Learning Center
Cybersecurity Glossary
28 terms and concepts explained for security buyers and practitioners.
C
Cloud Access Security Broker(CASB)
A security policy enforcement point placed between cloud service consumers and cloud service providers to monitor activity, enforce security policies, and protect data as it moves to and from cloud applications.
Cloud Security Posture Management(CSPM)
A category of security tools that continuously monitor cloud infrastructure configurations to identify misconfigurations, compliance violations, and security risks across IaaS and PaaS environments.
Cloud-Native Application Protection Platform(CNAPP)
An integrated security platform that combines cloud workload protection, cloud security posture management, infrastructure-as-code scanning, and runtime protection for cloud-native applications.
Cybersecurity Compliance Frameworks
Structured sets of guidelines, standards, and best practices that organizations follow to manage cybersecurity risk, protect data, and meet regulatory requirements.
E
Email Security
The technologies and practices designed to protect email communications from threats including phishing, business email compromise (BEC), malware, spam, and data exfiltration via email channels.
Endpoint Detection and Response(EDR)
A security solution that continuously monitors endpoint devices (laptops, servers, workstations) to detect, investigate, and respond to cyber threats using behavioral analysis and telemetry data.
Extended Detection and Response(XDR)
A unified security platform that integrates detection and response across endpoints, networks, cloud workloads, email, and identity to provide correlated threat visibility and automated response.
I
Identity and Access Management(IAM)
A framework of policies and technologies that ensures the right individuals have appropriate access to technology resources, encompassing authentication, authorization, and identity lifecycle management.
Identity Governance and Administration(IGA)
A framework of policies and technologies that manages digital identities and governs access rights, including access request workflows, access certification campaigns, role management, and segregation of duties.
Incident Response(IR)
The organized approach to preparing for, detecting, containing, eradicating, and recovering from cybersecurity incidents, guided by a formal incident response plan and team.
M
MITRE ATT&CK Framework
A globally accessible, curated knowledge base of adversary tactics and techniques based on real-world observations, used as a common language for describing and categorizing cyber threats.
Multi-Factor Authentication(MFA)
A security mechanism that requires users to provide two or more independent verification factors — something they know (password), something they have (phone/key), or something they are (biometrics) — to prove their identity.
P
Penetration Testing
A simulated cyberattack against an organization's systems, networks, or applications conducted by authorized security professionals to identify exploitable vulnerabilities before malicious attackers do.
Privileged Access Management(PAM)
A security discipline and set of tools that control, monitor, and audit access to critical systems by privileged users such as system administrators, database admins, and service accounts.
S
Secrets Management
The practice and tooling for securely storing, accessing, rotating, and auditing sensitive credentials such as API keys, database passwords, certificates, and encryption keys used by applications and infrastructure.
Secure Access Service Edge(SASE)
A cloud-delivered architecture that converges wide-area networking (SD-WAN) and network security services (SWG, CASB, ZTNA, FWaaS) into a single, globally distributed platform.
Security Data Pipeline
Infrastructure for collecting, transforming, routing, and delivering security telemetry (logs, metrics, traces) from sources to destinations like SIEMs, data lakes, and analytics platforms.
Security Information and Event Management(SIEM)
A platform that aggregates, correlates, and analyzes security event data from across an organization's IT infrastructure to detect threats, support incident response, and meet compliance requirements.
Security Orchestration, Automation and Response(SOAR)
A category of security tools that combine incident response case management, workflow automation, and threat intelligence aggregation to help security teams respond to threats faster and more consistently.
Software Bill of Materials(SBOM)
A comprehensive inventory of all components, libraries, and dependencies that make up a software product, analogous to a list of ingredients on food packaging, used for vulnerability management and supply chain security.
Software Composition Analysis(SCA)
A security practice and toolset that identifies open-source and third-party components in a codebase, detects known vulnerabilities in those dependencies, and monitors license compliance.
Static Application Security Testing(SAST)
A method of analyzing application source code, bytecode, or binaries for security vulnerabilities without executing the program, typically integrated into the development workflow.