Cloud Security:
- Cloud Computing:
The delivery of different services through the Internet, including data
storage, servers, databases, networking, and software.
- API Security:
The protection of the integrity of APIs—both the ones you own and the
ones you use.
- Cloud Access Security Broker (CASB):
Software that sits between cloud service users and cloud applications
to monitor all activity and enforce security policies.
- Cloud Computing
: The delivery of different services through the Internet, including
data storage, servers, databases, networking, and software.
- Cloud Migration
: The process of moving data, applications, or other business elements
to a cloud computing environment.
- Cloud Security
: The set of policies, technologies, applications, and controls utilized
to protect virtualized IP, data, applications, services, and the associated
infrastructure of cloud computing.
- Compliance
: The act of being in alignment with guidelines, regulations and/or legislation.
- Data Breach
: An incident where information is stolen or taken from a system without
the knowledge or authorization of the system’s owner.
- Data Encryption
: The method of converting plaintext data into an unreadable form, or
ciphertext, to protect it from unauthorized access.
- Disaster Recovery
: Strategies and processes to recover from and prevent data loss due
to a disaster.
- Encryption Key Management
: The administration of tasks involved with protecting, storing, backing
up, and organizing encryption keys.
- Hybrid Cloud
: A cloud computing environment that combines on-premises, private cloud
and third-party, public cloud services with orchestration between the
two platforms.
- Identity and Access Management (IAM)
: A framework of policies and technologies for ensuring that the proper
people in an enterprise have the appropriate access to technology resources.
- Infrastructure as a Service (IaaS)
: A cloud computing service model that provides virtualized computing
resources over the internet.
- Multi-Factor Authentication (MFA)
: An authentication method that requires the user to provide two or more
verification factors to gain access to a resource such as an application,
online account, or a VPN.
- Platform as a Service (PaaS)
: A cloud computing service model that provides a platform allowing customers
to develop, run, and manage applications without the complexity of building
and maintaining the infrastructure typically associated with developing
and launching an app.
- Private Cloud
: A cloud computing model that offers a proprietary environment dedicated
to a single business entity.
- Public Cloud
: A cloud service model where services are provided over the Internet
and are available to anyone who wants to use or purchase them.
- Service Level Agreement (SLA)
: A contract between a service provider and the end user that defines
the level of service expected from the service provider.
- Software as a Service (SaaS)
: A cloud computing service model that provides software applications
over the internet, on a subscription basis.
- Virtual Private Network (VPN)
: A technology that creates a safe and encrypted connection over a less
secure network, such as the internet.
Application Security:
- Application Programming Interface (API) Security
: The practice of protecting APIs from malicious attacks or misuse.
- Application Security
: The process of making apps more secure by finding, fixing, and enhancing
the security of apps.
- Authentication
: The process of verifying the identity of a user or process.
- Authorization
: The process of determining if a user, program, or process has the necessary
permissions to perform a given action.
- Certificate Authority (CA)
: An entity that issues digital certificates.
- Code Review
: The systematic examination of computer source code intended to find
and fix mistakes overlooked in the initial development phase.
- Cross-Site Request Forgery (CSRF)
: A type of attack that forces an end user to execute unwanted actions
on a web application in which they are currently authenticated.
- Cross-Site Scripting (XSS)
: A security vulnerability typically found in web applications that allows
attackers to inject client-side scripts into web pages viewed by other
users.
- Data Breach
: An incident where information is stolen or taken from a system without
the knowledge or authorization of the system’s owner.
- Decryption
: The process of converting encrypted data back into its original form.
- Digital Certificate
: An electronic document used to prove the ownership of a public key.
- Encryption
: The process of encoding data to prevent unauthorized access.
- Firewall
: A network security device that monitors incoming and outgoing network
traffic and decides whether to allow or block specific traffic based
on a defined set of security rules.
- Input Validation
: The process of ensuring that a program operates on clean, correct and
useful data.
- Intrusion Detection System (IDS)
: A device or software application that monitors a network or systems
for malicious activity or policy violations.
- Intrusion Prevention System (IPS)
: A form of network security that works to detect and prevent identified
threats.
- Patch Management
: The process of managing a network of computers by regularly performing
patch deployment to keep computers up to date.
- Penetration Testing
: The practice of testing a computer system, network, or web application
to find security vulnerabilities that an attacker could exploit.
- SQL Injection
: A type of security vulnerability that allows attackers to interfere
with the queries an application makes to its database.
- Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
: Protocols for establishing authenticated and encrypted links between
networked computers.
- Security Information and Event Management (SIEM)
: A set of tools and services offering a holistic view of an organization’s
information security.
- Security Token
: A physical or digital device that provides an additional layer of security
for authentication.
- Session Hijacking
: The exploitation of a valid computer session to gain unauthorized access
to information or services in a computer system.
- Two-Factor Authentication (2FA)
: A security process in which users provide two different authentication
factors to verify themselves.
- Vulnerability Assessment
: The process of identifying, quantifying, and prioritizing (or ranking)
the vulnerabilities in a system.
- Zero-Day Attack
: A cyber attack that occurs on the same day a weakness is discovered
in software, before the software developers have an opportunity to create
a patch to fix the vulnerability.