Glossary
A
Accessibility
The design and development of products, services, or environments to be usable by people with disabilities. A critical aspect of web and software development, ensuring compliance with laws like the Americans with Disabilities Act (ADA).
API (Application Programming Interface)
A set of defined rules and protocols for building and interacting with software applications. APIs enable the integration between different systems and devices.
Authentication
The process of verifying the identity of a user or system. Authentication mechanisms commonly include passwords, two-factor authentication, and biometrics.
Authorization
The process that comes after authentication, determining the levels of access or permissions granted to authenticated users.
Antivirus
Software designed to detect, prevent, and remove malicious software from computer systems.
B
Backup
A secondary copy of data that can be restored to maintain business continuity in the event of data loss, corruption, or system failures.
Bandwidth
The capacity of a network to transfer data. Usually measured in bits per second (bps), bandwidth can impact the speed and efficiency of a network.
Botnet
A network of compromised computers or devices controlled by an unauthorized user, often used for malicious tasks like sending spam or launching Distributed Denial of Service (DDoS) attacks.
Blockchain
A digital ledger used to record transactions across multiple computers in a secure and transparent manner.
Brute-Force Attack
A cyber-attack that attempts to gain unauthorized access by trying all possible combinations of passwords or encryption keys until the correct one is found.
C
Cloud Computing
The delivery of various services over the Internet, including storage, databases, servers, networking, and more. Cloud computing eliminates the need for owning physical hardware or data centers.
Cybersecurity
The practice of safeguarding information systems, networks, and data from digital attacks, unauthorized access, and damage.
Cryptography
The science of encoding and decoding information to ensure secure communication.
Cookie
A small text file stored on a user’s computer by a web browser, often used to retain preferences or identification for future visits.
CDN (Content Delivery Network)
A system of distributed servers that work together to deliver web content and resources to users based on their geographic location.
D
Data Encryption
The process of converting data into a code to prevent unauthorized access.
DNS (Domain Name System)
The system for converting human-friendly domain names into IP addresses that computers use to identify each other on the network.
Digital Forensics
The scientific process of collecting, analyzing, and preserving electronic evidence in order to investigate and prevent cybercrime.
DDoS Attack (Distributed Denial of Service)
An attack that overwhelms a website or online service with excessive requests from multiple sources, making it unavailable to users.
Data Breach
An incident where confidential or sensitive information is accessed or disclosed without authorization.
E
Encryption
The process of converting information into a code to prevent unauthorized access. It is commonly used to secure data transmission and storage.
Endpoint Security
The practice of protecting endpoints or entry points of end-user devices such as computers, mobile devices, and laptops from malicious activities.
Ethical Hacking
Authorized hacking to discover vulnerabilities from a malicious hacker’s perspective to better secure systems.
ERP (Enterprise Resource Planning)
A software solution that integrates various functions into one system to streamline processes and information across the entire organization.
Exfiltration
The unauthorized copying, transfer, or retrieval of data.
F
Firewall
A network security system designed to monitor and filter incoming and outgoing network traffic based on an organization’s predetermined security policies.
Forensic Analysis
The process of gathering, examining, and analyzing computer-related evidence for investigative purposes.
Full Stack Development
A form of web development that involves both front-end (client-side) and back-end (server-side) development.
Failover
The automatic switching to a redundant or standby system, server, or network upon the failure or abnormal termination of the previously active application, server, or network.
FTP (File Transfer Protocol)
A standard network protocol used for the transfer of files between a client and a server on a computer network.
G
Gateway
A hardware device that acts as a “gate” between two networks, often equipped with security measures like firewalls or encryption.
GDPR (General Data Protection Regulation)
A regulation that requires businesses to protect the privacy and personal data of EU citizens for transactions occurring within EU member states.
Geo-Blocking
The practice of restricting access to content based on the user’s geographical location.
Graphical User Interface (GUI)
A type of interface that allows users to interact with a computer through graphical elements like windows, icons, and buttons, as opposed to text-based interfaces.
Grid Computing
The use of a network of computers to solve problems requiring a large number of computer processing units or that involve large amounts of data.
H
Hashing
The process of converting data into a string of characters using a hash function. This is often used for password storage and data integrity verification.
HTTPS (HyperText Transfer Protocol Secure)
An extension of HTTP, designed to secure the data transmitted over the internet via SSL/TLS encryption.
Hybrid Cloud
A computing environment that uses a mix of on-premises, private cloud, and third-party, public cloud services.
Heuristic Analysis
A method used in antivirus software to identify new, previously unknown viruses or new strains of known viruses by examining code behaviors and properties.
HTML (HyperText Markup Language)
The standard markup language used to create web pages.
I
IDS (Intrusion Detection System)
A system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered.
IP Address (Internet Protocol Address)
A numerical label assigned to each device connected to a computer network, serving two main functions: host or network interface identification and location addressing.
IoT (Internet of Things)
The network of physical objects equipped with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the Internet.
ITIL (Information Technology Infrastructure Library)
A set of detailed practices for IT service management that focuses on aligning IT services with the needs of business.
Incident Response
The approach taken by an organization to address and manage a cybersecurity breach or attack.
J
JavaScript
A high-level, interpreted scripting language commonly used to create interactive effects within web browsers.
JSON (JavaScript Object Notation)
A lightweight data-interchange format that is easy for humans to read and write and easy for machines to parse and generate.
JVM (Java Virtual Machine)
A part of the Java Runtime Environment (JRE) that compiles and executes Java bytecode.
JIT (Just-In-Time) Compilation
A compilation technique that translates some or all of a program to native machine code just before it is executed, aiming to improve performance.
Jailbreaking
The process of removing limitations imposed by manufacturers on devices such as smartphones and tablets.
K
Kernel
The core part of an operating system that controls all other software and hardware on the computer.
Keylogger
A type of software or hardware used to capture keystrokes made on a computer, often without the user’s knowledge.
Kerberos
A network authentication protocol designed to provide strong authentication for users and systems over a non-secure network.
Kubernetes
An open-source platform designed to automate deploying, scaling, and operating application containers.
KPI (Key Performance Indicator)
A measurable value that demonstrates how effectively a company is achieving key business objectives.
L
LAN (Local Area Network)
A network that connects computers and devices in a limited geographical area, such as a home, school, or office building.
Load Balancer
A device or software application that distributes incoming network or application traffic across multiple servers.
Linux
An open-source operating system based on Unix.
LDAP (Lightweight Directory Access Protocol)
A protocol for accessing and maintaining distributed directory information services over an Internet protocol network.
Least Privilege
The practice of limiting access rights for users to the bare minimum necessary to complete their job functions.
M
Malware
Malicious software designed to infiltrate or damage a computer system without the owner’s consent.
Metadata
Data that provides information about other data, such as the author, creation date, and format of a document.
Multi-Factor Authentication (MFA)
A security system that requires multiple methods of authentication from independent categories of credentials.
Microservices
An architectural style that structures an application as a collection of loosely coupled, independently deployable services.
MITM (Man-In-The-Middle) Attack
A type of eavesdropping attack where the attacker secretly intercepts and possibly alters the communication between two parties.
O
OSI Model (Open Systems Interconnection)
A conceptual model that standardizes the functions of a telecommunication or computing system into seven abstraction layers.
OAuth
An open standard for access delegation, commonly used for token-based authentication.
Open Source Software
Software for which the original source code is made freely available and may be redistributed and modified.
OWASP (Open Web Application Security Project)
A nonprofit foundation that works to improve the security of software through community-led open-source software projects.
Object-Oriented Programming (OOP)
A programming paradigm based on the concept of “objects,” which encapsulates data and the functions to manipulate the data.
P
Phishing
The fraudulent practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords and credit card numbers.
Private Cloud
A form of cloud computing that is used by only one organization, offering the most control over data, governance, and security.
Public Key Infrastructure (PKI)
A framework that manages digital keys and certificates to secure confidential data, authentication, email, and more.
Proxy Server
A server that acts as an intermediary for requests from clients seeking resources from other servers.
Patch Management
The process of identifying, acquiring, installing, and verifying patches for products and systems.
Q
Query
A request for data or information from a database.
Quantum Computing
An area of computing focused on the development of computer technologies centered around the principles of quantum theory.
QoS (Quality of Service)
The performance level of a service, often used in the context of networks to describe the performance characteristics of the connection.
R
Ransomware
Malicious software that encrypts the user’s files and demands payment for their release.
Red Team
A group that helps organizations to improve themselves by providing opposition to test the effectiveness of their strategies and tactics.
RAID (Redundant Array of Independent Disks)
A technology that is used to increase the performance and/or reliability of data storage.
Router
A networking device that forwards data packets between computer networks.
RSA (Rivest-Shamir-Adleman)
A public-key cryptosystem widely used for secure data transmission and encryption.
S
SQL Injection
A code injection technique that exploits a vulnerability in an application’s software by manipulating SQL queries.
SSL (Secure Sockets Layer)
A standard protocol for securing internet connections by encrypting information sent between two systems.
SaaS (Software as a Service)
A software licensing and delivery model in which software is provided over the Internet, eliminating the need to install and run the application on individual computers.
Scalability
The ability of a system to handle an increasing amount of work or its ability to accommodate growth.
Social Engineering
The art of manipulating people into divulging confidential information or performing actions that compromise security.
T
Two-Factor Authentication (2FA)
A security process in which a user provides two different authentication factors to verify their identity.
TCP/IP (Transmission Control Protocol/Internet Protocol)
The basic communication language or protocol of the Internet and private networks.
Trojan Horse
A type of malware that is disguised as legitimate software and used to compromise a system.
Threat Intelligence
Analyzed information about the intent, capabilities, and opportunities of adversaries.
Tokenization
The process of replacing sensitive data with unique identification symbols that retain essential information without compromising security.
U
URL (Uniform Resource Locator)
The address of a resource on the Internet.
User Interface (UI)
The space where interactions between humans and machines occur, aiming for effective operation and control of the machine from the human end.
UNIX
An operating system that offers multitasking and multi-user capabilities.
Uptime
The amount of time that a server or system is operational and available.
UDP (User Datagram Protocol)
One of the core members of the Internet protocol suite, UDP uses a simple connectionless transmission model.
V
VPN (Virtual Private Network)
A technology that allows for a secure connection over an otherwise unsecured network, often used to remotely access internal networks.
Virtualization
The act of creating a virtual version of something, such as an operating system, a server, or network resources.
VLAN (Virtual Local Area Network)
A partitioned and isolated computer network at the data link layer of a LAN.
Vulnerability Assessment
The process of identifying, quantifying, and prioritizing the vulnerabilities in a system.
Version Control
The practice of tracking and managing changes to software code.
W
WAN (Wide Area Network)
A network that extends over a large geographical area.
Web Application Firewall (WAF)
A firewall that monitors, filters, or blocks data packets as they travel to and from a web application.
WebSocket
A communication protocol that provides full-duplex communication channels over a single, long-held TCP connection.
White Hat Hacker
An ethical hacker who breaks into systems for the purpose of discovering vulnerabilities from a benign standpoint.
Worm
A standalone malware program that replicates itself to spread to other computers.
X
XSS (Cross-Site Scripting)
A type of computer security vulnerability found in web applications that enables attackers to inject client-side scripts into web pages viewed by other users.
XML (eXtensible Markup Language)
A markup language that defines rules for encoding documents in a format that is both human-readable and machine-readable.
XOR (Exclusive OR)
A type of bitwise operation used in various forms of computing.
Y
YARA
A tool used primarily in malware research and detection, providing a way to identify and categorize malware based on textual or binary patterns.
YAML (YAML Ain’t Markup Language)
A human-readable data serialization standard that can be used in conjunction with all programming languages and is often used to write configuration files.
Z
Zero-Day
A software vulnerability that is known to the software vendor but doesn’t have a patch in place to fix the vulnerability.
Z-Wave
A wireless communications protocol primarily used for home automation.
Zone Transfer
The process of copying the contents of a DNS zone to another DNS server.
Zigbee
A specification for a suite of high-level communication protocols using low-power digital radios.
Zero Trust Architecture
A security model that requires stringent identity verification for every person and device trying to access resources in a private network.