Cybersecurity Glossary

CDN, or Content Delivery Network, is a system of distributed servers that deliver web content and resources to users based on their geographic location, ensuring faster load times and reduced server load.

DNSSEC is a security protocol that adds an extra layer of protection to the DNS for a domain. It works by digitally signing DNS entries to ensure they are not manipulated or forged during transit, and helps verify the authenticity and integrity of the website and services connected to your domain.

Malware, short for malicious software, is any software designed to harm, exploit, or damage any computer, server, client, or computer network.

Phishing is a fraudulent attempt to obtain sensitive information, such as usernames, passwords, or credit card details, by disguising as a trustworthy entity, often through deceptive emails or websites.

Social Engineering, in a cybersecurity context, refers to manipulating individuals into divulging confidential information or performing actions that compromise security, often through deception or persuasion.

A network security device or software that monitors and filters incoming and outgoing network traffic based on established security policies.

A type of malware that encrypts a victim’s files, then demands payment in exchange for the decryption key.

An extra layer of security requiring not only a password and username but also a piece of information only the user knows or has access to.

A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, often used for sending spam or launching DDoS attacks.

An attack where multiple systems flood a targeted system or resource with traffic, causing it to become overwhelmed and unavailable to users.

The practice and study of techniques for securing communication and data from adversaries.

A system or software that monitors network traffic for suspicious activity or violations and alerts administrators.

A software vulnerability that is unknown to those who would be interested in fixing the vulnerability, making it particularly valuable to malicious actors.

The protection of internet-connected devices (endpoints) like computers, mobile devices, and networks from potential threats.

A vulnerability in web applications that allows attackers to inject malicious scripts into web pages viewed by users.

An attack that tricks users into performing unintended actions on a website where they’re authenticated, potentially causing unwanted changes or revealing sensitive data.

An attack technique where malicious SQL code is inserted into input fields to manipulate or exploit a website’s database.

A security feature implemented by web servers to prevent XSS attacks by controlling which sources of content are allowed to be loaded by web browsers.

An attack method that allows attackers to access restricted directories and execute commands outside of the web server’s root directory.

An attack where an unauthorized user takes over a legitimate user’s online session, often to steal sensitive data or perform malicious actions.

An unexpected download of malicious software onto a user’s system when they visit a compromised website.

Malicious script uploaded to a web server which allows an attacker remote access and control over the website.