Cyber security glossary cybersecurity terms explained All0-9ABCDEFGHIJKLMNOPQRSTUVWXYZ0-90-day 🔴 Vulnerability2FA (dual authentication) 🟢 ProtectionAAAA (Authentication, Authorisation, Audit) 🟢 ProtectionAAD (Azure Active Directory)ACL (Access Control List) 🟢 ProtectionActive Directory (AD)Air gap 🟢 ProtectionSafety alert 🟩 Safety informationBehavioural analysis 🟩 Security methodPredictive analysisANSSI 🟩 AuthorityAPT (Advanced Persistent Threat) 🔴 AttackSupply chain attack 🔴 AttackAttacks on AI 🔴 AttacksSingle sign-on (SSO) 🟩 ToolNational Cyber Security Authority 🟩 AuthorityBSandbox 🟢 ProtectionBackdoor 🔴 VulnerabilityBlue Team 🟩 Safety teamBot 🟠 ToolBotnet 🟠 Attack toolBusiness Email Compromise (BEC) 🔴 AttackCCERT 🟩 Security teamTrojan horse 🔴 AttackEncryption 🔒CISA 🟩 AuthorityCookiesCryptojacking (cryptographic hacking) 🔴 AttackCSP (Content Security Policy) 🟢 ProtectionCSRF 🔴 AttackCTI (Cyber Threat Intelligence) 🟢 ToolCVE (Common Vulnerabilities and Exposures) 🟩 RepositoryCVSS 🟩 ToolCyber attack 🔴 AttackCybercriminal 🟥 ThreatCyber investigator 🟩 Cyber security professionCyber espionage 🔴 AttackCyber threat 🟠 RiskCybersecurity 🟢 ProtectionDDDoS (distributed denial of service) 🔴 AttackDeepfake 🔴 ManipulationSite defacementDenial of service 🔴 AttackDevSecOps 🟩 Security practicePersonal dataSensitive dataDPO (Data Protection Officer) 🟩 Business lineDPO (Data Protection Officer) 🟩 Job titleHardening 🟢 ProtectionEEBIOS 🟦 MethodEDR (Endpoint Detection and Response) 🟢 ProtectionData Poisoning 🔴 AttackEndpointExploit 🔴 ToolFFalse positiveFirewall 🟢 ProtectionBrute force 🔴 AttackForensicsGGovernance 🟩 ToolGPO (Group Policy Object) 🟩 ToolAPT GroupCybercrime group 🔴 ThreatHEthical hacker 🟩 ProfessionPhishing 🔴 AttackIIAM (Identity and Access Management) 🟢 ProtectionIDS (Intrusion Detection System) 🟢 ProtectionSocial engineering 🔴 AttackSQL injection 🔴 AttackInjection 🔴 AttackIoC (indicator of compromise) 🟩 ToolIPSec (Internet Protocol Security) 🟩 ToolISO 27001 🟦 StandardISO 27002 🟦 StandardISO 27005 🟦 StandardISO 31000 🟦 StandardJEvil twin 🔴 AttackJWT (JSON Web Token) 🟢 ProtectionKKeylogger (keylogger) 🔴 AttackKill chainKill Switch 🟢 ProtectionLAccess Control List (ACL) 🟢 ProtectionMMalware 🔴 AttackMan-in-the-middle 🔴 AttackInternal threat 🟠 Cyber riskMFA (multi-factor authentication) 🟢 ProtectionMITRE ATT&CK 🟩 ToolFail-safe modeOne-time password 🟢 ProtectionNNIDS (Network Intrusion Detection System) 🟢 ProtectionNIS 2 🟦 RegulationsNIST Cybersecurity Framework (NIST CSF)OObfuscation 🟠 ToolOCSP 🟩 ToolOSINT (Open Source Intelligence) 🟩 ToolsOTP (One-Time Password) 🟢 ProtectionOWASP 🟩 Security resourcePPatch 🟢 ProtectionPayload 🔴 Malicious componentPCI DSS 🟦 StandardPentest (penetration testing) 🟢 ToolPentester 🟢 JobBusiness Continuity Plan (BCP) 🟩 DocumentDisaster Recovery Plan (DRP) 🟩 DocumentPrivacy policyBackup policy 🟩 DocumentSecurity policy 🟩 DocumentPSSI (information systems security policy) 🟩 DocumentQQuarantine 🟢 ProtectionRRansomware 🔴 AttackRed Team 🟩 Safety teamRegurgitationRemediation 🟢 ProtectionResilienceRGPD 🟩 RegulationRPO (Recovery Point Objective)CISO (Information Systems Security Manager) 🟩 Job titleRTO (Recovery Time Objective)SSandboxing 🟢 ProtectionSBOMSecNumCloud 🟦 CertificationCyber security awareness 🟩 ProtectionShadow IAShadow ITSIEM 🟢 ProtectionISMS (Information Security Management System) 🟩SOAR (Security Orchestration, Automation, and Response) 🟢 ProtectionSOC (Security Operations Center) 🟩 StructureSpyware 🔴 AttackAttack surface 🔴 FaultsTTakedown 🟢 ProtectionThreat Intelligence 🟢 ProtectionTLS (Transport Layer Security) 🟢 ProtectionUUEBA 🟢 ProtectionIdentity theftVVirus 🔴 AttackData theft 🔴 AttackVPN (virtual private network) 🟢 ProtectionVulnerability 🟥 WeaknessWWAF (Web Application Firewall) 🟢 ProtectionWar game 🟩 Safety exerciseWeb scraping 🟠 ToolsXXSS (Cross-Site Scripting) 🔴 AttackYYubikey 🟢 ProtectionZZero Trust 🟢 ProtectionZero-day (0-day) 🔴 Flaw
