devices such as computers, tablets, laptops, and smartphones.
E
Enterprise
In InfoSec, the term enterprise is used to describe all of the information and communications systems an organization may use to support its business functions.
E
Enterprise IT Security
Enterprise IT security represents all of the processes an organization uses to protect its data and assets, including identifying and remediating vulnerabilities, misconfigurations, and other security issues that may put it at risk of a cyber attack.
E
Entitlements
In information security, entitlements are data structures that determine user access.
E
Environment
In InfoSec, the term environment is used to describe all of the infrastructure, hardware, software and other resources an organization uses for daily business operations.
E
Ethical Hacking
Ethical hacking is a cybersecurity testing method whereby a hacker is authorized to attempt to get access to a network, data, or other asset.
E
Exploit
In cybersecurity, an exploit is generally a type of tool an attacker uses to take advantage of a vulnerability or security weakness within an information system.
E
External Testing
In cybersecurity, external testing is a type of vulnerability assessment that analyzes an organization's external-facing assets to identify if there are any potential security weaknesses an attacker may be able to exploit.
E
Firewall
In cybersecurity, a firewall is a device an organization uses to monitor and filter data that flows into and out of its network through a set of pre-set security policies.
F
FISMA
FISMA is an abbreviation for the Federal Information Security Management Act. Congress passed it 2002 as a set of standards for federal information cybersecurity practices.
F
Gateway
A gateway in cybersecurity refers to a node within a network between two different networks or applications. It usually is between two networks or applications that have different transmission protocols.
G
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a set of privacy and security regulations established within the European Union (EU). It is considered one of the toughest such policies in the world and applies to organizations, even those located outside the EU, if they collect data from EU residents.
G
Google Cloud Platform (GCP)
Google Cloud Platform (GCP) is a tool developer can use to create, deploy and scale a range of services, for example, websites and applications, within a cloud infrastructure Google offers.
G
Governance
In InfoSec, governance refers to the people, processes, and policies that guide privacy, security, compliance, and other critical business areas to ensure consistent practices across an organization.
G
HIPAA
HIPAA is a common abbreviation used for the Health Insurance Portability and Accountability Act of 1996, which created national standards in the U.S. to protect and secure the confidentiality, availability, and integrity of personal health information (PHI).
H
Hybrid Cloud
A hybrid cloud is used to describe an IT infrastructure that includes applications that operate within different environments, for example, when some apps are in a public cloud and when others are in a private cloud.
H
Identity Access Management (IAM)
Identity Access Management (IAM) is a process IT teams use to ensure the right people have the right access to information and resources needed to do their jobs and prevent unauthorized users from accessing data, systems or assets.
I
Identity Security
Identity security enables organizations to control user authentication, for example, user identities and access, to ensure authorized and secure access into systems and networks. It's a component of IAM.
I
Image
An image is an application hosted inside of a container image file (for example, ubuntu:14.04).
I
Image Scanning
Image scanning is a process that helps uncover vulnerabilities or other security issues within a container.
I
Image Tag
An image tag is a specific release or version of an application hosted inside of a container (for example, 14.04).
I
Incident Response
In cybersecurity, incident response refers to how the plans, processes, and policies an organization uses to manage actions when faced with a disruptive incident, for example, a cyber breach.
I
Industrial Control Plane (ICP)
An industrial control plane (ICP) is a component of a programmable logic control (PLC) within an ICS network. There are two protocol types: the control plane protocol for managing engineering functions such as programming, configuration and updates for firmware; and the data plane protocol for managing physical parameters of ongoing processes such as process parameters like set points and tags. If a cyber attack disrupts or affects a control plane, it can cause a myriad of problems, including failure of critical services, such as power, or the development of defective products.
I
Industrial Control System (ICS)
An industrial control system (ICS) is the main component of operational technology. An ICS includes different types of devices, controls, systems, and networks that manage industrial processes.
I
Industrial Control System (ICS) Security
Industrial control system security (ICS) includes the processes, hardware, and software used to secure an ICS. ICS security solutions include detailed visibility, asset inventory, passive and active threat detection, risk-based vulnerability management, and configuration control. Maintaining ICS security is essential to decrease risks from internal and external threats and to keep most industrial operations up and running.
I
Industrial Internet Of Things (IIoT)
Industrial Internet Of Things (IIoT) refers to the use of IoT devices within industrial environments. IIoT devices help provide telemetry data and leverage the cloud rather than require manual intervention, thereby increasing efficiencies and reducing the chance of errors.
I
Industrial Security Management
Industrial security management includes processes to ensure industrial control systems (ICS) are safe and secure. Security management practices include visibility, security, and control elements. Protecting industrial plants involves significantly minimizing potential risks and achieving affordable and minimally disruptive security for all assets, including industrial automation networks. Organizations should design and manage security so it does not conflict with other important requirements such as performance output, uptime, and workforce-friendliness. Securing automation networks is the largest challenge in industrial security management today.
I
Industry 4.0
Industry 4.0 refers to the Fourth Industrial Revolution and represents the digitization and increasing automation in industrial settings today.
I
Information Rights Management (IRM)
Information Rights Management (IRM) manages user access to certain sensitive data or systems to ensure unauthorized users don't have access. IRM is a component of digital rights management (DRM)
I
Information Security
Information security refers to all the resources an organization uses to manage and mitigate information security risks. Also referred to as InfoSec, it's how organizations prevent unauthorized access to data, networks and other assets.
I
Infrastructure
In InfoSec, infrastructure refers to all of the facilities, hardware, software, and other supporting services necessary to enable IT business services, including on-prem and cloud-based technologies.
I
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) is a cloud-based service where organizations can access virtualized resources via the internet such as operating systems, networks, servers, storage, and other cloud foundation needs.
I
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) enables organizations to automate security and operations in virtualized and cloud infrastructure in terms of source code so that infrastructure can be provisioned in a data center.
I
Insider Threat
An insider threat is a security risk when an insider, for example, an employee, vendor, supplier, contractor, or others, (either on purpose or not) harms an organization's assets, data, systems, network, intellectual property, and other components.
I
Integration
In information technology, the integration creates a data pipeline that connects data and assets across an enterprise.
I
Internal Testing
In InfoSec, internal testing is a vulnerability assessment tool that organizations can use to conduct a full authorized scan of an environment to discover vulnerabilities and other security issues such as misconfigurations. It's a process used to discover known and unknown security issues within an enterprise and to see if security controls function as intended.
I
Internet Of Things (IoT)
Internet Of Things (IoT) is comprised of interconnected devices that collect and send data to other devices over a network and generally happen without human interaction. It’s machine-to-machine communication over a network.
I
Internet Security
Internet security includes processes used to secure internet resources such as websites, networks, browsers and other online behaviors.
I
IoT Security
IoT security includes all of the processes, hardware, resources, and tools used to manage and keep IoT devices safe.
I
ISO 27000
ISO 27000 is a set of security standards the International Organization for Standardization (ISO) manages for information security management systems (ISMS). According to the ISO, these standards "enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties."
I
IT
IT is an abbreviation for information technology. Information technology refers to all of the processes related to information networks within an organization, for example, data pipelines and assets, to ensure all hardware, software, data and other components function and are secure to ensure operational resilience.
I
IT Security
IT security includes all of the processes, hardware, resources, and tools used to manage and keep your information security infrastructure safe from security weaknesses and potential breaches.
I
IT/OT Convergence
IT-OT convergence is when IT and OT devices connect or interact with one another within the same environment. This can happen intentionally, for example, when an OT device connects to an outside network, or accidentally, for example, when someone connects a laptop (that has been connected to an outside network) to an OT device for updates.
I
IT/OT Security
IT/OT security includes all of the people, tools and resources an organization needs to secure both its IT environment and OT environment, particularly in places where IT/OT converge.
I
Kubernetes
Kubernetes is an open-source orchestration platform organizations use to automate key processes in cloud-native application development. Designed originally by Google, the Cloud Native Computing Foundation now manages it. Kubernetes can help organizations manage and scale containers in cloud environments.
K
Kubernetes Security Posture Management
Kubernetes Security Posture Management, also known as KSPM, is a cybersecurity tool that helps organizations discover and remediate security issues within Kubernetes, a resource many organizations use to manage their container environments.
K
Lateral Movement
In cybersecurity, lateral movement refers to the way attackers move through an environment. Once an attack compromises an asset or endpoint, the attacker can then move deeper into a network, often undetected.
L
Least Access Privilege (or Least Privilege Access)
Least access privilege (or least privilege access) is also sometimes referred to as the principle of least privilege (POLP). With least access privilege, a user has a minimal level of access rights, generally, the lowest level needed for a specific role or task.
L
Log4Shell
CVE-2021-44228, also known as Log4Shell, is a critical flaw in the Apache Log4j software. Log4j is a widely used Java logging library included in Apache Logging Services used to log messages from an application or service, often for debugging purposes. An attacker can exploit Log4Shell by sending a specially crafted request to a server running a vulnerable version of Log4j. If the server uses Log4j to log requests, the exploit will then request a malicious payload from an attacker-controlled server through the Java Naming and Directory Interface (JNDI) over a variety of services, such as Lightweight Directory Access Protocol (LDAP).
L
Machine Learning
Machine learning is a computing method that uses data and other information to continuously improve task performance.
M
Malware
Malware is software that's developed with a specific malicious intent, for example, to disrupt an asset or network, to gain unauthorized access into systems, or to steal, modify, delete or encrypt data or other assets.
M
Malware Scanner
Organizations use malware scanners to scan assets or networks for malicious software or code, for example, a virus on a computer.
M
Man-in-the-Middle (MitM) Attacks
Man-in-the-middle attacks (MitM) compromises users through insecure networks such as public WiFi.
M
Microsegmentation
In cybersecurity, microsegmentation is a process that enables InfoSec professionals to create security segments within a data center, all the way down to an individual workload level, and then develop specific security controls and services for each of those different segments.
M
Microsoft Azure
Microsoft Azure is Microsoft's public cloud computing platform. Azure offers a range of services such as PaaS, IaaS and managed database services.
M
Misconfiguration
In information security, a misconfiguration refers to when software, a device, or a system is configured improperly, which could facilitate unauthorized access or other security issues.
M
MSP
MSP is an abbreviation for a managed services provider. An MSP is responsible for services such as providing infrastructure, security, applications, support, administration, and other services for its clients. This may be accomplished through an MSPs own data center or the MSP may work directly with a third-party services provider. Many MSPs offer continuous monitoring services.
M
MSSP
MSSP is an abbreviation for a managed security services provider. An MSSP is responsible for managing a client's security devices, processes, and systems. For example, an MSSP may manage VPNs, and firewalls, or offer vulnerability scanning and other cybersecurity-related services.
M
Multi-Cloud
Multi-cloud is a cloud computing model that uses a combination of cloud-based services, for example, a public and private cloud or other combinations of public, private, and edge cloud services.
M
Multi-Tenant
Multi-tenant is a type of software architecture where one instance of the software and its supporting services serve multiple clients, which are called tenants.
M
National Cybersecurity Federally Funded Research and Development Center (FFRDC)
MITRE operates the National Cybersecurity Federally Funded Research and Development Center (FFRDC). It is a federally funded research and development center that supports NIST's National Cybersecurity Center of Excellence and is designed to help organizations meet pressing cybersecurity needs.
N
National Institute of Standards and Technology (NIST)
Founded in 1901, the National Institute of Standards and Technology (NIST) is a part of the U.S. Department of Commerce. It manages a range of security standards, for example, the NIST Cybersecurity Framework. While NIST compliance is mandatory for federal agencies, its guidelines are considered best practices across industries.
N
NERC CIP
NERC CIP stands for the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP). NERC CIP is a set of standards to help ensure security and operational resilience for North America's Bulk Electronic System (BES).
N
Nessus
Developed by Tenable, Nessus is a vulnerability scanning tool that continually monitors assets for vulnerabilities and other security weaknesses. Nessus identifies vulnerabilities that need attention with high-speed, accurate scanning and highlights which vulnerabilities an organization should address first.
N
Network Monitor
A network monitor is a tool that continuously monitors an environment to discover assets and related vulnerabilities and security issues. Network monitors enable non-intrusive continuous visibility into a network for all assets such as traditional IT, mobile devices, cloud-hosted applications and assets, operational technologies, operating systems, databases, endpoints, web apps, virtual machines, network devices, hypervisors, and more. Network monitors analyze network traffic at a packet level to uncover vulnerabilities, both server and client-side, and monitor network usage. A network monitor can also discover PII and sensitive data in transit, as well as identify port scans and other port-related activities. A network monitor can detect suspicious activities and enable teams to prevent attackers from compromising a network, data, and systems.
N
Network Monitoring System
A network monitoring system includes hardware and software to monitor network traffic. Continuous network monitoring, for example with Nessus Network Monitor, enables non-intrusive insight into assets throughout all environments to discover vulnerabilities, traffic and bandwidth issues, misconfigurations and other security issues.
N
Network Monitoring Tools
Network monitor tools continuously monitor a network and assets for security and other issues. They enable non-intrusive and continuous visibility into networks with visibility into network traffic at the packet level to seek out server and client-side vulnerabilities, including new and transient assets.
N
Network Security
Network security includes all of the program, policies, processes, tools, and resources used to protect networks for potential cyber breaches and other security issues, for example, unauthorized access.
N
Network Segmentation
Network segmentation divides a network into smaller segments so InfoSec teams can manage them individually and apply different controls and other policies to each segment.
N
Next Generation Firewall (NGFW)
A next generation firewall (NGFW) is a type of firewall organizations can use to uncover and stop potential attacks by enforcing policies at different levels, for example at the application, port or protocol level.
N
NIS Directive
The Network and Information Systems (NIS) Directive is a set of cybersecurity regulations that apply to the European Union (EU), specifically operators of essential services (OES) and relevant digital service providers (RDSPs). It creates a uniform set of standards to improve security for networks and information systems to help prevent cyber-attacks and exploitation of other security issues.
N
Non-Credentialed Scan
A non-credentialed scan, also known as an unauthenticated scan, enables insight into how a threat actor might exploit a network through exposures without using credentials.
N
On-Premises
On-premises, often referred to as on-prem, is when a computing environment, for example, all of the hardware and software infrastructures, is set up within an organization's facility. On-prem infrastructure keeps all data and core services within a private network, which can only be accessed by authorized users.
O
Online Vulnerability Scanner
An online vulnerability scanner is a type of external scanner that seeks out vulnerabilities within your website or network.
O
Open Source
Open source software is a type of code that can be publicly distributed, changed, or used by anyone.
O
Open Web Application Security Project (OWASP)
The Open Web Application Security Project, commonly referred to as OWASP, is a nonprofit organization focused on improving software security.
O
OpenShift
OpenShift from Red Hat is a Kubernetes management platform.
O
Operational Technology (OT)
Organizations use operational technology, also known as OT, to keep critical infrastructure and industrial environments functioning. OT includes software and hardware to manage, secure and control industrial control systems (ICS) systems, devices and processes in an OT environment. OT devices are commonly found in manufacturing, transportation, oil and gas, electricity and utilities and other similar industries.
O
Organization Admin
An organization administrator, or organization admin, is a person within your InfoSec team responsible for identity and access management (IAM) for your organization. This includes related policy and user access role management.
O
OT Security
OT security consists of processes to protect all hardware, software and devices within OT infrastructure, including steps to manage and monitor OT devices from internal and external attacks and other cyber risks.
O
OWASP Top 10
According to the OWASP foundation, the OWASP Top 10 is, "is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications."
O
Passive Scanning
Passive scanning enables organizations to configure an automated system to continuously monitor a network, instantly identifying new assets, rogue assets, or transient assets, and activating alerts whenever issues arise outside of preset baselines.
P
Patch
A security patch generally fixes a discovered security weakness or other issues within deployed software or services. These patches are often required because the issues were not undetected during the development and testing phases and need to be corrected in deployed environments.
P
PCI DSS
PCI DSS is an abbreviation for the Payment Card Industry Data Security Standard. These standards outline how organizations that handle credit card data should protect the confidentiality, integrity and availability of that sensitive and protected data.
P
Penetration Testing
Penetration testing, also referred to as pen tests or pen testing, detects weaknesses in an attack surface. Vulnerability assessment programs find these weaknesses so teams can fix them before attackers exploit the weaknesses. Pen testing is a stand-alone activity. A third-party often conducts pen tests. Penetration testing gives insight into how effective vulnerability assessment and vulnerability management programs are.
P
Persistent Threat
A persistent threat is a cyber-attack where, once inside a network, an attacker remains undetected for an extended period of time.
P
Phishing
Phishing is a social engineering attack method where an attacker sends a malicious email with the intent of tricking a user into revealing sensitive information, for example, usernames and passwords or financial information. These emails often look like they come from a legitimate source, but are not.
P
Platform as a Service (PaaS)
A platform as a service (PaaS) is a cloud-based model that provides hardware and software to support a full development environment that enables organizations to build and deploy applications.
P
Plug-in
A plug-in may also be referred to as an extension or add-on. Plug-ins generally add new features without having to modify the original software.
P
Predictive Prioritization
Predictive Prioritization combines Tenable-collected vulnerability data with third-party vulnerability and threat data to analyze them with an advanced data science algorithm Tenable developed. With Predictive Prioritization, each vulnerability gets a Vulnerability Priority Rating (VPR, which incorporates the result of this analysis and is updated on a daily basis including vulnerabilities yet to be published in the National Vulnerability Database (NVD).
P
Proxy Server
A proxy server is a middle point between a user and an endpoint, for example, the web. It's used to send information between a user and web-based services.
P
Ransomware
Ransomware is a type of malicious software attackers use to take control of a device, such as a server or other computer, with the intent of encrypting data and preventing access until a user pays a ransom.
R
Registry
A registry is a storage location for container images. The registry enables developers and continuous integration (CI) systems to store pushed containers.
R
Remote Access
Remote access is facilitated by hardware or software and enables a user to access network resources from outside of the network environment.
R
Repository
A repository is a storage location or namespace, within a registry, for an image.
R
Resources
In information security, resources refer to all of the components used within an enterprise to store or transmit data. This includes hardware, services, applications, software and other infrastructure components.
R
Risk
In InfoSec, a risk represents any potential threat to an organization's systems, services or data. Risk examples include vulnerabilities, misconfigurations, malware, and more.
R
Risk Analysis
Related to information security, a risk analysis identifies and analyzes an internal and external risk to determine how it may negatively impact an organization's ability to deliver products, goods, and critical services. While the terms risk analysis and risk assessment are often used interchangeably, they are not exactly the same. A risk analysis generally is a component of a larger-scale risk assessment.
R
Risk Assessment
In InfoSec, a risk assessment discovers and analyzes any potential internal and external threats that may impact an organization. While the terms risk assessment and risk analysis are often used interchangeably, they are not exactly the same. A risk assessment is generally a higher-level look at an organization's overall risk.
R
Risk Management
In cyber security, risk management refers to the processes an organization uses to discover, assess, prioritize, mitigate and remediate security threats—or security risks—within a technology environment.
R
Risk Prioritization
Cyber risk prioritization takes an in-depth look at an organization's risks and then, with risk intelligence, enables the organization to determine which threats pose the greatest actual risk so teams can make plans to remediate those that pose the most risk to critical services, data, and operations.
R
Risk Threshold
A risk threshold quantifies the greatest amount of cyber risk an organization is willing to accept. It is often used to help teams determine whether they will mitigate, remediate, accept or reject potential risks to an organization.
R
Risk Tolerance
Risk tolerance sets a baseline for the amount of risk an organization will accept based on specific strategies or goals.
R
Risk-Based Vulnerability Management
Risk-based vulnerability management (RBVM) is a subset of Cyber Exposure that helps organizations identify and manage cyber risks. RBVM uses machine-learning analytics to associate vulnerability severity and threat actor activity with asset criticality to enable organizations to prioritize and remediate the ones that cause the greatest risk and then prioritize those that create lesser risk.
R
Run-time
In DevOps, run-time enables the execution of a program or application.
R
Run-time Analysis
A run-time analysis seeks out any malicious or suspicious activities that may happen when a program or application executes.
R
Sandboxing
Sandboxing is a process developers use to isolate and test a program, system or application without having a negative impact on the environment in which it typically runs.
S
SCADA Security
Effective SCADA security employs both smart scanning and passive network monitoring to protect SCADA systems.
S
SCADA System
A supervisory control and data acquisition (SCADA) system is a control system that communicates with and collects data from industrial machines, sensors and end devices, often at distributed sites. SCADA transmits data to computers for processing and makes it available to operators and other employees.
S
Security Assessment
A security assessment is a process an organization can use to evaluate its security practices to determine if controls are functioning as expected. These assessments create an opportunity for organizations to close security gaps before a breach or other incident occurs.
S
Security Audit
A security audit is a type of assessment that evaluates an organization's security records, activities, document repository, and artifacts to determine how well it meets specific standards or requirements for data security.
S
Security Compliance
Security compliance ensures an organization has all of the processes, policies, documentation and controls in place to meet a certain set of security regulations or standards.
S
Security Framework
A security framework is a set of standards an organization can use to discover, assess and mitigate or remediate security risks across an enterprise.
S
Security Gap
A security gap identifies security weaknesses within an enterprise or directly related to standards or regulations that an organization should mitigate to reduce risk.
S
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) is a combination of technologies an organization can use for threat detection and incident management. Most SIEMs will analyze events in real-time and in the past to give an organization a full view of what's happening with its information security systems.
S
Security Maturity
Security maturity represents where an organization is in terms of meeting its security program goals and objectives. Many organizations will conduct a security assessment to determine a current security profile so they can establish a target profile to mature those practices.
S
Security Operations Center (SOC)
A security operations center, also known as a SOC, is a centralized spot that unites technologies, processes, people and other resources to continuously monitor and address security issues for an organization.
S
Security Orchestration and Automation (SOAR)
Security Orchestration and Automation (SOAR) is a combination of technologies and other resources that enable an organization to efficiently and effectively focus on risk identification and management, incident response and other security processes. SOARs automate and streamline security processes between multiple sources and individuals.
S
Security Posture
Security posture represents an organization's current information security status. It generally represents the visibility an organization has into its risks and what it's doing to mitigate and remediate those risks.
S
Security Threat
A security threat represents any risk, for example, an external attack or vulnerability, that puts an organization's systems, network or data at risk to be stolen, modified or otherwise disrupted in an unauthorized capacity.
S
Security Vulnerability
A security vulnerability is a weakness, bug or programming mistake in hardware or software attackers can exploit to compromise a network for unauthorized access to your data and systems.
S
Security Weakness
A security weakness, for example, a vulnerability, is a flaw, misconfiguration or other security issue an attacker may use to attempt an exploit.
S
Segmentation
In InfoSec, segmentation is a process used to divide a network into different components. With network segmentation, for example, each individual segment can design as a small network on its own.
S
Serverless Computing
Serverless computing is a type of cloud computing in which a cloud services provider (CSP) offers on-demand resource allocation for its clients. Some organizations choose serverless computing as a cost-savings model for cloud services.
S
Service Level Agreement (SLA)
A service level agreement (SLA) is an agreement between a service provider, for example, a cloud-hosting service, and a client. It is often used to determine the scope of a relationship or product offerings and includes information such as availability, service level and other relevant metrics.
S
Service Mesh
Service mesh is a term used in software architecture that refers to a specific layer of infrastructure an organization can use for communications between services or microservices.
S
Shared Responsibility Model
A shared responsibility model defines which processes in cloud security fall to the cloud services provider and which fall to the user.
S
Shift Left
In DevOps, the term shift left is used to describe a shift in the way DevOps team approach testing, quality and other evaluations of software development to an earlier stage in the process. It refers to moving those steps earlier in the SDLC.
S
SOC2
SOC2 stands for System and Organization Controls for Service Organization Control 2, which is overseen by the American Institute of CPAs (AICPA). These controls, which are voluntary, help organizations protect the security, availability, integrity, and confidentiality of customer data.
S
Social Engineering
Social engineering is practice attackers use to try to deceive a user into giving out sensitive or personal information, for example credentials, to use in a cyber attack. Phishing emails are an example of social engineering. These emails appear to be from a legitimate source and are designed to manipulate a user into releasing information they otherwise would not.
S
Software as a Service (SaaS)
Software as a service (SaaS) enables users to access cloud-based applications via the web without having to install the application on a device like traditional software. Instead, the application is available through the internet.
S
Software Development Lifecycle (SDL)
The software development lifecycle (SDL) is a process developers use to design, create, test, implement and maintain software while meeting certain customer and business-focused goals and objectives.
S
Software-Defined Wide Area Network (SD-WAN)
SD-WAN is a software-defined wide area network, which is often used as a virtual service to connect users to applications across a wide-area network (WAN) via a virtual private LAN service (VPLS) and multiprotocol label switching (MPLS).
S
SolarWinds
The SolarWinds Orion Platform is a network monitoring tool that attackers used in 2020 to exploit users' systems. Attackers hacked the platform code, which was included in an update sent out to customers, as a backdoor into systems where they then installed additional malware to spy on those customers. According to a SolarWinds report to the SEC about 18,000 customers were affected by the breach.
S
Spear Phishing
Spear phishing is a type of phishing attack that targets specific users or organizations to steal sensitive information with malicious intent.
S
SQL Structured Query Language (SQL) Injection
SQL Structured Query Language (SQL) Injection allows to attackers insert malicious code on a server and then use SQL to access sensitive information that otherwise would be inaccessible.
S
Supply Chain Attack
A supply chain attack may also be referred to as a third-party attack. These types of attacks generally occur when a threat actor takes advantage of a security weakness within a third-party environment. Often, these types of breaches enable attackers to move laterally through connected networks, often undetected.
S
Tag
A tag is a specific release or version of an application hosted inside of a container (for example, 14.04).
T
Tenable
Tenable is a Cyber Exposure Management company. Some 40,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include about 60 percent of the Fortune 500, about 40 percent of the Global 2000, and large government agencies. Learn more at tenable.com.
T
Tenable Community
Tenable Community is a knowledge-base about all things Tenable. Tenable Community is a place where people with common interests in Tenable and cybersecurity can get together and exchange ideas, share information,and explore a wide-range of security-related topics.
T
Tenable Lumin
Tenable Lumin is an advanced visualization, decision support, analytics and measurement solution that helps organizations understand and reduce cyber exposure. Lumin transforms vulnerability data into meaningful insights to help manage cyber risk across an entire organization.
T
Tenable Nessus
Tenable Nessus makes vulnerability assessment simple, easy, and intuitive. The result: less time and effort to assess, prioritize, and remediate issues. Nessus is built from the ground-up with a deep understanding of how security practitioners work.
T
Tenable Research
Tenable Research delivers world-class cyber exposure intelligence, data science insights, alerts and security advisories.
T
Tenable Web App Scanning
Tenable.io Web App Scanning provides comprehensive and accurate vulnerability scanning for full visibility of IT, cloud and web application vulnerabilities in a single platform.
T
Tenable.ad
Tenable.ad enables organizations to see everything in Active Directory, predict what matters, and act to address risk to disrupt attack paths before attackers exploit them.
T
Tenable.cs
Tenable.cs is a developer-friendly, cloud-native application platform that enables organizations to secure cloud resources, container images and cloud assets, providing end-to-end security from code to cloud to workload.
T
Tenable.ep
Tenable.ep is a comprehensive risk-based vulnerability management solution that enables organizations to determine the cyber exposure of all assets, everywhere, on every platform, at all times.
T
Tenable.io
Tenable.io provides the industry's most comprehensive vulnerability coverage with the ability to predict which security issues to remediate first. It’s a complete end-to-end vulnerability management solution, managed in the cloud and powered by Nessus.
T
Tenable.ot
Tenable.ot protects industrial networks from cyber threats, malicious insiders and human error. It identifies and protects operational technology (OT) environments from cyber exposure and threats and ensures operational safety and reliability.
T
Tenable.sc
Tenable.sc is managed on-premises and powered by Nessus technology. The Tenable.sc suite of products provides the industry's most comprehensive vulnerability coverage with real-time continuous assessment of networks. It’s a complete end-to-end vulnerability management solution.
T
Threat Detection (or Threat Hunting)
Threat detection, which is also called threat hunting, is a process in cybersecurity used to discover threats across an enterprise based on a variety of threat indicators or other security research.
T
Threat Intelligence
Threat intelligence represents information and resources an organization can use to ascertain a better understanding of threats that may exist within the threat landscape. This information is valuable in helping teams prioritize which security weaknesses should be prioritized for remediation to lessen the likelihood of potential exploitation from an attacker.
T
Threat Landscape
A threat landscape consists of all of the types of cybersecurity related threats and risks that impact your organization. This can be all-encompassing for your entire enterprise, but also approached from a granular level, down to an individual asset, user or service.
T
Threat Mitigation
Threat mitigation includes the processes an organization may use to decrease the potential impact of a threat. This may include containment activities used between detection and remediation or steps to isolate the threat until it can be resolved.
T
Threat Modeling
According to OWASP, threat modeling represents the processes an organization uses to "identify, communicate, and understand threats and mitigations within the context of protecting something of value," for example, security related to an application and its environment.
T
Threat Remediation
Threat remediation consists of the processes an organization uses to discover and resolve threats within its environment. Unlike threat mitigation, which is generally a process used when a threat remains within your environment, threat remediation is used to remove the threat completely, for example, installing a patch or applying an update.
T
Tokens
In programming, tokens, also known as software tokens, are used for device security authentication, for example, as part of a two-factor authentication process.
T
Trojan
A trojan is a type of malware. Trojans can be a type of malicious code, malicious file or program. Often, attackers disguise trojans in a way that they appear to be legitimate, but they're not. Attackers use trojans in a variety of ways, for example, to set up a backdoor so they can execute tasks on an asset or to copy, damage, encrypt or delete data and prevent asset access.
T
Types of Network Security
There are several types of network security. Network security consists of all of the processes, tools, and resources an organization uses to prevent authorized access to your network infrastructures such as your hardware, software, and all of your cloud services. While not all-encompassing, here are some examples of network security: access control, email security, firewalls, antivirus, antimalware, application security, vulnerability assessment and management, VPNs, multi-factor authentication, and more.
T
URL
URL is an abbreviation for a uniform resource locator. For websites, a URL enables networks and servers to communicate. URLs generally consist of a domain name and other information that make up a web address.
U
URL Analysis
A URL analysis is a process used to look at a web address to see if there is any potential malicious activity that may be related to that URL.
U
Virtual Machine (VM)
A virtual machine (VM) runs off software and not an actual device. A VM is generally an image or computer file that functions like a computer system. These images function within a window on a computer.
V
Virtual Private Network (VPN)
Organizations use virtual private networks, also known as VPNs, for online privacy. VPNs hide your asset's IP address. They also encrypt and route data via secure networks. VPNS enables secure and anonymous internet access.
V
Vulnerability Assessment
A vulnerability assessment is a way to discover, analyze and fix weakness within an attack surface to lessen the likelihood attackers can exploit a network and gain unauthorized access to assets.
V
Vulnerability Assessment Tool
A vulnerability assessment tool is a tool used to discover vulnerabilities across an environment. Vulnerability assessment programs rely on vulnerability assessment tools to facilitate continuous asset discovery and vulnerability monitoring, along with processes to prioritize threats based on actual risk to an organization.
V
Vulnerability Management
Vulnerability management is a program that uses a variety of tools and processes to identify assets and vulnerabilities across an enterprise. It also helps organizations plan how to mitigate issues, remediate weaknesses and improve security posture.
V
Vulnerability Remediation
Vulnerability remediation is a process InfoSec teams use to fix (or patch) security issues within an environment after a vulnerability assessment identifies those weaknesses. Organizations with mature vulnerability management programs use tools and resources, for example, Tenable's Predictive Prioritization, to prioritize vulnerabilities for remediation so they can focus on fixing vulnerabilities that pose the greatest threat to an organization first.
V
Vulnerability Scanner
A vulnerability scanner discovers misconfigurations, vulnerabilities, and other security issues within an IT infrastructure, including networks, servers, operating systems, and applications.
V
Vulnerability Scanning Tool
A vulnerability scanning tool discovers weaknesses within an attack surface. They are used as part of mature vulnerability assessment and vulnerability management processes to identify cyber risks for prioritization and remediation.
V
Vulnerability Testing Tools
Vulnerability testing tools are also known as vulnerability assessment tools. Vulnerability assessment tools can help you find vulnerabilities and other security issues, for example, misconfigurations, within your environment so you can plan for remediation.
V
Web Application
A web application is a type of software that runs within a web browser instead of a traditional computer or on-site server. Some examples of web applications might include emails such as Gmail or Yahoo, or web-based forms or online shopping programs.
W
Web Application Scanning
Web application scanning discovers vulnerabilities within web apps. These scans, for example, through Nessus, can be automated so they continuously look for web app security issues.
W
Web Application Security
Web application security is a cybersecurity practice used to discover all of the web applications and web services used within an organization to evaluate them for vulnerabilities, misconfigurations, and other security weaknesses.
W
Web Security
Web security is an information security practice designed to protect web services and applications from a variety of security risks.
W
Website Vulnerability Scanner
A website vulnerability scanner is used to identify security risks, for example, vulnerabilities and misconfigurations, within a website.
W
XML External Entities (XXE)
With XML External Entities (XXE), attackers can use external entities to access internal files through a file URL handler, internal file shares, internal port scanning, remote code execution, and/or DoS attacks.
X
Zero Day Vulnerability
A zero day vulnerability is a known vulnerability that doesn't yet have a patch to fix it, leaving it vulnerable for a potential attacker exploitation.
Z
Zero Trust Exchange
A zero trust exchange is a cloud-based platform that adopts a zero-trust approach to protect it. It is based on a verify-everything concept to limit the possibility of a breach or other security issue.
Z
Zero Trust Network Access (ZTNA) Architecture
Zero Trust Network Access (ZTNA) Architecture establishes access control policies and other procedures that enable remote access to systems and data based on a zero trust approach to security.
Z