• Home
  • Cyber Services
  • Cyber Insights
  • Cyber Glossary
  • Contact
  • About Us
  • More
    • Home
    • Cyber Services
    • Cyber Insights
    • Cyber Glossary
    • Contact
    • About Us
  • Home
  • Cyber Services
  • Cyber Insights
  • Cyber Glossary
  • Contact
  • About Us

Cyber Glossary

Cyber Glossary

 

100 Essential Terms


  • Access Control – Security technique that regulates who can view or use resources.
     
  • Advanced Persistent Threat (APT) – A long-term targeted cyberattack by a skilled adversary.
     
  • Antivirus Software – Tool that detects and removes malware.
     
  • Attack Surface – All possible entry points an attacker could exploit.
     
  • Authentication – Verifying a user’s identity (e.g., password, biometrics).
     
  • Authorization – Granting permissions to an authenticated user.
     
  • Backdoor – Hidden entry point into a system that bypasses security.
     
  • Backup – Copy of data stored separately for recovery after a breach or loss.
     
  • Black Hat Hacker – A hacker who exploits systems for malicious purposes.
     
  • Botnet – A network of infected computers controlled remotely by attackers.
     
  • Brute Force Attack – Attempting every possible password or key until one works.
     
  • Bug Bounty – Reward program for finding and reporting security flaws.
     
  • Certificate Authority (CA) – Trusted entity that issues digital certificates.
     
  • Cloud Security – Protection of data, apps, and services in cloud environments.
     
  • Compliance – Adhering to laws, regulations, and industry standards.
     
  • Confidentiality – Ensuring information is only accessible to authorized users.
     
  • Critical Infrastructure – Essential systems like energy, water, healthcare, and transport.
     
  • Cross-Site Scripting (XSS) – Injection attack that runs malicious scripts in browsers.
     
  • Cyber Espionage – Stealing confidential data for political or economic gain.
     
  • Cyber Hygiene – Basic practices to maintain digital security.
     
  • Data Breach – Unauthorized access to confidential information.
     
  • Data Encryption – Converting data into unreadable form without a decryption key.
     
  • Data Exfiltration – Unauthorized transfer of data from a system.
     
  • DDoS (Distributed Denial of Service) – Overloading a system with traffic to make it unavailable.
     
  • Deepfake – Synthetic media (video/audio) manipulated using AI.
     
  • Decryption – Converting encrypted data back to readable form.
     
  • Digital Certificate – Electronic credential verifying the identity of a website or entity.
     
  • Digital Forensics – Investigation of cyber incidents by analyzing digital evidence.
     
  • DMZ (Demilitarized Zone) – A buffer network between internal and external systems.
     
  • DNS Spoofing – Redirecting traffic to fake websites by corrupting DNS records.
     
  • Domain Hijacking – Taking control of a domain name without authorization.
     
  • Drive-by Download – Malware automatically downloaded when visiting a malicious site.
     
  • Eavesdropping Attack – Intercepting private communications or data transmissions.
     
  • Endpoint Security – Protecting devices like laptops, phones, and servers.
     
  • Exploit – Code or method that takes advantage of a vulnerability.
     
  • Exposure – Potential for data or systems to be accessed by unauthorized parties.
     
  • False Positive – Benign activity mistakenly flagged as malicious.
     
  • Firewall – Security system that monitors and controls network traffic.
     
  • Firmware Attack – Malware targeting a device’s firmware instead of its software.
     
  • Fuzzing – Automated testing technique to find vulnerabilities by inputting random data.
     
  • Gateway – Device that connects two networks and filters traffic.
     
  • Governance – Policies and procedures for managing cybersecurity.
     
  • Gray Hat Hacker – Hacker who may break rules but without malicious intent.
     
  • Hacktivism – Hacking motivated by political or social causes.
     
  • Hashing – Converting data into a fixed-length string (hash) for integrity checks.
     
  • Honeypot – Decoy system designed to lure attackers.
     
  • Identity Theft – Stealing personal information to commit fraud.
     
  • Incident Response – Steps taken after a cyber incident to limit damage.
     
  • Indicator of Compromise (IoC) – Evidence of a potential cyber intrusion.
     
  • Insider Threat – Security risk posed by employees or trusted users.
     
  • Integrity – Assurance that data has not been altered or tampered with.
     
  • Intrusion Detection System (IDS) – Tool that monitors for suspicious activities.
     
  • Intrusion Prevention System (IPS) – Tool that actively blocks detected threats.
     
  • IoT (Internet of Things) Security – Protection of connected smart devices.
     
  • IP Spoofing – Faking an IP address to disguise identity.
     
  • Isolation – Segregating infected or risky systems to prevent spread.
     
  • Jailbreaking – Removing software restrictions on devices (e.g., iPhones).
     
  • Keylogger – Malware that records keystrokes.
     
  • Kill Chain – Stages of a cyberattack from reconnaissance to exploitation.
     
  • Least Privilege – Granting users only the access they need.
     
  • Logic Bomb – Malicious code triggered by specific conditions.
     
  • Macro Virus – Malware embedded in documents (e.g., Word/Excel macros).
     
  • Malware – Malicious software designed to disrupt or damage systems.
     
  • Man-in-the-Middle (MitM) Attack – Intercepting communication between two parties.
     
  • Multi-Factor Authentication (MFA) – Using multiple methods to verify identity.
     
  • Mutual Authentication – Both parties verify each other’s identity.
     
  • Network Segmentation – Dividing networks into smaller zones for security.
     
  • Network Sniffing – Capturing and analyzing network traffic.
     
  • Patch Management – Updating software to fix vulnerabilities.
     
  • Password Manager – Tool that securely stores and generates passwords.
     
  • Penetration Testing – Simulated attacks to find security weaknesses.
     
  • Phishing – Fraudulent messages tricking people into revealing information.
     
  • Pivoting – Moving laterally through a network after initial compromise.
     
  • Polymorphic Malware – Malware that changes code to evade detection.
     
  • Privileged Access Management (PAM) – Controlling and monitoring admin accounts.
     
  • Public Key Infrastructure (PKI) – System for managing digital certificates and encryption.
     
  • Quarantine – Isolating malicious files to prevent spread.
     
  • Ransomware – Malware that encrypts data and demands payment for release.
     
  • Red Team – Offensive security team that simulates real-world attacks.
     
  • Risk Assessment – Process of identifying and analyzing threats.
     
  • Rootkit – Malware that hides its presence and maintains control over a system.
     
  • Sandboxing – Running untrusted code in a safe, isolated environment.
     
  • Scareware – Fake alerts tricking users into installing malware.
     
  • Security Awareness Training – Educating users on cybersecurity best practices.
     
  • Security Operations Center (SOC) – Central team monitoring and responding to threats.
     
  • Session Hijacking – Taking over a valid user session.
     
  • Shoulder Surfing – Stealing credentials by watching someone’s screen.
     
  • SIEM (Security Information and Event Management) – Platform for analyzing security data.
     
  • Smishing – Phishing attack using SMS messages.
     
  • Social Engineering – Manipulating people to gain unauthorized access.
     
  • Spoofing – Pretending to be someone/something else to trick users.
     
  • Spyware – Malware that secretly monitors user activity.
     
  • SQL Injection – Exploit that inserts malicious code into databases.
     
  • Supply Chain Attack – Compromising a vendor or supplier to attack a target.
     
  • Surface Web – Part of the web accessible by search engines.
     
  • Threat Intelligence – Data about current and emerging cyber threats.
     
  • Threat Vector – Path an attacker uses to breach a system.
     
  • Tokenization – Replacing sensitive data with unique tokens.


  • Trojan Horse – Malware disguised as legitimate software.


  • Zero-Day Vulnerability – Newly discovered flaw not yet patched.

Cyber7.ca

Copyright © 2025 Cyber 7 - All Rights Reserved.

This website uses cookies.

Please decline or accept.

DeclineAccept