Skip to main content

Cybersecurity Terms and Glossary: Definitions and Explanations

Cyber security is the discipline of protecting computer systems, networks, devices, and data from malicious attacks. It covers identifying threats, isolating them, countering them with no or minimal data loss, and working towards threat prevention.

Everyone is affected by cybersecurity. We all share information online on a regular basis, whether for work or pleasure, via smartphones, tablets, or laptops, and with that comes a certain level of danger.

We should all have a basic awareness of how to protect our data — and what the threats are – as consumers and businesses. Nonetheless, it occasionally feels as if the content is purposefully obfuscated behind complex acronyms and technical jargon.

Even the most tech-savvy among us would find it difficult to keep up with all of the cybersecurity jargon.

The cybersecurity lexicon gives knowledge and insight into the industry's key phrases and definitions to the cybersecurity community. This glossary contains important terms.All related terms referenced on website and commonly used in the cybersecurity field have been added. You can begin your search by looking up the key terms you'll need to know as a security professional.

Read on for a dictionary of cybersecurity terminology and acronyms if you want to know the most commonly used 180 cybersecurity terms. We'll be updating this on a regular basis, so let us know if you have any suggestions for additions.

Cybersecurity Terms with A

You can find here definitions for common cybersecurity terms starting with the letter "A"

Access Control

The process of approving or rejecting specific requests for or attempts to: 1) receive and use the information and related information processing services; and 2) get access to certain physical facilities.

Access Control List (ACL)

An object's list of permissions. The list indicates who or what is permitted access to the object, as well as what operations are permitted on it. 2. A mechanism for enumerating the system entities that are permitted to access a system resource and specifying, either implicitly or explicitly, the access modes provided to each entity in order to implement access control for that resource.

Access Control Policy

High-level requirements define how access is controlled and who has access to what information and when.

Access Management

Access Management is a set of procedures that allows only those who have been granted access to a resource to perform actions on it. Policy Administration, Authentication, and Authorization are the three most frequent Access Management services you may encounter on a daily basis without ever recognizing it.

Access Point

A device that logically connects wireless client devices in infrastructure and grants access to a distribution system.

Active Attack

A genuine attack on a system, its resources, data, or operations by an intentional threat source. Man-in-the-middle, impersonation, and session hijacking are examples of active attacks.

Active Directory

A directory service from Microsoft for managing identities in Windows domain networks.

Address Resolution Protocol (ARP)

A methodology for obtaining the physical address of a node. A client station broadcasts an ARP request onto the network with the target node's Internet Protocol (IP) address, and the node responds by sending back its physical address so that packets can be sent to it.

Advanced Encryption Standard (AES)

AES stands for Advanced Encryption Standard. A cryptographic technique that has been authorized by the US government and can be used to protect electronic data.

Advanced Persistent Threat (APT)

An adversary with advanced levels of competence and substantial resources, allowing it to create opportunities to fulfill its goals by employing many attack vectors (e.g., cyber, physical, and deception).


Adware, sometimes known as advertising-supported software, is software that earns revenue for its creator by displaying internet advertisements in the software's user interface or on a screen displayed to the user during the installation process.

American Standard Code for Information Interchange (ASCII)

The American System Code for Information Interchange, or ASCII, is a character encoding standard used in electronic communication. In computers, telecommunications equipment, and other devices, ASCII codes represent text.

Anomaly-Based Detection

The practice of identifying major deviations by comparing concepts of what constitutes normal activity with observable events.

Anonymizing proxy

An anonymizer, often known as an anonymous proxy, is a tool that aims to make online behavior untraceable. It's a proxy server computer that serves as a middleman and privacy shield between a client computer and the rest of the Internet.

Anti Spyware software

Antispyware software is a tool that focuses on identifying, preventing, and uninstalling spyware.


Anti-spam software is designed to keep unsolicited and malicious emails out of company inboxes.


Countermeasures were taken to prevent the illegal use of lawful identity and authentication (I&A) data, regardless of how it was obtained, to impersonate someone other than the attacker.

Antivirus Software

An application that monitors a computer or network for the purpose of detecting and preventing malware incidents.

Application control

Completeness and validity checks, identification, authentication, authorization, input controls, and forensic controls are all examples of application control.

Application Firewall

A firewall that analyzes network traffic for one or more applications using stateful protocol analysis.

Artificial intelligence

Artificial intelligence, as opposed to natural intelligence expressed by humans or animals, is intelligence demonstrated by robots.

Assembly Language

Assembly language, abbreviated as in computer programming, is any low-level programming language in which the instructions in the language have a very strong correlation with the architecture's machine code instructions.

Assessment plan

The control assessment objectives, as well as a detailed methodology for conducting such assessments.

Asymmetric Keys

A public key and a private key are two linked keys that are used to execute complementary activities like encryption and decryption, as well as signature production and verification.

Asynchronous Transfer Mode (ATM)

Asynchronous Transfer Mode (ATM) is a telecommunications standard developed by ANSI and the International Telecommunication Union (ITU) for digital transmission of multiple types of traffic, such as telephony, data, and video signals, over a single network without the use of separate overlay networks.


A breach of system integrity or an attempt to gain unauthorized access to system services, resources, or information.

Attack method

An adversary's method, tactic, or means for attacking information or an information system.

Attack signature

An unauthorized access attempt is indicated by a specified series of actions.

Attack surface

An attacker can try to access, produce an effect on, or extract data from a system, a system element, or an environment by attempting to enter, cause an effect on, or extract data from those spots on the system, system element, or environment's border.

Attack Vector

An attack vector in computer security refers to a specific path, method, or situation that can be used to break into an IT system and compromise its security.


A malicious party, such as an insider, acts with the goal to breach a system.

Audit Trail

A track of who has accessed an information technology (IT) system and what actions they have completed during a period of time.


Verifying a user's, process's, or device's identification, which is frequently required before granting access to resources in an information system.

Authentication Mechanism

Mechanisms based on hardware or software require users to authenticate their identity before accessing data on a device.


The method of confirming a user's, process's, or device's identity (e.g., user password or token).


A system entity is given the right or authority to access a system resource.

Autonomous System

One or more routers are managed by the same person and follow the same routing rules.

Autonomous System Number (ASN)

An Autonomous System is identified by a two-byte number.


Providing fast and reliable access to and utilization of data.

Cybersecurity Terms with B

You can find here definitions for common cybersecurity terms starting with the letter "B"

Back Door (Backdoor)

A method of gaining access to a computer system that is not documented. A backdoor can be a security hazard.

Backbone Network

A backbone, also known as a core network, is a component of a computer network that connects networks by providing a conduit for data to flow between separate LANs or subnetworks.


A high-capacity connection between a remote site or network and a central site or network.

Base64 Encoding

Base64 is a set of binary-to-text encoding techniques used in programming to express binary data in an ASCII string format by converting it to a radix-64 representation. The word Base64 refers to a MIME content transmission encoding standard. Each non-final Base64 digit represents exactly 6 bits of data.

Baseline Security

The very minimum of security controls required to protect an IT system's confidentiality, integrity, and/or availability, as determined by its identified needs.

Big data

Big data is a field that deals with methods for analyzing, methodically extracting information from, or otherwise dealing with data volumes that are too large or complicated for typical data-processing application software to handle.


The value of a binary digit is either 0 or 1.

Black Box Testing

Black-box testing is a type of software testing that looks at an application's functioning without seeing inside its internal structures or workings. This test approach can be used at all levels of software testing, including unit, integration, system, and acceptance.


A collection of discrete things, such as hosts or programs, that have previously been linked to harmful conduct. Also referred to as a "filthy words" list.

Blue Team

The team in charge of protecting an organization's use of information systems by preserving its security posture in the face of a group of dummy attackers (i.e., the Red Team). The Blue Team and its followers are usually called upon to defend against real or simulated attacks. 1) over a long length of time, 2) in a realistic operational setting (e.g., as part of an operational exercise), and 3) in accordance with regulations established and supervised by a neutral body refereeing the simulation or exercise (i.e., the White Team).

Border Gateway Protocol (BGP)

The Border Gateway Protocol is a standardized outside gateway protocol that allows autonomous systems on the Internet to share routing and reachability information.


The terms "robot" and "network" are combined to generate the word "botnet." Cyber criminals employ particular Trojan viruses to get into the security of numerous users' computers, take control of each one, and group all of the infected computers into a network of "bots" that the criminal can control remotely.

Browser hijacking

Browser hijacking is a type of undesirable software that alters the settings of a web browser without the user's permission in order to inject unwanted advertising into the browser. A browser hijacker might change your default home page, error page, or search engine to one of its own.

Brute Force Password Attack

Attempting multiple permutations of numeric/alphanumeric passwords to get access to an obstructed device.

Buffer Overflow Attack

A way of overwriting and corrupting memory beyond the buffer's bounds by overloading a preset quantity of memory storage in a buffer.


A bug in a computer program is defined as a malfunction or weakness in the software.

Business Continuity Plan (BCP)

The recording of a preset set of instructions or procedures that describe how an organization's mission/business processes will be maintained during and after a major disruption.

Business Impact Analysis (BIA)

An examination of the requirements, functions, and interdependencies of an information system that is used to define system contingency requirements and priorities in the case of a substantial disruption.

BYOD (Bring Your Own Device)

Bring your own device, also known as bring your own technology, bring your own phone, and bring your own personal computer, refers to the ability to use one's own device rather than being forced to utilize one provided by the organization. This phrase is used in two distinct settings.


The byte is a unit of digital data that typically consists of eight bits. The byte is the smallest addressable unit of memory in various computer systems because it was historically the amount of bits needed to encode a single character of text in a computer.

Cybersecurity Terms with C

You can find here definitions for common cybersecurity terms starting with the letter "C"

Cache Poisoning

Cache poisoning is a computer security flaw in which faulty entries are stored in a cache and then presumed to be valid when they are later used. DNS cache poisoning and ARP cache poisoning are two frequent types. The poisoning of web caches is known as web cache poisoning [cs]. There have also been attacks on other, more targeted caches.

Certificate Management Authority

A Certification Authority or a Registration Authority.

Certification Authority (CA)

Public key certificates are issued and revoked by a trusted authority.


For detecting changes in data, a value that (a) is computed by a function that is reliant on the contents of a data object and (b) is stored or sent with the object.

Clear Text

Data that is understandable and whose semantic content is available. Note that clear text data is not encrypted by definition.


A clickjacking attack is when a user is tricked into clicking a webpage element that is hidden or disguised as another element.

Cloud Computing

A concept for providing on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that may be swiftly supplied and released with minimal administrative effort or service provider engagement.


Control Objectives for Information and Related Technology

Command and Control

The exercise of authority and direction by a properly designated commander over assigned and attached forces in the completion of the objective is known as command and control. Command and control functions are carried out by a commander using a combination of persons, equipment, communications, facilities, and procedures to plan, direct, coordinate, and control forces and operations in order to complete the mission.

Common Vulnerabilities and Exposures (CVE)

A lexicon and nomenclature for security-related software problems.

Common Vulnerability Scoring System (CVSS)

A method for determining the severity of software defect vulnerabilities.

Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)

Completely Automated Public Turing test to tell Computer and Humans Apart

Computer Emergency Response Team (CERT)

A professional group that addresses computer security events is known as a computer emergency response team. The computer emergency preparation team and computer security incident response team are two more names for such teams.

Computer Incident Response Team (CIRT)

Security Analysts form a group that develops, recommends, and coordinates rapid mitigation activities for containment, eradication, and recovery in the event of a computer security issue. Also known as a Computer Security Incident Response Team (CSIRT) or a Computer Security Incident Response Center (CIRC) (Computer Incident Response Center, Computer Incident Response Capability, or Cyber Incident Response Team).


Keeping authorized constraints on data access and disclosure in place, including safeguards for personal privacy and proprietary data.

Configuration Management

Controlling processes for initializing, updating, and monitoring the configurations of information technology products and information systems throughout the system development life cycle is a set of activities aimed at establishing and maintaining the integrity of those goods and systems.

Contingency plan

Policy and procedures used by management to govern an organization's response to a perceived loss of mission capability. The enterprise risk managers' initial strategy for determining what happened, why, and what to do is the Contingency Plan. For large disruptions, it may refer to the continuity of operations plan (COOP) or disaster recovery plan (DRP).

Critical Infrastructure

Systems and assets, whether real or virtual, that are so important to the United States that their incapacity or destruction would cripple security, national economic security, national public health or safety, or any combination of those issues.

Cross-site request forgery (CSRF)

An attack in which a subscriber who is currently authenticated to an RP and connected over a secure session visits an attacker's website, inadvertently invoking undesirable activities at the RP. If a bank website is vulnerable to a CSRF attack, a subscriber could mistakenly authorize a huge money transfer by simply seeing a malicious link in a webmail message while a connection to the bank is open in another browser window.

Cyber Threat Actor

A Cyber Threat Actor (CTA) is a participant (individual or group) in an action or process involving computers, devices, systems, or networks that is characterized by malice or hostile behavior (intentional harm).


An attack that uses cyberspace to disrupt, disable, damage, or maliciously control a computing environment/infrastructure; or corrupt the integrity of data or steal controlled information.

Cybersecurity Terms with D

You can find here definitions for common cybersecurity terms starting with the letter "D"

Data Breach

A data breach occurs when safe or private/confidential information is released to an untrusted environment, whether intentionally or unintentionally. Unintentional information disclosure, data leak, information leakage, and data spill are all phrases used to describe this event.

Data Encryption Standard (DES)

The Data Encryption Standard defines a symmetric encryption algorithm.

Data integrity

The property that the data has not been tampered with in any way. Data integrity refers to how data is stored, processed, and transported.

Data Leakage

The unlawful communication of data from within an organization to an external destination or recipient is known as data leakage.

Data Loss Prevention

Through deep packet content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, etc.) within a centralized management framework, a system's ability to identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage). The capabilities for data loss prevention are meant to detect and prevent the unlawful use and transmission of NSS data.

Data Mining

Data mining is a technique for extracting and detecting patterns in huge data sets that combines machine learning, statistics, and database systems.

Data Theft

The act of taking information from an unwitting victim's computer, server, or other device with the goal to jeopardize privacy or get personal information is known as data theft.


Using a cryptographic system, convert encrypted text to plain text.


Multiple layers of security controls are installed throughout an information technology system as part of the defense in depth concept in information security.

Demilitarized Zone (DMZ)

Perimeter network section that connects internal and external networks logically. Its goal is to enforce the internal network's Information Assurance policy for external information exchange and to grant external, untrusted sources limited access to releasable information while protecting the internal networks from outside threats.

Denial of Service (DoS)

The denial of permitted access to resources or the postponement of time-sensitive operations. (Depending on the service supplied, time-critical can be milliseconds or hours.)

Dictionary Attack

A dictionary attack is a way of breaking into a password-protected computer, network, or other IT resource by inputting every word in a dictionary as a password in a methodical manner.


An unsafe network mechanism for safely exchanging or establishing secret keys. Temporary or single-use secret keys are created using ephemeral Diffie-Hellman.

Digital Signature Standard (DSS)

The Digital Signature Standard is a Federal Information Processing Standard that was established in 1994 by the United States National Institute of Standards and Technology to specify a set of algorithms that can be used to generate digital signatures.

Disaster Recovery Plan (DRP)

A disaster recovery plan (DRP) is a documented, systematic technique that explains how a company can quickly restart operations following an unanticipated event.

Distributed Denial of Service

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt a targeted server's, service's, or network's normal traffic by flooding the target or its surrounding infrastructure with Internet traffic.

Domain Name System (DNS)

The system for tracking and regulating Internet domain names and addresses, as defined by IETF RFC 1034 and other related RFCs.

Cybersecurity Terms with E

You can find here definitions for common cybersecurity terms starting with the letter "E"

Eavesdropping Attack

An attack in which an attacker passively listens to the authentication protocol in order to gather the information that can be utilized in a later active attack to impersonate the claimant.

Egress Filtering

Outgoing network traffic is filtered.


Encapsulation is a term used in object-oriented programming to describe the grouping of data with the methods that operate on it, or the restriction of direct access to parts of an object's components.

End-to-End Encryption

When data is transmitted via a network, it is encrypted, but routing information remains visible.


Unauthorized information transmission from an information system.


An exploit is a piece of software, a chunk of data, or a set of commands that uses a defect or vulnerability to cause unintended or unexpected behavior in computer software, hardware, or electronic devices.

Cybersecurity Terms with F

You can find here definitions for common cybersecurity terms starting with the letter "F"


When the previously active system fails or terminates abnormally, the capability to automatically transition to a redundant or standby information system (usually without human involvement or notification).


A warning that mistakenly implies the presence of a vulnerability.

File Transfer Protocol (FTP)

FTP is a file transfer protocol that allows you to send and receive data over the internet. Upload and download Web pages, graphics, and other items between local media and a distant server that permits FTP access using FTP tools and utilities.


An inter-network connection device that limits data communication flow between two networks that are linked together. A firewall can be a general-purpose computer application or a specialized platform (appliance) that forwards or rejects/drops packets on a network. Firewalls are commonly used to define zone boundaries. Firewalls usually have rules that limit which ports can be accessed.


Computer programs and data are kept in hardware - commonly read-only memory (ROM) or programmable read-only memory (PROM) - so that they cannot be dynamically changed or modified while the programs are being executed.


The process of collecting, storing, and analyzing computer-related data for investigative purposes while maintaining the data's integrity.

Cybersecurity Terms with G

You can find here definitions for common cybersecurity terms starting with the letter "G"


An intermediary system (interface, relay) that connects two (or more) computer networks with comparable functionality but different implementations, allowing one-way or two-way communication between them.

Gray box testing

An approach to testing that assumes some knowledge of the tested object's underlying structure and implementation details. Another name for it is gray box testing.

Greyhat hacker

Grey hat hackers fall between white hat and black hat hackers. They are neither good nor bad, but generally, their intentions are not to harm other people and entities.

Governance, Risk Management and Compliance (GRC)

GRC is an integrated set of competencies for achieving objectives, dealing with uncertainty, and running a business with integrity.


The General Data Protection Regulations (GDPR) is a European Union law that protects the privacy and personal data of all EU and EEC individuals (EEA).

Cybersecurity Terms with H

You can find here definitions for common cybersecurity terms starting with the letter "H"


An unauthorized user who tries to or succeeds in gaining access to a computer system.

Hash algorithm

An algorithm for generating a hash from a message.


A system (e.g., a web server) or system resource (e.g., a server file) that is meant to entice potential crackers and invaders, similar to how honey attracts bears.

Host Intrusion Detection System

A system that keeps track of critical operating system files.


DNS is where hostnames are most typically defined and utilized. The fully qualified DNS domain name of a system is often referred to as the hostname of that system.

Hypertext Transfer Protocol Secure (HTTPS)

Hypertext Transfer Protocol Secure is the acronym for Hypertext Transfer Protocol Secure. It's the protocol for sending encrypted HTTP data over a secure connection.

Cybersecurity Terms with I

You can find here definitions for common cybersecurity terms starting with the letter "I"

Incident Response Teams

This organization, sometimes known as a "computer incident response team," is in charge of responding to security breaches, viruses, and other potentially catastrophic situations in businesses with high-security risks.

Information Security Management Systems

Information security management defines and manages the controls that an organization must apply to ensure that the confidentiality, availability, and integrity of assets are protected from threats and vulnerabilities in a responsible manner.

Insider threat

The risk that an insider may use her/his authorized access to jeopardize National security, whether intentionally or unintentionally. This threat can include espionage, terrorism, unauthorized disclosure, or the loss or degradation of departmental resources or skills, among other things.


A computer network that an organization utilizes for internal (and usually private) reasons and is closed to others, especially one based on Internet technology.

Intrusion detection and prevention system (IDPS)

Intrusion detection is the process of continuously monitoring and evaluating events in a computer system or network for signals of prospective incidents, such as violations or threats of violations of computer security regulations, acceptable use policies, or standard security practices.

IP security (IPSec)

Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts data packets to offer safe encrypted communication between two computers over an IP network.

Cybersecurity Terms with J

You can find here definitions for common cybersecurity terms starting with the letter "J"


JSON is an open standard file format and data interchange format that stores and transmits data objects made up of attribute-value pairs and arrays using human-readable text.


A Java virtual machine is a program that allows a computer to run Java programs as well as other languages that have been compiled to Java bytecode.

Cybersecurity Terms with K

You can find here definitions for common cybersecurity terms starting with the letter "K"


A keyboard, video monitor, and mouse switch (KVM switch) is a hardware device that allows a user to operate numerous computers from one or more sets of keyboards, video displays, and mice.

Kernel Panic

A system error that cannot be repaired and necessitates restarting the system.

Cybersecurity Terms with L

You can find here definitions for common cybersecurity terms starting with the letter "L"


The Lightweight Directory Access Protocol (LDAP) is an industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network that is open, vendor-neutral, and vendor-independent.

Layer Two Transport Protocol

Layer 2 Tunneling Protocol (L2TP) is a computer networking protocol that enables virtual private network (VPN) operations for Internet service providers (ISPs). L2TP is a session layer protocol that is analogous to the Data Link Layer Protocol in the OSI reference architecture.

Log Retention

As part of typical operational procedures, logs are archived on a regular basis.

Log Management

The procedure for creating, sending, storing, evaluating, and discarding log data.

Log Analysis

Examining log records to find interesting events or suppressing log entries for insignificant ones.

Cybersecurity Terms with M

You can find here definitions for common cybersecurity terms starting with the letter "M"


Every Ethernet and Wi-Fi equipment has a unique 48-bit serial number that is stored in the network circuitry.

Man-in-the-Middle Attack (MitM)

A man-in-the-middle (MitM) attack occurs when an attacker intercepts communications between two parties in order to discreetly eavesdrop or change traffic.

Multi-Factor Authentication (MFA)

Multi-factor authentication is a type of electronic authentication in which a user is permitted access to a website or application after successfully providing two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence.

Cybersecurity Terms with N

You can find here definitions for common cybersecurity terms starting with the letter "N"

Network Layer

The network layer is layer 3 in the seven-layer OSI model of computer networking. Packet forwarding, including routing through intermediary routers, is handled by the network layer.

Network mapping

The study of the physical connectivity of networks, such as the Internet, is known as network mapping. Network mapping identifies the network's devices and their connections. It should not be confused with network discovery or network enumeration, which detects network devices and their attributes like.


A next-generation firewall is a type of firewall that combines a classic firewall with other network device filtering tasks, such as an application firewall with in-line deep packet inspection and an intrusion prevention system, to form the third generation of firewall technology.

Cybersecurity Terms with O

You can find here definitions for common cybersecurity terms starting with the letter "O"

Octet Length

1 o is equal to 8 bits. The octet is an eight-bit digital information unit used in computers and telecommunications.

Offline Attack

An attack in which the attacker acquires data that he or she can evaluate on a system of his or her choice (usually by eavesdropping on an authentication protocol run or by entering a system and obtaining security files).

One-time pad (OTP)

The one-time pad is a non-crackable encryption scheme that requires the usage of a single-use pre-shared key that is no smaller than the message being delivered. A plaintext is coupled with a random secret key in this manner.


A systematic and established method for denying possible adversaries information about capabilities and intentions by recognizing, regulating, and protecting unclassified evidence of sensitive activity planning and execution. Identification of important information, threat analysis, vulnerability analysis, risk assessment, and deployment of effective countermeasures are the five steps in the process.

Cybersecurity Terms with P

You can find here definitions for common cybersecurity terms starting with the letter "P"

Packet Filter

Packet filtering is a firewall mechanism that monitors outgoing and incoming packets and allows them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols, and ports.

Passive Attack

A passive assault on a cryptosystem is one in which the cryptanalyst is unable to communicate with any of the parties involved and instead relies only on observable data to break the system.


A passcode is a string of characters or other text that is used to restrict access to a computer system, program, or data. In terms of usability, it's comparable to a password, however, a passcode is usually lengthier for increased security.

Patch Management

Patch management refers to the process of distributing and installing software updates.

Penetration Testing

A penetration test, also known as a pen test or ethical hacking, is a legally sanctioned simulated cyberattack on a computer system that is used to analyze the system's security. This is not to be confused with a vulnerability assessment.

Cybersecurity Terms with Q

You can find here definitions for common cybersecurity terms starting with the letter "Q"

Quality of Service (QoS)

A network service's measurable end-to-end performance qualities can be guaranteed in advance by a Service Level Agreement between a user and a service provider in order to meet specified customer application requirements. Throughput (bandwidth), transit delay (latency), error rates, priority, security, packet loss, packet jitter, and other attributes may be included.

Cybersecurity Terms with R

You can find here definitions for common cybersecurity terms starting with the letter "R"

Red Team

A group of people who have been given permission and are organized to imitate a possible adversary's attack or exploitation capabilities against an organization's security posture. The Red Team's goal is to improve organizational cybersecurity by illustrating the consequences of successful attacks and what works for defenders (i.e., the Blue Team) in a real-world setting. Cyber Red Team is another name for this group.

Remote Access

A user (or an information system) connecting over an external, non-organization-controlled network has access to an organizational information system (e.g., the Internet).

Representational State Transfer (REST)

A software architectural style that establishes a standard technique for building Web service APIs.

Risk Identification

Finding, recognizing, and describing risks is a process.

Risk Treatment

The process to modify risk.

Cybersecurity Terms with S

You can find here definitions for common cybersecurity terms starting with the letter "S"


Supervisory Control and Data Acquisition

Secret key (symmetric) cryptographic algorithm

A cryptographic algorithm that encrypts and decrypts using the same key (i.e., a secret key).

Self-signed certificate

A public-key certificate whose digital signature may be validated using the certificate's public key. The integrity of the information contained in a self-signed certificate is protected by the signature, but the legitimacy of that information is not guaranteed. The safe mechanisms used to distribute self-signed certificates give them their trustworthiness.

Service level agreement (SLA)

Defines the service provider's precise responsibilities and establishes customer expectations.

Service-Oriented Architecture (SOA)

A grouping of services. These services exchange information with one another. The communication might be as simple as data passing or as complex as two or more services cooperating on a task.


A hashing algorithm that can be used to create message digests. The digests are used to check if any messages have changed after they were generated.

Simple Mail Transfer Protocol (SMTP)

RFC 2821 of the Internet Engineering Task Force defines an MTA protocol. The most often used MTA protocol is SMTP.


Server Message Block

Cybersecurity Terms with T

You can find here definitions for common cybersecurity terms starting with the letter "T"


Transmission Control Protocol-Transport Layer Security


Any condition or incident that has the potential to harm an organization's operations (including mission, functions, image, or reputation), organizational assets, or individuals via an information system due to unauthorized access, destruction, disclosure, alteration, or denial of service. Also, the likelihood that a threat source will be successful in exploiting a specific information system vulnerability.

Threat analysis

Formally assessing the severity of a danger to an information system or company and identifying the threat's nature.

Threat intelligence

Threat data that has been aggregated, converted, analyzed, evaluated, or supplemented in order to give the context for decision-making.

Threat Intelligence Report

TTPs, actors, types of systems and information targeted, and other threat-related information are all described in this prose paper.

Threat monitoring

Analysis, evaluation, and analysis of audit trails and other information collected for the objective of identifying system occurrences that could be considered security violations.

Traffic analysis

The study of communication patterns in order to gather information about a system or its users. The content of the communications, which may or may not be decipherable, is not examined during traffic analysis. An adversary may, for example, be able to detect a signal from a reader that allows it to infer that a specific activity is taking place (e.g., a shipment has arrived, someone is entering a facility) without having to learn an identifier or related data.


Tunneled Transport Layer Security

Cybersecurity Terms with U

You can find here definitions for common cybersecurity terms starting with the letter "U"

Unauthorized Access

Without permission, a person acquires logical or physical access to a network, system, application, data, or another resource.

Cybersecurity Terms with V

You can find here definitions for common cybersecurity terms starting with the letter "V"

Verifier Impersonation Attack

In an authentication protocol, the Attacker impersonates the Verifier in order to obtain information that can be used to impersonate a Claimant to the true Verifier.

Vulnerability scanner

A network tool (hardware and/or software) that analyzes network devices for CVEs that are both widely known and unique to an organization. It could do it via a variety of signature tactics.

Cybersecurity Terms with W

You can find here definitions for common cybersecurity terms starting with the letter "W"


A list of entities that have been granted access or privileges because they are deemed trustworthy.


A self-replicating, self-propagating, self-contained program that spreads itself through networking techniques.

Cybersecurity Terms with X

You can find here definitions for common cybersecurity terms starting with the letter "X"


The Extensible Markup Language (XML) is a markup language that specifies a set of rules for encoding documents in a human- and machine-readable format.

Cybersecurity Terms with Y

You can find here definitions for common cybersecurity terms starting with the letter "Y"


YAML is a data serialization language that can be read by humans. It's frequently used in configuration files and data storage and transmission applications.

Cybersecurity Terms with Z

You can find here definitions for common cybersecurity terms starting with the letter "Z"

Zero-Day Attack/Exploit

An attack that makes use of previously undiscovered hardware, firmware, or software flaw.

Zero Trust

A security concept based on the premise that organizations should not trust anything inside or beyond their perimeters and should instead check anything attempting to connect to their systems before providing access.

What are the benefits of Cybersecurity Terms?

We can summarize the main benefits of learning cybersecurity terms as follows.

  • Gives information and insight into the industry's keywords and concepts to the cybersecurity community.
  • It is a start point for cybersecurity education.
  • People think in words. Knowing cybersecurity terms is very effective in creating cybersecurity awareness
  • It Will help you to see the big picture of cybersecurity

Why should one know Cybersecurity Terms?

Because the world of cybersecurity is ever-changing, continuous education is essential for comprehending today's new dangers. Where do you even begin, though? It all starts with a thorough understanding of terminology.

Cybersecurity is critical because it safeguards all types of data against theft and loss. Sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems all fall under this category. There are numerous risks and words to be familiar with in order to comprehend the countermeasures that can assist keep your data safe from hackers.

Lack of general cybersecurity knowledge and lack of knowledge of relevant terms will result in unawareness and will jeopardize all the valuable information we need to protect.

What are the methods to learn Cybersecurity Terms?

You can find resources on many websites about cybersecurity terms. Here we would like to mention some of the websites where you can learn a lot. You can find cyber term glossaries on some organizations' web site like SANS, ISACA, and some government websites like NIST, CISA.

Stay safe!