Glossary

Cloud Security:

  • Cloud Computing: The delivery of different services through the Internet, including data storage, servers, databases, networking, and software.
  • API Security: The protection of the integrity of APIs—both the ones you own and the ones you use.
  • Cloud Access Security Broker (CASB): Software that sits between cloud service users and cloud applications to monitor all activity and enforce security policies.
  • Cloud Computing : The delivery of different services through the Internet, including data storage, servers, databases, networking, and software.
  • Cloud Migration : The process of moving data, applications, or other business elements to a cloud computing environment.
  • Cloud Security : The set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing.
  • Compliance : The act of being in alignment with guidelines, regulations and/or legislation.
  • Data Breach : An incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner.
  • Data Encryption : The method of converting plaintext data into an unreadable form, or ciphertext, to protect it from unauthorized access.
  • Disaster Recovery : Strategies and processes to recover from and prevent data loss due to a disaster.
  • Encryption Key Management : The administration of tasks involved with protecting, storing, backing up, and organizing encryption keys.
  • Hybrid Cloud : A cloud computing environment that combines on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms.
  • Identity and Access Management (IAM) : A framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources.
  • Infrastructure as a Service (IaaS) : A cloud computing service model that provides virtualized computing resources over the internet.
  • Multi-Factor Authentication (MFA) : An authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.
  • Platform as a Service (PaaS) : A cloud computing service model that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
  • Private Cloud : A cloud computing model that offers a proprietary environment dedicated to a single business entity.
  • Public Cloud : A cloud service model where services are provided over the Internet and are available to anyone who wants to use or purchase them.
  • Service Level Agreement (SLA) : A contract between a service provider and the end user that defines the level of service expected from the service provider.
  • Software as a Service (SaaS) : A cloud computing service model that provides software applications over the internet, on a subscription basis.
  • Virtual Private Network (VPN) : A technology that creates a safe and encrypted connection over a less secure network, such as the internet.

Application Security:

  • Application Programming Interface (API) Security : The practice of protecting APIs from malicious attacks or misuse.
  • Application Security : The process of making apps more secure by finding, fixing, and enhancing the security of apps.
  • Authentication : The process of verifying the identity of a user or process.
  • Authorization : The process of determining if a user, program, or process has the necessary permissions to perform a given action.
  • Certificate Authority (CA) : An entity that issues digital certificates.
  • Code Review : The systematic examination of computer source code intended to find and fix mistakes overlooked in the initial development phase.
  • Cross-Site Request Forgery (CSRF) : A type of attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.
  • Cross-Site Scripting (XSS) : A security vulnerability typically found in web applications that allows attackers to inject client-side scripts into web pages viewed by other users.
  • Data Breach : An incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner.
  • Decryption : The process of converting encrypted data back into its original form.
  • Digital Certificate : An electronic document used to prove the ownership of a public key.
  • Encryption : The process of encoding data to prevent unauthorized access.
  • Firewall : A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
  • Input Validation : The process of ensuring that a program operates on clean, correct and useful data.
  • Intrusion Detection System (IDS) : A device or software application that monitors a network or systems for malicious activity or policy violations.
  • Intrusion Prevention System (IPS) : A form of network security that works to detect and prevent identified threats.
  • Patch Management : The process of managing a network of computers by regularly performing patch deployment to keep computers up to date.
  • Penetration Testing : The practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.
  • SQL Injection : A type of security vulnerability that allows attackers to interfere with the queries an application makes to its database.
  • Secure Sockets Layer (SSL)/Transport Layer Security (TLS) : Protocols for establishing authenticated and encrypted links between networked computers.
  • Security Information and Event Management (SIEM) : A set of tools and services offering a holistic view of an organization’s information security.
  • Security Token : A physical or digital device that provides an additional layer of security for authentication.
  • Session Hijacking : The exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
  • Two-Factor Authentication (2FA) : A security process in which users provide two different authentication factors to verify themselves.
  • Vulnerability Assessment : The process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system.
  • Zero-Day Attack : A cyber attack that occurs on the same day a weakness is discovered in software, before the software developers have an opportunity to create a patch to fix the vulnerability.