Key Security Terms

We want all of our users to be security experts! Learn the key security terms (non-acronyms) in alphabetical order below.

Natalie Novick avatar
Written by Natalie Novick
Updated over a week ago

Access Monitoring: Proactively or reactively observing and analyzing what happened while a user was in a session. A session is defined as a single event where a user exercised their access rights, or the period of time a user was “logged in” to an asset, presumably performing work.

Audit Log: A record of events and changes. IT devices across your network create logs based on events. Audit logs are records of these event logs, typically regarding a sequence of activities or a specific activity. These records can serve as evidence in critical investigations to gain insight into activity that could have been the root cause of an incident. Audit logs are also critical for proving compliance with common regulations such as HIPAA and PCI DSS.

Bug Bounty: A monetary reward given to ethical hackers for successfully discovering and reporting a vulnerability or bug to the application's developer. Bug bounties are becoming increasingly popular among larger enterprise organizations as an additional approach to improving their security posture. Crowdsourcing has been proven advantageous to the industry as they assist in detecting bugs that a penetration test may miss.

Code Analysis: Static and dynamic code analysis are two of the most common forms of application security testing. They take different approaches to identifying vulnerabilities and are often complementary. Static code analysis is a form of white-box testing that can help identify security issues in source code. On the other hand, dynamic code analysis is a form of black-box vulnerability scanning that allows software teams to scan running applications and identify vulnerabilities.

Data Access: The on-demand, authorized ability to retrieve, modify, copy, or move data from IT systems. With data access, users can perform these functions in any location and with data in motion or at rest.

Data Center Infrastructure Security: Data center security encompasses the practices and preparation that keep a data center secure from threats, attacks, and unauthorized access. Aspects of data center security include physical security, requiring site planning to limit physical break-ins, and network security, where security engineers install firewalls and anti-malware programs to prevent breaches.

Data Deletion: When a file is deleted, the operating system deletes the pointers to the file and marks the corresponding cluster in FAT or master file table (MFT) as ‘available’ for storing new file or data. ‘Deletion’ does not necessarily delete the file or actual data, but only the pointer, i.e. address to the file, due to which the file becomes invisible and inaccessible to normal usage by user.

Data Erasure: A software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by using zeros and ones to overwrite data onto all sectors of the device. By overwriting the data on the storage device, the data is rendered irrecoverable and achieves data sanitization

Data Security: Refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, hashing, tokenization, and key management practices that protect data across all applications and platforms.

Encryption at rest: When data is encrypted at rest through hardware-based software and devices, it’s protected from people trying to access it to steal personally identifiable information (PII) or other sensitive contents. While data is generally less vulnerable at rest than in transit, often, hackers find the data at rest more valuable than data in transit because it often has a higher level of sensitive information (social security numbers, healthcare information, credit card information)–making this data state crucial for encryption.

Encryption in transit: Encryption in transit is when the encrypted data is active, moving between devices and networks such as the internet, within a company, or being uploaded in the cloud. When you log on to your email, your password is sent to a third party for validation–this is an example of data in transit.

Information Security Policy: Sets forth rules and processes for workforce members, creating a standard around the acceptable use of the organization's information technology, including networks and applications to protect data confidentiality, integrity, and availability.

Physical Security: The protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism. With most organizations using AWS, Azure, GCP, etc, it becomes the responsibility of these cloud providers to provide the physical security of their data centers.

Pen Test Report: Provides a detailed and comprehensive analysis of the system’s vulnerabilities. It will also detail how to mitigate those issues, including recommendations for patching, hardening or locking down specific systems where needed. A customers’ need to see a pen test from a vendor is becoming increasingly popular because it demonstrates the validation of an organization’s security controls. A pen test report proves that you address security issues to safeguard customer data.

Vulnerability & Patch Management: Vulnerability Management is the process of identifying, cataloging, remediating, and mitigating vulnerabilities found in software or hardware. Patch Management is the process of identifying, testing and deploying patches for operating systems or applications on devices to ensure systems stay up to date. Patches are pieces of code added to the existing software code to improve functionality or to remove vulnerabilities discovered in the software. This becomes important to customers because they want to ensure that their vendors are proactively addressing patch and configuration management, which reduces and manages the number of critical vulnerabilities your organization is exposed to and reduces the attack surface for bad actors to exploit.

Did this answer your question?