×

Discover our latest MSP Partner Case Study with ITFR

Read Now!
Login
Support

Login
Support

Glossary Terms

Explore our Glossary for clear, concise definitions of key industry terms, enhancing your understanding of the cybersecurity landscape.

All Cloud Security Compliance Cybersecurity Network Security Networking
A B C D E F G H I K L M N P R S T U V W Z

A

Access Control
Access Control in cybersecurity is the process of granting or denying specific requests for access to the company network, data, or resources. It involves authenticating and giving access to users or devices based on credentials or contextual behavioral policies. The goal of access control is to make sure that only authorized users have access to […]
Adware
Adware is a revenue-generating software (for the developer) that is commonly bundled with other free or paid downloads and installed without the user’s full knowledge or consent. While not always malicious, adware can be intrusive, affecting user experience by displaying unwanted or obtrusive advertising. In some cases, it can also compromise privacy by tracking browsing […]
Allowlisting (Whitelisting)
Allowlisting, also known as whitelisting, is a cybersecurity strategy that permits only pre-approved entities such as applications, processes, or IP addresses to function or operate within a system or network. This approach is based on the principle of default denial, where access is denied unless explicitly allowed. It is the opposite of blocklisting (or blacklisting), […]
Antivirus Software
An essential tool designed to detect, prevent, and remove malware, including viruses, worms, and Trojan horses. It operates by scanning your system for malicious programs and files, using a database of known malware signatures and heuristic analysis to identify threats. Antivirus software not only protects individual devices but also safeguards broader company networks against cyber […]
Application Control
Application control nvolves the management and regulation of applications within a network to ensure that only approved, safe software is used. This process includes identifying and categorizing applications, and then implementing policies that control their usage based on their risk profile and business relevance. Application control helps in mitigating risks posed by unauthorized or malicious […]
APT (Advanced Persistent Threat)
Advanced Persistent Threat (APT) is a sophisticated, stealthy cyberattack in which an intruder gains access to a network and remains undetected for an extended period. These threats are typically launched by highly skilled adversaries, such as nation-states or organized criminal groups, aiming to steal data or cause disruption. APTs are characterized by their complexity, precision, […]
Attack Vector
An attack vector in cybersecurity is a pathway or method used by a hacker to breach or gain unauthorized access to a computer system or network. These vectors enable attackers to exploit system vulnerabilities, including the human element, to install malware or steal data. Common attack vectors include malware, phishing, social engineering, exploiting software vulnerabilities, […]

B

Backdoor
Backdoor refers to secretive methods that bypass normal access protocols or authentication mechanisms to a computer, network, or a software application. It’s essentially a hidden entry point into a system that allows an unauthorized user, such as a hacker, to gain remote access or control over the system. Backdoors can be intentionally created by developers […]
Black Hat Hacker
A black hat hacker is an individual who engages in illegal or malicious hacking activities. These hackers breach or bypass an organization’s security perimeters for malicious purposes, such as stealing data, damaging systems, demanding ransom to return data, or disrupting network operations. Black hat hackers exploit vulnerabilities in an organization’s security posture to gain unauthorized […]
Blue Team
Blue Team refers to the group of individuals responsible for defending an organization’s information systems against cyberattacks and threats. The primary objective of a Blue Team is to identify the cybersecurity vulnerabilities in the system, strengthen defenses, and respond effectively to any breaches or cyberattacks. They do this through various means such as implementing strong […]
Botnet
A botnet is a network of connected devices that have been compromised by malware and are controlled by a threat actor, often without the knowledge of the device owners. These infected devices, known as “bots,” can include computers, servers, and even IoT devices. Botnets are used by attackers for a range of malicious activities, such […]
Brute Force Attack
A brute force attack is a trial-and-error method used by attackers to gain unauthorized access to a computer or a network. It involves systematically checking all possible passwords or passphrases until the correct one is found. The simplicity of brute force attacks makes them a common threat; they often target weak or default passwords, which […]
Buffer Overflow
A buffer overflow is a common software coding vulnerability that occurs when more data is written to a buffer, or a temporary data storage area, than it can hold. The excess data then overflows into adjacent buffers, corrupting or overwriting the valid data held in them. Attackers exploit buffer overflow vulnerabilities to disrupt software execution […]
BYOD (Bring Your Own Device)
BYOD is a company policy that allows employees to use their personal devices, like smartphones, tablets, or laptops, for work purposes. BYOD offers flexibility and convenience, as employees can work with devices they are familiar and comfortable with, increasing productivity and satisfaction. However, BYOD also introduces significant security challenges, as personal devices may not have […]

C

California Privacy Rights Act (CPRA)
The California Privacy Rights Act (CPRA) is a data privacy law that came into full effect in January 2023 and that amends and expands the California Consumer Privacy Act (CCPA), which was the first major privacy law in the United States. It enhances consumer privacy rights and corporate responsibilities regarding the collection, use, and protection […]
Category Filtering
Category filtering is used to block or allow access to websites and online content based on predefined categories. These categories can range from adult content and social media to gaming, shopping, and news sites. The primary purpose of category filtering by a business is to enhance security and productivity by preventing access to websites that […]
Ciphertext
Ciphertext is the result of encrypting plaintext through an encryption algorithm. It’s a scrambled version of the original data, transformed to prevent unauthorized parties from understanding its content. In encryption, plaintext (the original, readable information) is processed using an encryption key and an algorithm, converting it into ciphertext. This ciphertext appears as a random string […]
CISO (Chief Information Security Officer)
A Chief Information Security Officer (CISO) is a C-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO’s role involves identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks. They […]
Cloud Computing
Cloud computing delivers computing services over the internet (“the cloud”). These services include servers, storage, databases, networking, software, analytics, and intelligence. Cloud computing offers flexible resources, rapid innovation, and economies of scale, typically operating on a pay-as-you-go pricing model. It enables businesses to avoid the upfront cost and complexity of owning and maintaining on-premise IT […]
Cloud Firewall
In the era of post-pandemic hybrid and remote work environments in addition to the move to cloud servers and cloud apps by organizations, cloud firewa…
More Details
Cloud Network Security
Cloud network security is an essential combination of practices and technologoies for protecting data and applications that are hosted in the cloud. It involves a range solutions and frameworks designed to secure cloud-based systems, networks, and data from cyber threats and breaches. This type of security is critical because cloud environments have different vulnerabilities and […]
Compliance
Compliance in a business context refers to the process of ensuring that a company and its employees adhere to laws, regulations, standards, and ethical practices related to their industry and operations. It involves understanding and meeting the requirements set by external regulatory bodies and internal policies. Compliance is crucial for maintaining legal and ethical integrity, […]
Content Filtering
Content filtering is used to restrict access to content within web pages, emails, and other forms of digital communication. It’s not just about blocking entire websites (like URL filtering), but about examining the actual content of a page or message and deciding whether it should be accessible based on specific criteria such as keywords, phrases, […]
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is a security vulnerability in web applications that allows attackers to inject malicious scripts into content from trusted websites. It exploits the fact that web applications often include unvalidated or unencoded user input in their output. XSS attacks can bypass access controls like the same-origin policy, compromising data and user interactions. There […]
Cybersecurity Incident Response
A cybersecurity incident response is a structured approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident, or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. An incident response plan includes […]
Cybersecurity or Security Audit
A security audit is a comprehensive evaluation of an organization’s information system by measuring how well it conforms to a set of established criteria. This audit assesses the security of the system’s physical configuration and environment, software, information handling processes, and user practices. It is typically conducted by an independent third-party auditor who examines the […]
Cybersecurity Risk Assessment
A cybersecurity risk assessment is a structured process that comprises of identifying, analyzing, and evaluating risks associated with an organization’s information technology (IT) and information systems. The primary goal is to understand the potential threats to the organization’s information assets and determine the likelihood and impact of these threats materializing. This assessment forms a critical […]
Cybersecurity Risk Mitigation
Cybersecurity risk mitigation comprlses of the implementation of strategies and measures to reduce the potential impact and likelihood of cyber threats and vulnerabilities. The process starts with identifying potential risks, assessing their likelihood and potential impact, and then prioritizing them based on their severity. Common mitigation strategies include implementing strong security policies, employing robust security […]
Cybersecurity Vulnerability
A cybersecurity vulnerability is a weakness in a computer system, network, or software application that can be exploited by a threat actor, such as a hacker, to perform unauthorized actions. These vulnerabilities can arise from various sources, including flawed software design, insecure coding practices, inadequate security policies, or misconfigured systems and hardware. The exploitation of […]
Cybersecurity Vulnerability Assessment
A Cybersecurity Vulnerability Assessment is a systematic process of evaluating the security weaknesses in an organization’s information systems and network. The assessment identifies, quantifies, and prioritizes (or ranks) the vulnerabilities in the overall organization. It involves a thorough examination of potential threats and vulnerabilities in network infrastructure, software applications, and internal controls. The purpose of […]

D

Data Breach
A data breach is a security compromise in which sensitive, protected, or confidential data is accessed, disclosed, encrypted for ransomware, or used without authorization. It often involves the unauthorized viewing, retrieval, or theft of personal data, such as financial information, health records, employee payroll data, or personally identifiable information (PII). Data breaches occur due to […]
Data Forensics
Data forensics, also known as digital forensics, is the practice of uncovering and interpreting electronic data for use as evidence in criminal, legal, or administrative cases. The process involves the identification, preservation, examination, and analysis of digital information, while maintaining the integrity and the chain of custody of the data. Data forensics experts typically work […]
DDoS (Distributed Denial of Service) Attack
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. These can include […]
Decryption
Decryption is the process of converting encrypted data back into its original form. This is done using a key, which is a piece of information known only to the sender and the intended recipient. Encrypted data, often referred to as ciphertext, is transformed during decryption to become readable plaintext. The decryption process ensures that only […]
Deep Packet Inspection (DPI)
Deep Packet Inspection (DPI) is a form of network packet filtering that examines the data and potentially the header of a packet as it passes an inspection point. Unlike basic packet filtering, which examines only the header part of a packet, DPI goes further to inspect the payload of the packet, looking for protocols, types […]
Digital Signature
A digital signature is a cryptographic technique used to validate the authenticity and integrity of a message, software, or digital document. It’s the electronic equivalent of a handwritten signature or stamped seal, but it offers far more inherent security. A digital signature is created using a person’s private key, which is part of a public […]
DNS (Domain Name System)
The Domain Name System (DNS) is a key component of internet’s infrastructure, acting as the internet’s phone book. It translates human-friendly domain names, like “www.timusnetworks.com,” into numerical IP addresses that computers use to communicate with each other. When a user enters a domain name in a web browser, DNS servers take this name and translate […]
DNS Filtering
DNS filtering is a security method that uses the Domain Name System (DNS) to block access to malicious, phishing or unwanted websites. When a user tries to access a website, their device makes a DNS request, which converts the website’s domain name into an IP address. In DNS filtering, this request is intercepted by a […]

E

Encryption
Encryption is used to secure and protect data by encoding it in such a way that only authorized parties can access it. This process transforms readable data, known as plaintext, into an unreadable format called ciphertext. The transformation is done using an encryption algorithm and a key, which is a set of mathematical values that […]
End-to-End Encryption (E2EE)
End-to-End Encryption (E2EE) prevents third-parties from accessing data while it’s transferred from one end system or device to another. In E2EE, the data is encrypted on the sender’s system or device and only the recipient is able to decrypt it. Nobody in between, be it an internet service provider, application service provider, or hackers, can […]

F

Firewall
A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Its primary function is to establish a barrier between a trusted internal network and untrusted external networks, such as the internet. Firewalls can be hardware-based or software-based, and they can be set up on-premise, […]

G

GDPR
GDPR, or the General Data Protection Regulation, is a comprehensive data privacy and protection regulation that came into effect on May 25, 2018, in the European Union (EU). It is designed to give individuals in the EU more control over their personal data and to unify data privacy laws across Europe. GDPR applies to all […]
Grey Hat Hacker
A grey hat hacker is an individual who may violate ethical standards or principles, but without the malicious intent typical of a black hat hacker. Grey hat hackers often operate in a legal grey area, sometimes breaking laws or typical ethical norms, but without the malicious intent to cause harm as is characteristic of black […]

H

Hacker
The term “hacker” has often been associated with individuals who use their skills for malicious purposes, such as unauthorized access to systems, theft of data, ransomware demands, or the disruption of services. There are different classifications of hackers based on their intentions and actions. “White hat” hackers use their skills for good, such as in […]
Honeypot
A honeypot is a security ploy set up to detect, deflect, or study attempts at unauthorized use of information systems. It acts as a decoy, intentionally designed to mimic a real computer system, network, or data system to attract the attention of cyberattackers. The primary purpose of a honeypot is not to secure systems but […]
HTTPS (Hypertext Transfer Protocol Secure)
HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP (Hypertext Transfer Protocol), which is the primary protocol used to send data between a web browser and a website. HTTPS is the secure version of HTTP, meaning that communications between the browser and the website are encrypted. This encryption is achieved through the use of […]
Hybrid Cloud
Hybrid cloud is a computing environment that combines a mix of private cloud, public cloud, and on-premises infrastructure. This model allows businesses to leverage the advantages of both private and public clouds, offering greater flexibility and optimization of existing infrastructure, applications, and data. In a hybrid cloud setup, workloads can move between private and public […]

I

IAM (Identity and Access Management)
Identity and Access Management (IAM) is a framework of policies and technologies ensuring that the right individuals have the appropriate access to technology resources. IAM systems provide administrators with the tools and technologies to change a user’s role, track user activities, create reports on those activities, and enforce policies on an ongoing basis. This includes […]
Identity Theft
Identity theft is a type of crime where an individual’s personal information is stolen and used without their permission, typically for financial gain. This personal information can include a person’s name, social security number, credit card details, driver license number, health records, or other identifiers. Identity thieves use this stolen information in various fraudulent activities, […]
IoT Security
IoT security became a critical area of focus in today’s interconnected digital landscape. It refers to the safeguards and technologies designed to protect Internet of Things (IoT) devices and networks from various forms of cyber threats. IoT devices, which range from simple sensors to complex smart devices, often lack robust built-in security, making them vulnerable […]
IP Address (Internet Protocol Address)
An IP (Internet Protocol) address is a unique string of numbers separated by periods or colons that identifies each computer using the Internet Protocol to communicate over a network. It serves two main functions: network interface identification and location addressing. IP addresses are a fundamental component of the internet and are necessary for the networked […]
IPSec Tunnels
IPSec tunnels are a fundamental aspect of secure network communications, particularly relevant for security SaaS solutions. IPSec, or Internet Protocol Security, is a suite of protocols used to secure internet communications by encrypting and authenticating IP packets. An IPSec tunnel is a secure connection set up between two endpoints over an unsecured network, like the […]
ISO 27001
ISO 27001 is an international standard for managing information security. It provides a framework for an information security management system (ISMS) to help organizations secure their information assets. The standard was developed and is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The ISO 27001 standard is designed to […]
IT Infrastructure Security
IT infrastructure security is a critical aspect of protecting an organization’s technology framework. It encompasses the strategies, tools, and policies used to safeguard all components of IT infrastructure, including hardware, software, on-premise and cloud-hosted networks, and data. This form of security is designed to protect against threats like cyberattacks, data breaches, unauthorized access, and ransomware […]

K

Keylogger
A keylogger is a type of surveillance technology, either based on hardware or software, that is used to record keystrokes made on a computer keyboard. Software keyloggers are programs that silently run in the background of a computer system, capturing every keystroke and often storing or transmitting this information for unauthorized use. Hardware keyloggers are […]

L

Lateral Movement
Lateral movement are the techniques that cyberattackers use to move through a network after gaining initial access. This process involves exploring the network, escalating privileges, and gaining access to additional systems and resources within the target environment. Attackers use lateral movement to find valuable data and assets, maintain their foothold, and expand their control over […]

M

MAC Address
A MAC (Media Access Control) address is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This address is used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi. Within the OSI model, MAC addresses are used […]
Malware
Malware, short for “malicious software,” is any software designed to harm or exploit computer systems and networks. It includes various types such as viruses, worms, trojan horses, ransomware, spyware, and adware, amongst others, each with unique characteristics. Viruses replicate and spread to other files, worms infect entire networks, trojans disguise themselves as harmless software, ransomware […]
Man-in-the-Middle Attack (MitM)
A Man-in-the-Middle (MitM) attack is a cybersecurity threat where a hacker secretly intercepts and potentially alters the communication between two parties who believe they are directly communicating with each other. In this type of attack, the attacker inserts themselves into a conversation or data transfer, gaining the ability to eavesdrop or manipulate the information being […]
Managed Service Providers (MSP)
Managed Service Providers (MSPs) are companies that offer a range of IT and cybersecurity services to businesses, typically under a subscription model. These services can include network, application, infrastructure, and cybersecurity management. MSPs are especially beneficial for small to medium-sized businesses (SMBs) that may not have the resources or expertise to manage their IT systems […]
Multi-Factor Authentication: Strengthening Security Measures
Multi-Factor Authentication (MFA), alongside its 2-layer cousin, 2-Factor Authentication (2FA), is one of the most used tools today in the cybersecuri…
More Details
Multi-tenancy
Multi-tenancy refers to a software architecture where a single instance of the software serves multiple client organizations (tenants). This approach is efficient and cost-effective, as it maximizes resource utilization and simplifies maintenance and updates. Each tenant’s data is isolated and remains invisible to other tenants, ensuring privacy and security. This architecture is particularly beneficial for […]

N

Network Gateway
A network gateway is a key module that connects two different networks, often with varying protocols, and enables communication between them. It acts as a gateway or a bridge, allowing data to flow from one network to another, such as between a local area network (LAN) and the internet. In addition to facilitating this inter-network […]
Network Monitoring
Network monitoring is the process of continuously observing a network for any failures or deficiencies to ensure the network performs optimally. The monitored network can be on-premise, cloud-hosted, or in a hybrid cloud environment. Network monitoring involves using specialized software tools to identify and report problems with network performance, availability, and security. This process helps […]
Network Segmentation
Network segmentation involves dividing a larger computer network into smaller, distinct subnetworks or segments. This division enhances security and performance by containing network traffic within these segments. By implementing network segmentation, an organization can control the flow of traffic more effectively, reducing the risk of widespread network threats and breaches. It also allows for more […]

P

Patch
A patch is an update or fix that is applied to an existing software program to correct bugs, improve functionality, or address security vulnerabilities. Patches are often released by software developers after the software has been distributed, in response to the discovery of vulnerabilities or issues in the software. The process of applying a patch […]
Patch Management
Patch management involves update management for software applications and technologies. It includes identifying, acquiring, installing, and verifying patches for systems and software. Patches are updates that fix vulnerabilities, bugs, and security flaws, as well as add new features or improve existing ones. Effective patch management is crucial for a company for maintaining the security and […]
Penetration Testing (Pen Test)
A penetration test, commonly known as a pen test, is a simulated cyberattack against a computer system to check for exploitable vulnerabilities. Penetration testing is typically used to augment a web application firewall (WAF). Pen testing involves the attempted breaching of any number of APIs (application protocol interfaces), and frontend/backend servers to uncover vulnerabilities, such […]
Phishing
Phishing is one of the most common and dangerous types of cyberattacks in today’s world. Through social engineering and other means, it involves deceiving individuals into revealing sensitive information, such as passwords, credit card numbers, social security numbers, or other personal data. It commonly takes the form of fraudulent emails or messages that mimic legitimate […]
Proxy Server
A proxy server is an intermediary server between a user’s device and the internet. It serves as a gateway through which internet requests are processed, offering various functions, security, and privacy benefits. When a user connects to the internet through a proxy server, their requests are sent to the proxy, which then forwards them to […]

R

Ransomware
Ransomware is a type of malware designed to block access to a computer system or data until a sum of money (ransom) is paid. It typically encrypts files on the affected system, rendering them inaccessible to users. The attacker then demands a ransom from the victim to restore access to the data upon payment. Ransomware […]
Red Team
A Red Team is a group that plays the role of an adversary to test and evaluate the effectiveness of an organization’s security environment. This team uses a variety of techniques to mimic real-world attacks, challenging the organization’s defenses to identify vulnerabilities and weaknesses. Their activities can include penetrating networks, attempting social engineering, exploiting vulnerabilities, […]

S

SaaS Software
SaaS stands for Software as a Service. A SaaS application is an application that is delivered over the internet as a service, usually on a subscription model, instead of installing and maintaining the software as a standalone on individual computers. It allows users to access software applications hosted on remote servers via the internet, typically […]
Secure Access Service Edge (SASE)
SASE, as a cybersecurity concept, combines network security functions with wide area networking (WAN) capabilities to support the secure access needs of distributed organizations. SASE is designed to provide fast, secure access to cloud-based services and resources regardless of a user’s location. SASE combines various technologies like Software-Defined Wide Area Networking (SD-WAN), Firewall as a […]
Secure Remote Access – A Complete Guide of Ensuring Secure Connections
Secure Remote Access implies the need for companies to protect their networks and data when their employees are accessing the internal resources out…
More Details
Secure Service Edge (SSE)
Secure Service Edge (SSE) is a comprehensive cybersecurity concept that integrates various cloud-centric security services to protect data and users in a distributed, cloud-first environment. It’s part of the broader SASE framework (Secure Access Service Edge), focusing specifically on security services. SSE combines functionalities like Cloud Access Security Brokers (CASB), Secure Web Gateways (SWG), and […]
Secure Socket Layer (SSL)
SSL, or Secure Sockets Layer, is a security technology standard for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an essential tool for securing internet connections and safeguarding sensitive data from being intercepted […]
Secure Web Gateway: Why Is It Critical?
Secure Web Gateway (SWG) is a critical part of a company’s digital protection cybersecurity stack. This article discusses what a  SWG is and why it…
More Details
SIEM (Security Information and Event Management)
Security Information and Event Management (SIEM) is a comprehensive security technology that provides a holistic view of an organization’s information security. SIEM systems work by collecting and aggregating log data generated throughout the organization’s technology infrastructure, from host systems and applications to network and security devices such as firewalls and antivirus filters. This data is […]
Single Sign-On
Single Sign-On is a user authentication service that permits a user to use one set of login credentials (e.g., username and password) to access multiple applications. This simplifies the user experience by reducing password fatigue and the need to remember multiple sets of credentials. It enhances security by reducing the likelihood of password reuse across […]
SOC 2
SOC 2, or Service Organization Control 2, is a framework for managing data security that focuses on five “trust service principles” – security, availability, processing integrity, confidentiality, and privacy. Developed by the American Institute of CPAs (AICPA), SOC 2 is specifically designed for service providers storing customer data in the cloud. It’s an important compliance […]
SOC 2 Type 2
SOC 2 Type 2 is a comprehensive certification within the SOC 2 framework, focused on the effectiveness of a service organization’s systems and controls over a period of time. While SOC 2 Type 1 evaluates the suitability of a company’s controls at a specific point in time, SOC 2 Type 2 goes further to assess […]
Social Engineering
Social engineering is a manipulation technique that exploits human psychology to gain access to confidential information, organization’s internal networks, or buildings. It’s a common tactic used in cybersecurity attacks, differing from traditional hacking in that it relies on human interaction and often involves tricking people into breaking normal security procedures. Social engineers use a variety […]
Software Defined Networking (SDN)
Software-Defined Networking (SDN) approach allows network administrators to manage network services through the abstraction of lower-level functionalities. This is achieved by decoupling the system that makes decisions about where traffic is sent (the control plane) from the underlying systems that forward traffic to the selected destination (the data plane). SDN offers a more flexible and […]
Spear Phishing
Spear phishing is a targeted form of phishing attack where cybercriminals customize their approach to specifically target an individual, organization, or business. Unlike generic phishing attacks, which are sent to large numbers of people, spear phishing involves thorough research and personalization to make the attack more convincing and effective. The attackers often gather personal information […]
SSL (Secure Sockets Layer)
Secure Sockets Layer (SSL) is a standard security protocol for establishing encrypted links between a web server and a browser in online communication. The primary purpose of SSL is to ensure that all data transmitted between the web server and browser remains encrypted and secure. It is commonly used on websites that require data protection, […]
SSL Certificate
An SSL certificate is a digital certificate that provides secure, encrypted communication between a web server and a browser. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a browser. This encryption ensures that all data passed between the web server and browsers remain private […]

T

Test Glossary
Software that automatically displays or downloads advertising material when a user is online. It often comes bundled with free software or other downloads and can be intrusive.Software that automatically displays or downloads advertising material when a user is online. It often comes bundled with free software or other downloads and can be intrusive.Software that automatically […]
Tokenization
Tokenization is a data security process by which a sensitive data element, like a credit card number, is substituted with a non-sensitive equivalent, known as a token. This token acts as a reference or pointer to the original data but does not carry the original’s sensitive information. The main purpose of tokenization is to minimize […]
Trojan Horse
A Trojan horse is a type of malware disguised as legitimate software. It deceives users into loading and executing the malware on their systems. Unlike viruses, Trojans do not replicate themselves, but they can be equally damaging. They are often used to steal data, spy on users, or create backdoors for future access. Trojans are […]
Two-Factor Authentication (2FA)
Two-factor authentication (2FA) is a security method in which users provide two different authentication factors to verify themselves. This method adds an additional layer of security to the authentication process, making it harder for attackers to gain access to a person’s devices or online accounts because knowing the victim’s credentials (username and password) alone is […]

U

URL Filtering
URL filtering involves blocking or allowing access to websites based on a set of predefined or dynamically updated criteria. This practice is used to prevent users from accessing websites that are known to be malicious, inappropriate, or not compliant with company policies. URL filtering is essential for protecting organizations from web-based threats like malware, phishing […]

V

Virtual Private Network (VPN)
A Virtual Private Network (VPN) is traditionally used to create a secure, encrypted connection over a less secure network, such as the public internet. In theory, a VPN allows users to transmit data safely, protecting sensitive information from being intercepted or accessed by unauthorized parties. VPNs are commonly used for secure remote access to an […]
Virus
A virus, or a computer virus, is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code. Infected computer programs can include, but are not limited to, files, programs, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then […]
VPN Split Tunneling
Virtual Private Network (VPN) split-tunneling allows a user to access some network traffic through the encrypted VPN while other traffic directly accesses the internet bypassing encryption. This method enhances efficiency by allowing non-sensitive internet browsing, video calls, or streaming services to bypass the VPN, reducing bandwidth needs and improving speed. It’s particularly valuable for remote […]

W

What is Personally Identifiable Information (PII)?
PII, or Personally Identifiable Information, refers to any data that can be used to uniquely identify, contact, or locate a single person. This information can include direct identifiers, like a person’s name, social security number, driver’s license number, and passport number, which can directly recognize an individual. It also encompasses indirect identifiers, such as date […]
Worm
A computer worm is a type of malware that replicates itself in order to spread to other computers, often over a network. Unlike a virus, which requires user action to spread (such as running an infected program), a worm can spread itself without any human intervention. This self-replicating nature often leads to heavy use of […]

Z

Zero Trust Network Access (ZTNA) – Moving beyond VPNs and on-prem FWs
In the current realm of a decentralized workplace where a remote workforce is accessing company resources and cloud-based applications from anywhere, …
More Details
Zero-Day Attack
A zero-day attack is a cyberattack that exploits a previously unknown vulnerability in software or hardware. The term “zero-day” describes the fact that the developers have had zero days to fix the issue since it was just discovered, meaning there’s no available patch or fix at the time of the attack. These vulnerabilities are highly […]

Get Started with Timus

Zero Trust. Adaptive Cloud Firewall. Secure Remote Access. In one.