Glossary

A device that allows wireless-equipped computers and other devices to communicate with a wired network.

A technology from Microsoft that links desktop applications to the World Wide Web. Using ActiveX tools, interactive web content can be created. Example: In addition to viewing Word and Excel documents from within a browser, additional functionality such as animation, credit card transactions, or spreadsheet calculations.

Adaptive technology is a set of tools or products created to help people with disabilities for them to work efficiently and productively. 

Adware bombards users with ads and pop-up windows and disrupts the user experience. Adware can also pose a danger to devices and the unwanted ads can include malware or redirect user searches to malicious websites that collect personal data about users. Adware programs are often built into freeware or shareware programs, where the adware operator collects an indirect fee for using the program.

The Advanced Encryption Standard (AES) is an electronic data encryption specification defined by the National Institute of Standards and Technology (NIST).

Agile development is a set of processes for creating software that includes being creative and flexible in software development.

Artificial intelligence (AI), is a term used to describe computers’ aptitude to mimic human abilities such as reasoning, knowledge representation, planning, learning, natural language processing, perception, robotics, social intelligence and general intelligence.

Anti-Botnet tools automatically generate botnet checks when a user browses a website. If a risk is detected, it sends back a warning message to the device. The most common anti-botnet solution is CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart).

Anti-Malware is a program designed to protect computers and networks against any threats or attacks from viruses such as adware, spyware, and any such other malicious programs.

Anti-Phishing protects users from fraudulent websites, often perfect replicas of legitimate websites, undetectable to the human eye. Protection is enforced by detecting fraudulent emails, and by blocking phishing websites.

Anti-Virus solutions integrate the latest generation of virus detection technology to protect users from viruses, spyware, trojans, and worms that can infect equipment through email or internet browsing.

An application programming interface is a computing interface that defines interactions between multiple software intermediaries. It defines the kinds of calls or requests that can be made, how to make them, the data formats that should be used, the conventions to follow.

In an APT attack, a threat actor uses the most sophisticated tactics and technologies to penetrate a network. APTs aim to explore the network while remaining undetected for extended periods. APTs are most often used by nation-state threat actors wishing to cause severe disruption and damage to the economic and political stability of a country.

Augmented Reality (AR) uses a device placed between the person and their environment to provide an enhanced version of their surroundings by providing virtual elements in the field of vision.

Advanced Threat Protection (ATP) are security solutions that defend against sophisticated malware or hacking attacks targeting sensitive data. Advanced Threat Protection includes both software and managed security services.

An Attack Vector is the collection of all vulnerable points by which an attacker can enter a target system. Attack vectors exploit technology as well as human behaviour, to gain access to networks. The growth of IoT devices and have greatly increased the attack vector, making networks increasingly difficult to defend.

Authentication is the process of verifying the identity of a user or piece of information and the veracity of the information provided. In computing, it is the process of identifying a person or system with a username, password, etc.

Attackers use a Backdoor to gain access to a computer or a network. A programmer may bypass security steps and gain access to a computer through trapdoor programs, in the event of an attack on the computer system or networks. Attackers may also use such mechanisms to enter computers or networks without proper permission.

Online baiting involves enticing a victim with an incentive.

A Banker Trojan is a malicious computer program that intercepts sensitive personal information and credentials for accessing online bank or payment accounts.

Business Email Compromise (BEC) is a kind of cybercrime where a hacker gains control of an internal email account and uses that access for financial gain.

Big data is a label that typically applies to extremely large and/or unstructured data sets.

Biometric authentication is using a person’s unique characteristics to verify their identity, including fingerprint scanning, facial recognition, and voice recognition.

Black Hat is a term used to describe the ‘bad guys’ in the world of cybercrime. Black hats are hackers with criminal intentions.

A blacklist is a basic access control mechanism that allows elements such as email addresses, users, passwords, URLs, IP addresses, domain names, file hashes, etc. through the system, except those explicitly mentioned which are denied access.

A growing list of records, called blocks, that are linked using cryptography. Each block contains a cryptographic hash of the previous block’s timestamp and transaction data.

A blue team defends against attacks and responds to incidents when they occur.

A Botnet is a collection of compromised computers running malicious programs that are controlled remotely by a C&C (command & control) server operated by a cyber-criminal.

This is a method for guessing a password (or the key used to encrypt a message) that involves systematically trying a high volume of possible combinations of characters until the correct one is found.

A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer.

A Business Continuity Plan is an organisation’s playbook for how to operate in an emergency situation, including a cyber-attack.

The term Business Disruption refers to any interruption in the usual way that a system, process, or event works. Cyberattacks are designed to cause disruption to business operations.

Bring Your Own Computer (BYOC) is where employees are allowed to bring and use their own personal computing devices to perform some or part of their job roles, specifically personal laptop computers.

Bring Your Own Device (BYOD) is a policy of the organization allowing, encouraging or requiring its employees to use their personal devices such as smartphones, Tablet PCs, and laptops for official business purposes and accessing enterprise systems and data.

The Cyber Intelligence Alliance (C.I.A) is a community of senior IT leaders who meet regularly to network with other IT leaders and senior cyber security experts within the industry.

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a challenge-response test commonly used by websites to verify the user is a real human and not a bot. They can include simple arithmetic and questions about images, that bots have difficulty answering.

A Cloud Access Security Broker (CASB) is a technology that acts as a gatekeeper between an organisation’s on-site infrastructure and a cloud provider’s infrastructure, enforcing access control, auditing and monitoring, and data encryption.

A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organisation’s cybersecurity incidents.

The Network Security concepts of: Confidentiality, Integrity, and Availability.

Clickjacking involves tricking someone into clicking on one object on a web page while they think they are clicking on another. The attacker loads a transparent page over the legitimate content on the web page so that the victim thinks they are clicking on a legitimate item when they are really clicking on something on the attacker’s invisible page. This way, the attacker can hijack the victim’s click for their own purposes. Clickjacking could be used to install malware, gain access to one of the victim’s online accounts, or enable the victim’s webcam.

Clientless refers to a program that is run entirely from the network, without requiring any installation of software on the endpoint device running the program.

An attack that introduces malicious code into a software application and then executes the code when the application is opened.

Commercial off-the Shelf or Commercially Available off the Shelf (COTS) products are packaged solutions that are then adapted to satisfy the needs of the purchasing organisation, rather than the commissioning of custom-made, or bespoke, solutions.

Critical infrastructure is the body of systems, networks and assets that are so essential that their continued operation is required to ensure the security of the organisation.

Malicious instructions (script) are injected into otherwise innocent and trusted web sites, allowing the attacker to modify the web page to suit the attacker’s objectives.

Crowdsourcing means the outsourcing of your tasks to a crowd of people. That is, you will have a loosely defined group, which will do the work for you.

Crypto jacking consists of hackers using the computing power of a compromised device to generate or “mine” cryptocurrency without the owner’s knowledge.

Cloud Service Provider; a business model for providing cloud services.

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.

The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities.

Cyberbullying is the use of electronic means, primarily messaging and social media platforms, to bully and harass a victim.

Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorised access.

The Dark Web is encrypted parts of the internet that are not indexed by search engines, most notoriously used by all types of criminals to communicate and share information without being detected or identified by law enforcement.

A Data Breach is the event of a hacker successfully exploiting a network or device and gaining access to its files and data.

A data centre is a facility used to house computer systems and associated components, such as telecommunications and storage systems.

Data Integrity is a term that refers to the maintenance and assurance of data quality.

Data mining is the process of examining and manipulating data sets to find patterns and prepare data for deeper analysis.

Data Theft is the deliberate theft of sensitive data by nefarious actors.

Decryption is the process of decoding cipher text to plain text so that it is readable by humans. It is the reverse of encryption.

Deepfake refers to any video in which faces have been either swapped or digitally altered, with the help of AI.

An information security strategy that employs multiple layers of security to set barriers against failure.

Network Detection and Response is a security solution category used by organisations to detect malicious network activity, perform a forensic investigation to determine the root cause, and then respond and mitigate the threat.

DevOps is a set of practices that combines software development and IT operations. It aims to shorten the system’s development life cycle and provide continuous delivery with high software quality.

Dynamic Host Configuration Protocol; a protocol that lets a server on a local network assign temporary IP addresses to a computer or other network devices.

Digital Forensics is the process of procuring, analysing, and interpreting electronic data for the purpose of presenting it as legal evidence in a court of law.

Digital Transformation is the process of using digital technologies to create or modify business processes and customer experiences to keep up-to-date with current business and market requirements.

Data Loss Prevention (DLP) is an umbrella term for a collection of security tools, processes, and procedures that aim to prevent sensitive data from falling into unauthorised or malicious hands.

DMARC is Domain-based Message Authentication, Reporting and Conformance, a technical standard that helps protect email senders and recipients from advanced threats that can be the source of an email data breach.

Segment of a network where servers accessed by less trusted users are isolated. The name is derived from the term “demilitarised zone”.

DNS, or the Domain Name System, translates human readable domain names (for example, www.cyberwhite.co.uk) to machine readable IP addresses (for example, 185.53.59.157).

A domain controller is a server computer that authenticates and validates user access on a network.

A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is when one or more compromised systems launch a flooding attack on a remote target(s), in an attempt to overload network resources and disrupt service.

Drive-by Downloads or attacks are a common method of spreading malware. Cybercriminals look for insecure websites and plant a malicious script into HTTP or PHP code on one of the pages.

Endpoint Detection and Response (EDR) are tools for protecting computer endpoints from potential threats.

Encryption is a process of maintaining data confidentiality by converting plain data into secret code with the help of an encryption algorithm. Only users with the appropriate decryption key can unscramble and access encrypted data or cipher text.

Endpoint Protection refers to a system for network security management that monitors network endpoints, hardware devices such as workstations and mobile devices from which a network is accessed.

An exploit is taking advantage of a vulnerability or flaw in a network system to penetrate or attack it.

Fast Identity Online (FIDO) is a set of open authentication standards that enable a service provider to leverage existing technologies for password less authentication.

Fileless Malware (FM), aka “non-malware,” or “fileless infection,” is a form of malicious computer attack that exists exclusively within the realm of volatile data storage components such as RAM, in memory processes, and service areas.

The Federal Information Processing Standard (FIPS) is a U.S. government standard
for document processing, encryption algorithms, and other technology practices used by government agencies and adjacent contractors and vendors, issued and recognised by the National Institute of Standards and Technology (NIST).

A Firewall is a security system that forms a virtual perimeter around a network of workstations preventing viruses, worms, and hackers from penetrating.

Copyrighted software available for downloading without charge; unlimited personal usage is permitted, but you cannot do anything else without express permission of the author.

File Transfer Protocol; a method of exchanging files between computers via the Internet.

Green technology is technically environment-friendly innovations and technology that relate to safety, health, energy efficiency, renewable resources, and recycling.

A Greylist contains items that are temporarily blocked (or temporarily allowed) until an additional step is performed.

Graphical user interface; a mouse-based system that contains icons, drop-down menus, and windows where you point and click to indicate what you want to do. All new Windows and Macintosh computers currently being sold utilize this technology.

A Hacker is a term commonly used to describe a person who tries to gain unauthorised access to a network or computer system.

Hyperconverged infrastructure is a software-defined IT infrastructure that virtualises all of the elements of conventional “hardware-defined” systems.

Honeypots are computer security programs that simulate network resources that hackers are likely to look for to lure them in and trap them.

HyperText Markup Language; a language used for creating web pages.

HyperText Transfer Protocol; a set of instructions that defines how a web server and a browser should interact.

URLs with HTTPS are designated by a padlock icon in the browser’s status bar. This indicates the presence of this additional layer of security, and often users are asked to provide a password or other authentication method to access the site.

A hypervisor, also called virtual machine manager (VMM), is one of many hardware virtualisation techniques that allow multiple operating systems, termed guests, to run concurrently on a host computer.

Infrastructure as a Service; In the most basic cloud-service model, providers of IaaS offer computers – physical or (more often) virtual machines – and other resources.

Identity and Access Management (IAM) is the process used by an organisation to grant or deny access to a secure system.

Identity as a Service is an authentication infrastructure that is hosted in the cloud.

Identity Theft occurs when a malicious actor gathers enough personal information from the victim (name, address, date of birth, etc.) to enable them to commit identity fraud – i.e., the use of stolen credentials to obtain goods or services by deception.

Program or device used to detect that an attacker is or has attempted unauthorised access to computer resources.

Internet Message Access Protocol. A method of accessing e-mail messages on a server without downloading them to your local hard drive; it is the main difference between IMAP and POP3 which requires messages to be downloaded to a user’s hard drive before the message can be read.

An In-line Network Device is one that receives packets and forwards them to their intended destination. In-line network devices include routers, switches, firewalls, and intrusion detection and intrusion prevention systems, web application firewalls, anti-malware, and network taps.

Initial access brokers are threat actors that sell cybercriminals access to corporate networks.

An Insider Threat is when an authorised system user, poses a threat to an organisation because they have authorised access to inside information and therefore bypass most perimeter-based security solutions.

Indicators of Compromise (IoC) are bits of forensic data from system log entries or files that identify potentially malicious activity on a system or network.

The term Internet of Things (IoT) is used to describe everyday objects that are connected to the internet and are able to collect and transfer data automatically, without the need for human interaction.

Internet Protocol address; every computer connected to the Internet has a unique identifying number. Example: 192.168.100.2.

An attack where the attacker disguises himself or herself as another user by means of a false IP network address.

An Intrusion Prevention System (IPS) is a network security system designed to prevent network penetration by malicious actors when detected.

Internet Relay Chat; a system that enables two or more Internet users to conduct online discussions in real time.

This process involves removing the security restrictions of a device, often a mobile phone. This then allows the owner to install unofficial apps and make modifications to the system.

A general purpose programming language.

An authentication system developed at the Massachusetts Institute of Technology (MIT); it enables the exchange of private information across an open network by assigning a unique key called a “ticket” to a user requesting access to secure information.

A Keylogger is a type of spyware software that records every keystroke made on a computer’s keyboard.

This is a military-inspired term to describe the steps of a malware attack.

Local area network; a network that extends over a small area. Typically, a LAN connects a group of computers for the purpose of sharing resources such as programs, documents, and printers.

A policy of granting users or applications only the permissions necessary to perform their official duties.

An open-source operating system that runs on several hardware platforms including PCs and Mac. Linux is freely available.

A logic bomb is a piece of code that gets inserted into a system and contains a set of secret instructions. When a particular action is carried out, this triggers the code to perform a malicious action, like the deletion of files.

Each network interface has a media access control address, or MAC address — also known as a physical address. This is a unique identifier designed to identify different computers on a network.

Machine learning is the study of computer algorithms that improve automatically through experience. It is seen as a subset of artificial intelligence.

Malware is a general term for any type of intrusive computer software with malicious intent against the user.

A man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

Mobile Device Management; Any routine or tool intended to distribute applications, data, and configuration settings to mobile communications devices.

Managed detection and response (MDR) is an outsourced service that provides organisations with threat hunting services and responds to threats once they are discovered.

An authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism.

The MITRE ATT&CK™ framework is a comprehensive matrix of tactics and techniques used by threat hunters, red teamers, and defenders to better classify attacks and assess an organisation’s risk.

A managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems.

NaaS is a cloud model that enables users to easily operate the network and achieve the outcomes they expect from it without owning, building, or maintaining their own infrastructure.

Policies and procedures that govern what an individual or component can do on a network. In addition to granting access to trusted users and devices, it also monitors and regulates their activity on the network, and implements protections like firewalls, antivirus software, and spyware detection tools.

Network Address Translation; a standard that enables a LAN to use a set of IP addresses for internal traffic and a single IP address for communications with the Internet.

The Open Worldwide Application Security Project® (OWASP) is a non-profit foundation that works to improve the security of software.

Platform as a Service, in the PaaS model, cloud providers deliver a computing platform that typically including an operating system, programming language execution environment, database, and web server.

Software designed to monitor and record network traffic.

Parental Controls are features that allow parents to restrict the access of content to children.

A Patch provides additional, revised, or updated code for an operating system or application.

Penetration Testing, (often referred to as pen testing) is the practice of intentionally challenging the security of a computer system, network, or web application to discover vulnerabilities that an attacker or hacker could exploit.

Phishing is a type of internet fraud that seeks to acquire a user’s credentials by deception.

Personal Identifiable Information (PII) is a type of data that identifies the unique identity of an individual.

Packet Internet Groper; a utility used to determine whether a particular computer is currently connected to the Internet. It works by sending a packet to the specified IP address and waiting for a reply.

A set of services that uses a public and private cryptographic key pair to allow users on an unsecured network to securely exchange data.

The property of an application or process that is able to alter its identifiable characteristics such as name, encryption keys or file size in order to prevent or hinder signature-based detection.

Process Hollowing is a security exploit in which an attacker removes code in an executable file and replaces it with malicious code.

Protocols are different ways of communicating over the Internet. TCP and UDP are the most common protocols. The ICMP protocol is also used, but primarily so network devices can check each other’s status.

Refers to a type of server that functions as an intermediate link between a client application (like a web browser) and a real server. The proxy server intercepts requests for information from the real server and whenever possible, fills the request.

Describes the act of attacking and ‘owning’ (gaining control of) a device, system or website which can then be bent to the attackers will, such as obtaining sensitive information like usernames and passwords.

Quality of service; is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. For example, a required bit rate, delay, jitter, packet dropping probability and/or bit error rate may be guaranteed.

Ransomware is the name given to malicious programs designed to extort money from victims by blocking access to the computer or encrypting stored data.

RDP is a protocol for remotely connecting to computers running Windows. It enables interaction with desktop elements as well as access to other device resources.

A red team plays the role of the attacker by trying to find vulnerabilities and break through cybersecurity defences.

Remote monitoring and management is the process of supervising and controlling IT systems by using locally installed agents that can be accessed by a managed IT service provider.

A Rootkit is a collection of software tools or a program that gives a hacker remote access to, and control over, a computer or network.

Software as a Service; a software delivery model in which software and associated data are centrally hosted on the cloud. SaaS is typically accessed by users using a thin client via a web browser.

An open standard for providing SSO (Single Sign-On). Service providers defer authentication to an identity provider using cryptographically signed messages passed back and forth by the user’s browser between the two entities.

A storage area network (SAN) is a dedicated storage network that provides access to consolidated, block level storage. SANs primarily are used to make storage devices (such as disk arrays, tape libraries, and optical jukeboxes) accessible to servers so that the devices appear as locally attached to the operating system.

A sandbox is an isolated environment on a network which mimics end-user operating environments.

Scareware is malware that uses scare tactics, often in the form of pop-ups that falsely warn users they have been infected with a virus, to trick users into visiting malware-containing websites.

A virus or physical device that logs information sent to a visual display to capture private or personal information.

A term for a person with limited knowledge of cybersecurity, motivated by mischief, who uses code or scripts developed by more experienced hackers to crack passwords and deface websites.

SD-WAN is an acronym for software-defined networking in a wide area network.
SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism.

Security as a Service (SECaaS) is a type of cloud computing service where the provider offers the customer the ability to use a provided application. Examples of a SECaaS include online e-mail services or online document editing systems.

Incident response is a planned approach to addressing and managing the reaction after a cyber-attack or network security breach. The goal is to have clear procedures defined before an attack occurs to minimise damage, reduce disaster recovery time, and mitigate breach-related expenses.

A Security Perimeter is a digital boundary that is defined for a system or domain within which a specified security policy or security architecture is applied.

Shadow IT is the unauthorised use of any apps, devices, services, technologies, solutions, and infrastructure without the knowledge, approval, and support of the IT department.

Copyrighted software available for downloading on a free, limited trial basis.
If you decide to continue using the software, you are expected to register and then pay a small fee.

Software or hardware that has been purchased but is unused.

A shoulder surfing attack describes a situation where the attacker can physically view the device screen and keypad to obtain personal information.

Security Information and Event Management (SIEM) is a formal process by which the security of an organisation is monitored and evaluated on a constant basis.

SIM Swapping is a scam used to intercept online banking SMS verification codes.

The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.

Simple Mail Transfer Protocol; a method of handling outgoing electronic mail.

SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs that organisations use to collect data about security threats from across the network and respond to low-level security events without human assistance.

A Security Operations Centre (SOC) is a facility where enterprise information systems (websites, applications, databases, data centre and servers, networks, desktops, and other endpoints) are monitored, assessed, and defended by SOC analysts.

Social Engineering is an increasingly popular method of gaining access to unauthorised resources by exploiting human psychology and manipulating users.

Spam is the name commonly given to unsolicited emails.

Spear Phishing is a phishing scam that targets a specific individual or organisation, usually via a personalized email, SMS or other electronic communication to defraud them under the guise of a legitimate transaction.

A protocol that validates email and attempts to detect and block email spoofing by allowing receiving systems to verify whether the incoming mail’s IP address comes from a list of IP addresses authorised by the sender’s domain administrators.

A Spoof is an attack attempt by an unauthorised entity or attacker to gain illegitimate access to a system by posing as an authorised user. Spoofing includes any act of disguising a communication from an unknown source as being from a known, trusted source.

Spyware is software that is secretly installed on a user’s device to gather sensitive data.

An exploit in which an attacker inserts malicious SQL code into a database’s queries to manipulate data or gain access to resources.

Service Set Identifier; a name that identifies a wireless network.

Small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser.

An authentication process that allows a user to enter one username and password to access multiple applications.

Steganography is the practice of hiding a secret message inside of something that is not a secret with the purpose of concealing and deceiving.

The process of securing a system by reducing its surface of vulnerability, i.e. removing all un-necessary applications.

Tailgating involves someone who lacks the proper authentication following an employee into a restricted area.

Transmission Control Protocol/Internet Protocol; an agreed upon set of rules that tells computers how to exchange information over the Internet.

Threat Assessment is a structured process used to identify and evaluate various risks or threats that an organisation might be exposed to.

Cyber Threat Hunting is an active cyber defence activity where cybersecurity professionals actively search networks to detect and mitigate advanced threats that evade existing security solutions.

Threat Intelligence, or cyber threat intelligence, is intelligence proactively obtained and used to understand the threats that are targeting the organisation.

A harmless-looking program designed to trick you into thinking it is something you want, but which performs harmful acts when it runs.

Two-factor Authentication combines a static password with an external authentication device such as a hardware token that generates a randomly-generated one-time password, a smart card, an SMS message (where a mobile phone is the token), or a unique physical attribute like a fingerprint.

This form of authentication requires the visitor to provide their username (i.e. claim an identity) and password (i.e. the single factor authentication) before performing an additional step. The additional step could be receiving a text message with a code, then typing that code back into the website for confirmation.

UEBA stands for user and entity behaviour analytics. It uses machine learning algorithms to detect suspicious activity in user and machine behaviours.

Uniform Resource Locator; a means of identifying resources on the Internet.

Unified threat management is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function.

Software or hardware that is advertised but not available to purchase.

Virtual Desktop Infrastructure or “VDI,” is a desktop-centric service that hosts users’ desktop environments on remote servers and/or blade PCs, which are accessed over a network using a remote display protocol.

Virtualisation is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources. In hardware virtualisation, the term host machine refers to the actual machine on which the virtualisation takes place; the term guest machine, however, refers to the virtual machine.

A Virus is a malicious computer program that is often sent as an email attachment or a download with the intent of infecting that device. Once the device is infected, a virus can hijack the web browser, display unwanted ads, send spam, provide criminals with access to the device and contact list, disable security settings, scan, and find personal information like passwords.

Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.

A virtual local area network (VLAN) is a virtualized connection that connects multiple devices and network nodes from different LANs into one logical network.

Virtual machines (VMs) are individual, isolated computing environments that can share the hardware resources of a single host computer system. VMs can be used to run multiple operating systems on the same computer at the same time, with each including their own applications and data.

Voice over Internet Protocol; a means of using the Internet as the transmission medium for phone calls.

A Virtual Private Network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. It is essentially a virtual, secure corridor.

Virtual reality (VR) is using computer-simulated three-dimensional environments to provide the user with an immersive and interactive experience.

Vulnerabilities are weaknesses in software programs that can be exploited by hackers to compromise computers.

Vulnerability assessment is the process of discovering and analysing vulnerabilities and penetration testing is the process of exploiting those vulnerabilities to help determine the best mitigation technique.

A Web Application Firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service.

Wide Area Network; a group of networked computers covering a large geographical area (e.g., the Internet).

Wireless Application Protocol; a set of communication protocols for enabling wireless access to the Internet.

Slang for pirated software.

Wearables is an IT term that refers to wearable technology. This includes devices like smartwatches and fitness bands.

Wired Equivalent Privacy; a security protocol for wireless local area networks defined in the 802.11b standard. WEP provides the same level of security as that of a wired LAN.

Whaling is a spear phishing attack aimed at a high-value target, such as executives, IT department heads, finance department heads, or an organisation’s C-Suite.

White hat is a term used to describe the ‘good guys’ in the world of cybercrime. White hats are hackers who use their skills and talents for good and work to keep data safe from other hackers by finding system vulnerabilities that can be fixed.

A Whitelist is a list of permitted items that are automatically let through whatever gate is being used.

Wireless Local Area Network; the computers and devices that make up a wireless network.

A Worm is a computer program that installs itself on a victim’s device and then looks for a way to spread to other computers, causing damage by shutting down parts of the network.

Wi-Fi Protected Access; a standard designed to improve on the security features of WEP.

XDR or extended detection and response is a solution that integrates multiple security tools and data sources to provides extended threat detection and response capabilities beyond traditional endpoint products.

This term is used to describe exploit code that has been written to take advantage of a vulnerability before the software vendor knows about it and can publish a patch for it.

Zero-Touch Provisioning (ZTP) is an automatic device configuration process that frees IT administrators for more important tasks. The automated process reduces the possibility of errors when manually configuring devices and slashes the time it takes to set up devices for employee use, often without requiring IT intervention.

Zero Trust Network Access or ZTNA is a security framework that requires all users – in or outside the organisation’s network – to be authenticated, authorised, and continuously validated for security configuration and posture before being granted or keeping access to data and applications.