Cybersecurity is complex — the vocabulary alone can be a barrier to many non-technical users just trying to understand what cybersecurity is and what it involves.
We're here for you. This easy, up-to-date reference list breaks down the buzzwords, jargon, and keywords with easy-to-understand definitions meant for everyday users.
Notice something missing? We'd love to have you let us know. You can submit new words, phrases, or acronyms to the list using the submission form at the bottom of this page.
Applications, software, and hardware
While ‘hardware’ in relation to technology and cybersecurity is a physical part or device, software and applications are the programs used by technology to perform tasks and operations.
Advanced Persistent Threats (APT) are advanced cyberattacks where an unauthorized user breaches a network and remains undetected within it for a length of time, sometimes up to weeks or months.
Artificial Intelligence (AI)
Smart machines or computers capable of performing tasks that would normally rely on human intelligence. AI can refer to both the branch of computer science focused on building the smart machines and the smart machines themselves.
An attacker, cyber attacker, or cyber adversary is an individual seeking to exploit weaknesses in computer systems for their own gain or malicious intent. Some adversaries operate in groups, often referred to as (cyber) attack groups.
AV or anti-virus software, also referred to as anti-malware software, is designed to detect and block malware and viruses. There are two types of AV software—traditional, signature-based malware databases and next-generation AV software that identifies malware using artificial intelligence.
A botnet is a collection of compromised devices that have been infected with malware and are being controlled by an attacker or attack group without user knowledge. Botnets are commonly used to perform Distributed Denial of Service (DDoS) attacks, spam targets, and even steal important data.
An error or flaw in a program or piece of hardware that can cause unexpected results or security vulnerabilities.
Cloud (“The Cloud”, Cloud Computing)
“The Cloud” is, in a sense, a metaphor for the internet. Cloud storage and cloud computing each operate remotely via the internet. Cloud storage and computing services utilize data centers or servers offered as a service to users and organizations remotely. Read more about the cloud and cloud computing here.
Protecting networks, devices, and data from unauthorized access and digital attacks.
A security incident resulting in the theft, loss, or transmission of information.
Endpoint Detection & Response (EDR) is a security solution that monitors, detects, and responds to threats specifically on endpoint devices.
The action of transforming data into a scrambled, concealed format to protect it from unauthorized access, readable only to those who hold the key to decipher or unencrypt it.
And endpoint is any computing device that communicates with and is connected to a network. For example: desktop computers, laptop computers, servers, “smart” (IoT) devices, and more.
An attack using software or commands that takes advantage of a vulnerability or bug.
A security tool, which can be either a hardware or software solution, that filters incoming and outgoing network traffic.
A technology expert who uses their knowledge, curiosity, and technical skill to explore, reconfigure, or exploit computer systems. The term ‘Hacker’ has become commonly associated with cyberattacks and security incidents in the news, however not all hacking is malicious in nature. For that reason, while ‘Hacker’ can refer to both criminals and hobbyists, Infogressive and similar organizations that may employ professional hackers for security roles will more commonly refer to malicious hackers as (cyber) attackers. See “Attacker” for more.
A security-related event within a network or information system at any scale. A data breach is one type of security incident, but not every security incident will result in a data breach. See “Data Breach” for more.
Protecting information and the systems that hold information from unauthorized access or exposure.
Internet of Things (IoT) is the term applied to connected “smart” devices that communicate with each other over the internet. Some examples include Amazon Alexa devices, smart home products, smart technology in vehicles, and any other device that uses an internet connection to be controlled remotely.
Information Technology (IT) is the term applied to business operations regarding computers and other devices, networking, and infrastructure.
A piece of software or hardware used to record the keystrokes of a victim when typing on a keyboard.
The term ‘legacy’ in the tech world refers to any method, piece of technology, system, or program that is old or outdated in nature and operation.
In computing, a log is a file that records information on events that happen in an operating system or piece of software.
Unwanted, malicious software that is intended to cause harm to a device or entire network.
Managed Detection & Response (MDR) is the industry term for outsourced detection and response related security services. MDR typically includes endpoint (EDR) solutions and/or the management of traditional SIEM solutions. See EDR and SIEM for more.
Multi-factor authentication (MFA), or two-factor authentication (2FA) is the method by which a user is granted access to a system after presenting two or more pieces of evidence to authenticate their identity. Common authentication examples include passwords, fingerprints, 4 or 6-digit authentication codes/tokens, or secondary access links sent via email or text.
An MSP (Managed Service Provider) is a company that provides outsourced IT support and management services to other businesses, usually those who do not host a full IT team in-house. MSPs can specialize in specific areas of IT, such as computer support or data storage/backups, while others offer a range of services from IT to cybersecurity.
An MSSP (Managed Security Services Provider) is a company that specifically provides outsourced cybersecurity solution management and services. MSSPs are often a better fit for organizations that already have an IT team and most general IT needs covered, but lack cybersecurity-specific expertise and resources.
Nation State (Adversary)
As a type of cyber adversary, Nation State refers to attackers who work for one nation’s government to disrupt or compromise another nation’s government, critical organizations, infrastructure, or individual citizens.
In terms of Infogressive security bundles, a Nation State adversary is the highest level of security risk and therefore, the Nation State bundle provides the maximum protection.
Two or more computing devices that are connected either physically or remotely to share resources and date. At a larger scale, computer networks can include desktops, laptops, file servers, printers, and more.
Next-generation is the term applied to technology that shows a significant advance in capabilities or operations when compared to previous or “legacy” versions of that technology. See “Legacy” for more.
As a type of cyber adversary, Organized Crime refers to attackers who work for some form of attack group and are motivated by profit. Some cyberattack groups operate like traditional businesses and hire talent to perform cyberattack activities.
In terms of Infogressive security bundles, Organized Crime is the second-highest level of security risk to businesses and therefore, the Organized Crime bundle provides robust protection against advanced cyberattacks.
A patch, in the technology and security world, is an update for software or operating systems used to repair bugs and introduce new features. Microsoft, for example, releases regular operating system updates each month on a day commonly referred to as “Patch Tuesday.”
Phishing (Vishing, Smishing)
A communication-based threat where an attacker will send fraudulent messages that resemble those from a reputable source, usually with the goal of getting the target to click a malicious link or open a malicious attachment. Phishing takes place via email, while ‘Vishing’ and ‘Smishing’ utilize phone calls and text messages to trick their targets.
Ransomware is a type of malware that can hold its victim’s files or data hostage in exchange for a ransom. This type of attack generally uses encryption to “lock up” the infected device’s files but can also exfiltrate, or steal, the files at the same time. Attackers who utilize ransomware generally demand a ransom payment in the form of Bitcoin or another cryptocurrency.
As a type of cyber adversary, a Script Kiddie is generally a less-skilled or amateur attacker using code and hacking programs available online to launch small and mid-sized attacks. The nickname is often attributed to the stereotype of the teenager hacking in their basement, but can refer to any amateur using premade programs to attack computer systems and networks over the internet.
In terms of Infogressive security bundles, a Script Kiddie is a lower-level adversary that can cause major damage, but is easier to defend against. Therefore, the Script Kiddie bundle provides the base layers of security protection against introductory-level cyberattacks.
Security Information and Event Management (SIEM) is the process of monitoring, analyzing, and recording aggregate security logs from single devices or across a whole network. SIEM also refers to the security software that is used to perform those tasks.
The phrase representing an overview of current security threats, risks, and emerging trends, either within a particular context or in the cybersecurity industry as a whole.
Traffic (Network Traffic)
Traffic, in technology, is the digital data that moves across, into, and out of a network.
Any individual who uses a computer or other device.
A type of malware that, once on a computer, can “infect” other files and programs to spread.
Vulnerabilities (Security, Zero-Day)
Security vulnerabilities are weaknesses or flaws that can allow a threat or attack to compromise a device, application, or network. Zero-Day vulnerabilities are a specific type of vulnerability that has been recently discovered or exploited. See ‘Zero-Day’ for more.
As a type of cyber threat, Zero-Day refers to exploits designed to take advantage of software bugs, unpatched vulnerabilities, and other newly-discovered security flaws. Some say the name comes from the idea that a patch or resolution for the problem has existed for zero days, while others say the zero is for the amount of days the vulnerability has been publicly known.
In terms of Infogressive security bundles, Zero-Day is common risk to organizations of all sizes since software and hardware vulnerabilities are discovered (and taken advantage of) every day and an attack of this nature can be very damaging. Therefore, the Zero-Day bundle provides protection against advanced malware, common malware delivery methods, and recurring vulnerability scanning to identify security holes right away.