The cybersecurity ecosystem is a rapidly evolving and potentially confusing place. Acronyms are everywhere, and the industry lexicon is growing all the time.

To provide some much-needed cyber-clarity, we’ve put together a glossary of terms to help navigate the buzzwords and jargon:

• Advanced Persistent Threat (APT): A type of cyberattack in which a bad actor establishes a long-term presence on a network or system to gain access to and exploit sensitive or valuable information.

 

 

• Content Disarm and Reconstruction (CDR): CDR technology instantly cleans and rebuilds files to match their known good manufacturer’s standard – automatically removing known and unknown threats.

 

 

• Data Exfiltration: The unauthorized transfer of data from a computer or network. This can be carried out via a range of methods, such as using email, USB drives or online storage. The objective of data exfiltration is typically to steal sensitive information, such as intellectual property, trade secrets or personal data.

 

• Data Loss Prevention (DLP): Technologies, processes and policies used to prevent sensitive data from leaving an organization’s control.

 

• Distributed Denial of Service (DDoS) attack: A type of cyber attack in which an attacker floods a website or server with traffic from multiple sources with the objective of overloading it and making it unavailable to legitimate users.

 

• Encryption: The process of converting information or data into a coded form that can only be read by someone with the appropriate decryption key, preventing unauthorized access.

 

• File Flattening: A Content Disarm and Reconstruction (CDR) technique used to neutralize potential security threats in a file by removing away all the active content, such as macros, scripts and embedded objects – leaving behind only the safe and readable data. However, this process can result in loss of functionality, reduced file quality, increased file size, slower processing times, limited support for certain file formats and difficulty in restoring the original file.

• Firewall: Security technology used to monitor and control incoming and outgoing network traffic. This is determined by predefined security rules, with firewalls alerting administrators to potential threats.

 

 

• Intrusion Detection System (IDS): Technology that monitors networks for malicious activity or policy violations, generating alerts if and when they are detected.

• Inspection and Sanitization Guidance (ISG): Procedures and techniques used in Content Disarm and Reconstruction (CDR) to identify and neutralize file-based security threats. The ISG defines how files should be analyzed and processed in a CDR system to ensure that they are secure and free of malicious content before they are allowed to enter a network.

 

• Malware: Software specifically designed to cause harm to computer systems, networks, or devices. Examples include computer viruses, worms, trojan horses, ransomware and spyware.

 

 

• Patch Management: The process of identifying, testing, and applying software updates or patches to fix vulnerabilities and keep systems secure.

• Phishing: A type of cyberattack where attackers attempt to trick users into sharing sensitive information, such as login details, through the use of fake emails, websites, or text messages.

 

 

• Remediation: The process of correcting or mitigating a security issue, risk or breach. This can involve patching vulnerabilities and removing malware to restore systems to a secure state, among other approaches. It is an important part of an effective cybersecurity strategy, as it helps to prevent future security incidents and minimize the impact of existing risks and vulnerabilities.

 

• Sandboxes: A security technique used to isolate potentially malicious programs or processes in a secure environment before they can cause harm. A sandbox is a virtualized environment that limits its access to the underlying system and other programs, allowing programs to be monitored and assessed for potential security threats.

• Sandbox evasion: The process of evading or defeating the security restrictions imposed by a sandbox environment. This can be accomplished by exploiting vulnerabilities in the sandbox environment, evading detection by the sandbox or disguising the behaviour of the malicious program. It is used by bad actors to evade detection by security systems and to spread malware.

 

 

• Sanitization: the process of securely erasing all data from a storage device to ensure that sensitive data, in particular, cannot be recovered after it is no longer in use. This is important for protecting sensitive information, such as personal information or confidential business data, and for ensuring that the storage device can be reused or disposed of securely.

• Trojan Horse: a type of malware that disguises itself as a legitimate program or software, typically used to steal sensitive information, take control of a system or spread malware to other systems.

 

 

• Two-Factor Authentication (2FA): A method of verifying a user’s claimed identity by utilizing a combination of two different components, such as a password and fingerprint scan or a password and a one-time code, before they can access an account or system.

 

• Vulnerability: A weakness in an IT system that can be exploited by an attacker to breach security.

• Worm: Self-replicating malware designed to infect multiple computers by copying itself across a network by exploiting security vulnerabilities.

 

 

• Zero-day: a cybersecurity vulnerability that is previously unknown in software or hardware and that can be exploited to gain unauthorized access or perform other malicious actions, such as distributing malware.

 

 

 

• Zero-trust: A concept that assumes that no device, user or network can be completely trusted. Instead, all entities must be continuously and actively verified. This eliminates the traditional model of relying on a single line of defense around the perimeter of an organization’s network. Instead, zero trust focuses on implementing multiple layers of security across the organizational infrastructure.