LIVE NEWSROOM · --:-- · May 24, 2026
A LIBRARY FOR SECURITY RESEARCHERS

REFERENCE

Cybersecurity
glossary.

Plain-English definitions of 49 essential security terms — each with how to defend and the free tools to investigate it.

Advanced Persistent Threat (APT)

A well-resourced adversary (often state-sponsored) that gains and maintains long-term covert access to a targe…

Backdoor

A hidden method of bypassing normal authentication to access a system.…

Botnet

A network of compromised devices controlled remotely by an attacker to act in unison.…

Brute-Force Attack

Systematically trying many passwords or keys until the correct one is found.…

Command and Control (C2)

The infrastructure attackers use to communicate with and control compromised systems.…

Computer Worm

Self-replicating malware that spreads across networks without user interaction.…

Credential Stuffing

Using username/password pairs leaked from one breach to log into other services.…

Cross-Site Request Forgery (CSRF)

An attack that tricks a logged-in user’s browser into sending an unwanted authenticated request.…

Cross-Site Scripting (XSS)

A web vulnerability that lets an attacker run their JavaScript in another user’s browser session.…

Cryptojacking

Hijacking a victim’s computing resources to mine cryptocurrency without consent.…

DDoS Attack

A Distributed Denial-of-Service attack floods a target with traffic from many sources to make it unavailable.…

Data Breach

An incident where confidential data is accessed or disclosed without authorization.…

Data Exfiltration

The unauthorized transfer of data out of a system or network.…

EDR

Endpoint Detection and Response — software that monitors endpoints for malicious behavior and enables investig…

Encryption

Transforming data into an unreadable form so only authorized parties with the key can read it.…

Exploit

Code or a technique that takes advantage of a vulnerability to cause unintended behavior.…

Fileless Malware

Malware that operates in memory using legitimate system tools, leaving little on disk.…

Firewall

A device or software that filters network traffic based on security rules.…

Hashing

A one-way function that maps data of any size to a fixed-length fingerprint.…

Honeypot

A decoy system designed to attract and study attackers.…

Indicator of Compromise (IOC)

A piece of forensic evidence that suggests a system has been breached.…

Keylogger

Software or hardware that records keystrokes to capture passwords and other sensitive input.…

Lateral Movement

Techniques attackers use to move from an initial foothold to other systems inside a network.…

Malware

Any software written to harm, exploit, or gain unauthorized access to a system — short for “malicious software…

Man-in-the-Middle (MITM)

An attack where the adversary secretly relays and possibly alters communication between two parties.…

Multi-Factor Authentication (MFA)

Requiring two or more independent proofs of identity to authenticate.…

Password Spraying

Trying one common password against many accounts to avoid lockouts.…

Payload

The part of malware or an exploit that performs the malicious action.…

Penetration Testing

An authorized simulated attack to find and demonstrate exploitable security weaknesses.…

Phishing

A social-engineering attack that tricks people into revealing credentials or installing malware through fraudu…

Privilege Escalation

Gaining higher permissions than originally granted — e.g., from a normal user to admin/root.…

Ransomware

Malware that encrypts a victim’s files (and often steals them first) and demands payment for the decryption ke…

Remote Code Execution (RCE)

A vulnerability that lets an attacker run arbitrary code on a target system over a network.…

Rootkit

Stealthy malware that hides its presence and grants persistent privileged access.…

SIEM

Security Information and Event Management — a platform that centralizes logs and correlates them to detect thr…

SQL Injection

A web vulnerability where attacker-controlled input is concatenated into a database query, letting them read,…

Sandbox

An isolated environment where untrusted code can run without affecting the host.…

Server-Side Request Forgery (SSRF)

A flaw where an attacker makes the server send requests to destinations the attacker chooses.…

Social Engineering

Manipulating people into breaking security procedures or revealing confidential information.…

Spyware

Malware that covertly gathers information about a user or organization.…

Supply-Chain Attack

Compromising a trusted vendor, library, or update mechanism to reach its downstream customers.…

TLS / SSL

Transport Layer Security — the protocol that encrypts and authenticates internet communications (the “S” in HT…

Threat Intelligence

Evidence-based knowledge about threats used to inform security decisions.…

Trojan Horse

Malware disguised as legitimate software to trick users into running it.…

VPN

A Virtual Private Network encrypts traffic and tunnels it through an intermediary for privacy or remote access…

Vulnerability

A weakness in a system that can be exploited to compromise its security.…

Web Application Firewall (WAF)

A filter that inspects HTTP traffic to block web attacks like SQL injection and XSS.…

Zero Trust

A security model that trusts nothing by default and verifies every request, inside or outside the network.…

Zero-Day

A vulnerability that is exploited before the vendor has released a patch — defenders have “zero days” to fix i…

Scroll to Top