fbpx
Use The Cloud Fearlessly

What are you looking for?

The Technosprout Glossary is your guide through a sea of complicated terminology, providing easy-to-understand definitions and resources for further exploration. If you can't find what you're looking for, contact us and we will be happy to help.
Please email us at info@technosprout.in with your question. We would be happy to help.

Important cybersecurity terms and industry buzzwords.

What is Enterprise Security?

Enterprise security includes both the internal or proprietary business secrets of a company as well as the employee and customer data related to privacy laws. It is the process by which an organization protects its information assets (data, servers, workstations, storage, networking, applications, etc.) from infringement of confidentiality, integrity, or availability. Enterprise Security Solutions not only help organizations understand their IT security postures but also provide the best course of action to overcome the security loopholes.

What is DevOps Security?

DevOps is a term used to describe a set of cultural philosophies, practices, and tools that bring together software development (Dev) and IT operations (Ops) and increase an organization’s ability to deliver applications and services at high velocity. DevOps presents new risks and cultural changes that create security challenges that cannot typically be addressed by conventional security management solutions and practices.

Learn more about DevOps >

What is Privileged Identity Management?

Privileged Identity Management (PIM) is a capability within identity management focused on the special requirements of managing highly privileged access. PIM is an information security and governance tool to help companies meet compliance regulations and to prevent system and data breaches through the improper use of privileged accounts.

Learn more about Privileged Identity Management >

What is Malware?

Malware is the collective name for a number of malicious software variants, including viruses and spyware. Malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.

What do you mean by Zero Trust?

A zero trust model is a cyber security model designed to protect the resources and sensitive data of businesses. It gives no user or device default access to an organization’s network, workspace, or other resources even if they’re employed by the organization. This model demands that the authorized users must pass security protocols like their identity, time of access, and device posture before access is granted.

What is Ransomware?

Ransomware is a form of malware that encrypts a victim’s files. It has the ability to lock a computer screen or encrypt important and predetermined files with a password. It is a criminal money-making scheme that can be installed through deceptive links in an email, instant message, or website.

What do you mean by Just-In-Time Access?

Using the just-in-time (JIT) access methodology, organizations can elevate human and non-human users in real-time to provide elevated and granular privileged access to an application or system in order to perform a necessary task. Cybersecurity industry analysts recommend JIT access as a way of provisioning secure privileged access by minimizing standing access.

What do you mean by Password-less Authentication?

Passwordless Authentication is an authentication method that allows a user to gain access to an application or IT system without entering a password or answering security questions.

What is Single Sign-On (SSO)?

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials — for example, a name and password — to access multiple applications. SSO can be used by enterprises, smaller organizations and individuals to ease the management of various usernames and passwords.

What is Adaptive Multi-factor Authentication?

Adaptive Authentication is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use Adaptive Authentication to balance security requirements with the user experience.

What is API (Application Programming Interface) Attack?

An API allows two cloud applications to talk to one other directly, allowing a third party to read or make changes directly within a cloud application. Creating an API connection requires a user’s approval, but once created, runs silently in the background, often with little or no monitoring. An API-based attack typically involves fooling the user into approving an API connection with a phishing attack. Once granted the API token, the attacker has almost complete access and control, even if the user changes the account password. To break the connection, the user must manually revoke the API token.

 

What is DRM (Digital Rights Management)?

A set of access control technologies for restricting the use of confidential information, proprietary hardware, and copyrighted works, typically using encryption and key management.

 

What is Secure Socket Shell (SSH) Key Management?

Secure Socket Shell (SSH) Key Management, also called Secure Shell Management, is a special network protocol leveraging public-key cryptography to enable authorized users to remotely access a computer or other device via access credentials called SSH keys. Because they are used to access sensitive resources and perform critical, highly privileged activities, it’s vital to properly manage SSH keys as you would other sensitive credentials.

 

What is Behavioral Analysis?

A security measure in which a file’s behavior is monitored and analyzed in an isolated environment in order to see if it contains hidden malicious functions or is communicating with an unknown third-party.

 

What is Vulnerability Assessment?

Vulnerability assessment refers to the process of identifying risks and vulnerabilities in computer networks, systems, hardware, applications, and other parts of the IT ecosystem. Vulnerability assessments provide security teams and other stakeholders with the information they need to analyze and prioritize risks for potential remediation in the proper context.

 

What is Vulnerability Scanning?

Vulnerability scanning is the process of discovering, analyzing, and reporting on security flaws and vulnerabilities. Vulnerability scans are conducted via automated vulnerability scanning tools to identify potential risk exposures and attack vectors across an organization’s networks, hardware, software, and systems. Vulnerability scanning and assessment is an essential step in the vulnerability management lifecycle.

 

What is Cyber-Attack Chain?

The cyber-attack chain (also referred to as the cyber kill chain) is a way to understand the sequence of events involved in an external attack on an organization’s IT environment. Understanding the cyber-attack chain model can help IT security teams put strategies and technologies in place to “kill” or contain the attack at various stages, and better protect the IT ecosystem.

 

System for Cross-Domain Identity Management (SCIM)

A system for cross-domain identity management (SCIM)  is an open standard for automating the exchange of user identity information between identity domains, or IT systems, designed to make user identity management in cloud-based applications easier.

 

What is Single-Factor Authentication?

A method of authentication that relies on a single factor, such as a username and password, to verify a user’s identity.

 

What is a Virtual Directory?

A virtual directory is an Identity and Access Management architectural component that gives identity consumers a consolidated and unified view of identity management information stored in multiple disparate data repositories.

 

What is Pass-the-Hash (PtH) Attack?

A Pass-the-Hash Attack (PtH) is a technique whereby an attacker captures a password hash (as opposed to the password characters) and then simply passes it through for authentication and potentially lateral access to other networked systems. The threat actor doesn’t need to decrypt the hash to obtain a plain text password. PtH attacks exploit the authentication protocol, as the password hash remains static for every session until the password is rotated. Attackers commonly obtain hashes by scraping a system’s active memory and other techniques.

 

What is Malconfiguration?

A deliberate configuration change within a system by a malicious actor, typically to create back-door access or exfiltrate information. While the original change in configuration might involve a compromised account or other vulnerability, a malconfiguration has the benefit of offering long term access using legitimate tools, without further need of a password or after a vulnerability is closed.

 

What are Containers?

Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. This decoupling allows container-based applications to be deployed easily and consistently, regardless of whether the target environment is a private data center, the public cloud, or even a developer’s personal laptop. It provides a clean separation of concerns, as developers focus on their application logic and dependencies, while IT operations teams can focus on deployment and management without bothering with application details such as specific software versions and configurations specific to the app.

 

What is a Compromised Account?

An account that has been accessed and is possibly controlled by an outside party for malicious reasons. This can be done either via API connection or by gaining credentials to the account from a leak or phishing email. Typically, the goal of the attacker is to remain undetected, in order to use the account as a base for further attacks.

 

 

What is Misconfiguration?

A dangerous or unapproved configuration of an account could potentially lead to a compromise typically done by a well-intentioned user attempting to solve an immediate business problem. While there is no malicious intent, misconfiguration is actually the leading cause of data loss or compromise.

 

 

What is Cybersecurity?

Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious digital attacks. It’s also known as information technology security or electronic information security.

What is Cloud Security?

“Cloud” refers to the hosted resources delivered to a user via software. Cloud security, also known as cloud computing security, refers to the procedures and technology of protecting cloud computing environments, applications, data, information, and infrastructure.

Learn more about Cloud Security >

What is a Secure Web Gateway?

A secure web gateway offers protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real-time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code.

What is Secrets Management?

Secrets management refers to the tools and methods for managing digital authentication credentials that include passwords, keys, APIs, and tokens. These credentials are used in applications, services, privileged accounts, and other sensitive parts of the IT ecosystem. Some of the most common types of secrets include privileged account credentials, passwords, certificates, SSH keys, API keys, or encryption keys

What do you mean by Least Privilege?

The principle of least privilege is an important concept in computer security. It limits access rights for users to the bare minimum permissions they need to perform their work. It means enforcing the minimal level of user rights that allows the user to perform his/her role. Users are granted permission to read, write, or execute only the files or resources they need to do their jobs.

What is a Data Breach?

A data breach is a security incident in which information is accessed without authorization. It can occur accidentally or as a result of a deliberate attack. A data breach is the release of confidential or sensitive information into an unsecured environment.

What is a SaaS?

Software-as-a-Service (SaaS) is a software licensing and distribution model in which a service provider hosts applications and makes them available to customers over the Internet. Also referred to as “on-demand software,” “hosted software,” and “web-based software,” SaaS is one of three main components of cloud computing—which is one of the foundational elements of digital transformation.

What is Identity as a Service (IDaaS)?

Identity as a Service (IDaaS) is an Identity and Access Management solution delivered in the form of a cloud-based service hosted and managed by a trusted third party. An IDaaS offering combines all the functions and benefits of an enterprise-class IAM solution with all the economic and operational advantages of a cloud-based service.

What is Robotic Process Automation (RPA)?

Robotic process automation (RPA) is an automation technology that helps organizations to partially or fully automate standardized tasks. Robotic process automation software robots, or “bots” can mimic the actions of humans to perform work.

What is Denial of service attack (DoS)?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account holders) of the service or resource they expected. 

 

What is Cloud Infrastructure Entitlements Manager (CIEM)?

Cloud infrastructure entitlement Management (CIEM) is a term introduced by Gartner in the year 2020 to describe the next generation of solutions for enforcing least privilege in the cloud. It addresses cloud-native security challenges of managing identity access management in cloud environments.

 

What is Hardcoded/Embedded Passwords?

Hardcoded Passwords, also often referred to as embedded credentials, are plain text passwords or other secrets in source code. Password hardcoding refers to the practice of embedding plain text (non-encrypted) passwords and other secrets (SSH Keys, DevOps secrets, etc.) into the source code. Default, hardcoded passwords may be used across many of the same devices, applications, systems, which helps simplify set up at scale, but at the same time, poses a considerable cybersecurity risk.

 

What is Separation of Privilege?

Separation of privilege, also called privilege separation, is an information technology best practice applied by organizations to broadly separate users and processes based on different levels of trust, needs, and privilege requirements.

 

What is Superuser/Superuser Accounts?

Superuser accounts are highly privileged accounts primarily used for administration by specialized IT employees. A Superuser is an individual with access to such an account.

 

What is Account Takeover?

A cyberattack in which the hacker compromises an online account sends messages internally within the organization and leverages the stolen identity to ask for confidential information. They may also use the account to attack other organizations.

 

What is Password Rotation?

Password Rotation refers to the changing/resetting of a password(s). Limiting the lifespan of a password reduces vulnerability to password-based attacks and exploits, by condensing the window of time during which a stolen password may be valid.

 

What is a Credential?

A credential is an item, such as an ID card, or a username/password combination, used by persons or entities to prove themselves.

 

What is a Session?

A session is an interaction between two or more entities on a network, generally consisting of an exchange of information. In the context of identity management, the most important information exchanged is the credentials of each entity and the time-out information for the session.

 

What is Security Assertion Markup Language (SAML)?

Security Assertion Markup Language (SAML) provides a standard way for businesses and application providers to share user authentication and authorization data and federated identity management functionality.

 

What is Privileged Password Management?

Privileged Password Management is the secure storing, sharing, creating, and handling of privileged passwords. Privileged password management may alternatively be referred to as privileged credential management, enterprise password management, enterprise password management, enterprise password security.

 

What are Tokens?

A unique authorization key used for API interactions. Each token is granted a certain level of access and control and often continues to provide access until the token is manually revoked.

 

What is Virtual private cloud?

A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider. (Not all private clouds are hosted in this fashion.) VPCs combines the scalability and convenience of public cloud computing with the data isolation of private cloud computing.

 

What is CASB?

An acronym for Cloud Access Security Broker. This is a type of security that monitors and controls the cloud applications that an organization’s employees might use. Typically, the control is enforced by routing web traffic through a forward- or reverse-proxy. CASBs are good for managing Shadow IT and limiting employee’s use of certain SaaS or the activity within those SaaS, but do not monitor third-party activity in the cloud—i.e. shared documents or email.

 

What is DLP (Data Leak Prevention or Data Loss Prevention)?

A type of security that prevents sensitive data, usually files, from being shared outside the organization or to unauthorized individuals within the organization, through policies that encrypt data or control sharing settings.

What is Shadow IT?

Any unapproved cloud-based account or solution implemented by an employee for business use. It might also include the use of an unknown account with an approved provider but administered by the user rather than corporate IT.

Couldn’t find your answer? Ask a question