In this cyber security glossary, we will clarify the subject of terms about various types of computer security threats and other words about application security, access control, network intrusion detection, security awareness training and computer forensics. Terms relevant to application security, like phrases around secure code development, preventing security vulnerabilities. Active Directory Certificate Services (AD CS) active man-in-the-middle attack (MitM) adaptive security Android WebView app wrapping (application wrapping) application blacklisting application firewall application security application whitelisting attack surface analysis Automatic Identification and Data … behavior blacklisting behavior whitelisting BitLocker blacklist bot worm bug bounty program bug convergence Centre for the Protection of National … CERT-In (the Indian Computer Emergency … CGI scanner chief risk officer (CRO) Class C2 clickjacking (user-interface or UI … clipboard hijack attack Clonezilla CloudAudit CloudAV column-level encryption Common Weakness Enumeration (CWE) Conduit browser hijacker Conficker content spoofing control framework covert redirect cross-site request forgery (XSRF or CSRF) cross-site tracing (XST) Cybercrime cybersecurity cyberwarfare data breach data masking DCPromo (Domain Controller Promoter) digital wallet security disposable email DNS Security Extensions (DNSSEC) eavesdropping encryption key management endpoint fingerprinting engine-level encryption Fennec FFIEC compliance (Federal Financial … Firefox 3.5 Firesheep Flexible Mandatory Access Control (FMAC) fuzz testing (fuzzing) geolocation Google Docs hackerazzi health informatics Higgins Trust Framework (HTF) honey monkey IFrame (Inline Frame) initialization vector (IV) intelligent video Internet Storm Center iris recognition ISO 27001 ISO/IEC 38500 Java Authentication and Authorization … JavaScript hijacking key-value pair (KVP) keystroke dynamics keyword stuffing kill switch knowledge process outsourcing (KPO) LDAP injection load testing malvertizement man in the browser managed file transfer (MFT) Massachusetts data protection law meet-in-the-middle attack metamorphic malware micropayment Microsoft System Center Mobile Device … MIEL e-Security mobile app security multifactor authentication (MFA) mutual authentication MyDiamo National Vulnerability Database (NVD) NBAR (Network Based Application Recognition) next-generation firewall (NGFW) one-time password (OTP) OneID open redirect open security Open Source Hardening Project OS commanding out-of-band patch OWASP (Open Web Application Security Project) partner portal password hardening pastebin personal health record (PHR) pharma hack polymorphic malware pretexting Pretty Easy Privacy (pEp) principle of least privilege (POLP) private cloud (internal cloud or … privilege bracketing proxy hacking pseudo-anonymity pseudonymity Pwn2Own Qualified Security Assessor (QSA) ransomware RAT (remote access Trojan) real-time location system (RTLS) remote deposit capture (RDC) remote desktop Report on Compliance (ROC) Rock Phish runtime application self-protection (RASP) scareware Security as a Service (SaaS) security by design security event security information management (SIM) shadow app shrink wrap license single-factor authentication (SFA) SmartScreen soft token software attack surface software-defined perimeter (SDP) SSI injection static verification streaming application TailsOS TDL-4 (TDSS or Alureon) Tilded platform tokenization variable manipulation virtual appliance virtual machine escape virtual patching VMware Identity Manager VOIPSA (Voice over IP Security Alliance) Weave Web application firewall (WAF) Web Application Proxy Web Application Security Consortium (WASC) Web Services Trust Language (WS-Trust) WikiScanner wildcard certificate Windows Genuine Advantage (WGA) wiretap Trojan X.509 certificate XML bomb zero-day vulnerability
For more tutorials, news, and resources on hacking and cybersecurity, visit our blog at DarkbyteGear.com.