What are you
looking for?
The Technosprout Glossary is your guide through a sea of complicated terminology, providing easy-to-understand definitions and resources for further exploration. If you can't find what you're looking for, contact us and we will be happy to help.
A zero trust model is a cyber security model designed to protect the resources and sensitive data of businesses. It gives no user or device default access to an organization’s network, workspace or other resources even if they’re employed by the organization. This model demands that the authorized users must pass security protocols like their identity, time of access, and device posture before access is granted.
Secrets management refers to the tools and methods for managing digital authentication credentials that includes passwords, keys, APIs and tokens. These credentials are used in applications, services, privileged accounts and other sensitive parts of the IT ecosystem. Some of the most common types of secrets include privileged account credentials, passwords, certificates, SSH keys, API keys, or encryption keys.
The principle of least privilege is an important concept in computer security. It limits access rights for users to the bare minimum permissions they need to perform their work. It means enforcing the minimal level of user rights that allows the user to perform his/her role. Users are granted permission to read, write or execute only the files or resources they need to do their jobs.
Ransomware is a form of malware that encrypts a victim’s files. It has the ability to lock a computer screen or encrypt important and predetermined files with a password. It is a criminal money making scheme that can be installed through deceptive links in an email, instant message or website.
A data breach is a security incident in which information is accessed without authorization. It can occur accidentally or as a result of a deliberate attack. A data breach is the release of confidential or sensitive information into an unsecured environment.
Cloud” refers to the hosted resources delivered to a user via software. Cloud security, also known as cloud computing security, refers to the procedures and technology of protecting cloud computing environments, applications, data, information, and infrastructure.
Enterprise security includes both the internal or proprietary business secrets of a company as well as the employee and customer data related to privacy laws. It is the process by which an organization protects its information assets (data, servers, workstations, storage, networking, applications, etc.) from infringement of confidentiality, integrity, or availability. Enterprise Security Solutions not only help organizations understand their IT security postures but also provide the best course of action to overcome the security loopholes.
Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious digital attacks. It’s also known as information technology security or electronic information security.
DevOps is a term used to describe a set of cultural philosophies, practices, and tools that bring together software development (Dev) and IT operations (Ops) and increase an organization’s ability to deliver applications and services at high velocity. DevOps presents new risks and cultural changes that create security challenges that cannot typically be addressed by conventional security management solutions and practices.
Privileged Identity Management (PIM) is a capability within identity management focused on the special requirements of managing highly privileged access. PIM is an information security and governance tool to help companies meet compliance regulations and to prevent system and data breaches through the improper use of privileged accounts.
Malware is the collective name for a number of malicious software variants, including viruses and spyware. Malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
A secure web gateway offers protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real-time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code.
DevSecOps is the philosophy of integrating security practices within the DevOps process. DevSecOps involves creating a ‘Security as Code’ culture with ongoing, flexible collaboration between release engineers and security teams. The DevSecOps movement, like DevOps itself, is focused on creating new solutions for complex software development processes within an agile framework.
Cloud visibility is the ability to have a detailed view of all activity in your cloud. This means you can identify security threats and inefficient performance in your cloud deployment.
Passwordless Authentication is an authentication method that allows a user to gain access to an application or IT system without entering a password or answering security questions.
Identity as a Service (IDaaS) is an Identity and Access Management solution delivered in the form of a cloud-based service hosted and managed by a trusted third party. An IDaaS offering combines all the functions and benefits of an enterprise-class IAM solution with all the economic and operational advantages of a cloud-based service.
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials — for example, a name and password — to access multiple applications. SSO can be used by enterprises, smaller organizations and individuals to ease the management of various usernames and passwords.
Robotic process automation (RPA) is an automation technology that helps organizations to partially or fully automate standardized tasks. Robotic process automation software robots, or “bots” can mimic the actions of humans to perform work.
Adaptive Authentication is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use Adaptive Authentication to balance security requirements with the user experience.
A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account holders) of the service or resource they expected.
An API allows two cloud applications to talk to one other directly, allowing a third party to read or make changes directly within a cloud application. Creating an API connection requires a user’s approval, but once created, runs silently in the background, often with little or no monitoring. An API-based attack typically involves fooling the user into approving an API connection with a phishing attack. Once granted the API token, the attacker has almost complete access and control, even if the user changes the account password. To break the connection, the user must manually revoke the API token.
Cloud infrastructure entitlement management (CIEM) is a term introduced by Gartner in the year 2020 to describe the next generation of solutions for enforcing least privilege in the cloud. It addresses cloud native security challenges of managing identity access management in cloud environments.
A set of access control technologies for restricting the use of confidential information, proprietary hardware, and copyrighted works, typically using encryption and key management.
Hardcoded Passwords, also often referred to as embedded credentials, are plain text passwords or other secrets in source code. Password hardcoding refers to the practice of embedding plain text (non-encrypted) passwords and other secrets (SSH Keys, DevOps secrets, etc.) into the source code. Default, hardcoded passwords may be used across many of the same devices, applications, systems, which helps simplify set up at scale, but at the same time, poses considerable cybersecurity risk.
Secure Socket Shell (SSH) Key Management, also called Secure Shell Management, is a special network protocol leveraging public-key cryptography to enable authorized users to remotely access a computer or other device via access credentials called SSH keys. Because they are used to access sensitive resources and perform critical, highly privileged activities, it’s vital to properly manage SSH keys as you would other sensitive credentials.
Separation of privilege, also called privilege separation, is an information technology best practice applied by organizations to broadly separate users and processes based on different levels of trust, needs, and privilege requirements.
Superuser accounts are highly privileged accounts primarily used for administration by specialized IT employees. A Superuser is an individual with access to such an account.
Vulnerability assessment refers to the process of identifying risks and vulnerabilities in computer networks, systems, hardware, applications, and other parts of the IT ecosystem. Vulnerability assessments provide security teams and other stakeholders with the information they need to analyze and prioritize risks for potential remediation in the proper context.
A cyberattack in which the hacker compromises an online account, sends messages internally within the organization, and leverages the stolen identity to ask for confidential information. They may also use the account to attack other organizations.
Vulnerability scanning is the process of discovering, analyzing, and reporting on security flaws and vulnerabilities. Vulnerability scans are conducted via automated vulnerability scanning tools to identify potential risk exposures and attack vectors across an organization’s networks, hardware, software, and systems. Vulnerability scanning and assessment is an essential step in the vulnerability management lifecycle.
Password Rotation refers to the changing/resetting of a password(s). Limiting the lifespan of a password reduces vulnerability to password-based attacks and exploits, by condensing the window of time during which a stolen password may be valid.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent eu orci faucibus orci malesuada semper eget non tellus. Cras sed dignissim purus. Mauris varius neque leo, eu pellentesque justo venenatis et. Sed ultricies risus non turpis tempus, nec nulla suscipit. In comdo urna eu turpis accumsan, et viverra mauris fringillaCras interdum
Video 48 Min + 2 Min read to complete
A credential is an item, such as an ID card, or a username/password combination, used by persons or entities to prove themselves.
A system for cross-domain identity management (SCIM) is an open standard for automating the exchange of user identity information between identity domains, or IT systems, designed to make user identity management in cloud-based applications easier.
A session is an interaction between two or more entities on a network, generally consisting of an exchange of information. In the context of identity management, the most important information exchanged is the credentials of each entity and the time-out information for the session.
A method of authentication that relies on a single factor, such as username and password, to verify a user’s identity.
Security Assertion Markup Language (SAML) provides a standard way for businesses and application providers to share user authentication and authorization data and federated identity management functionality.
A virtual directory is an Identity and Access Management architectural component that gives identity consumers a consolidated and unified view of identity management information stored in multiple disparate data repositories.
Privileged Password Management is the secure storing, sharing, creating, and handling of privileged passwords. Privileged password management may alternatively be referred to as privileged credential management, enterprise password management, enterprise password management, enterprise password security.
A Pass-the-Hash Attack (PtH) is a technique whereby an attacker captures a password hash (as opposed to the password characters) and then simply passes it through for authentication and potentially lateral access to other networked systems. The threat actor doesn’t need to decrypt the hash to obtain a plain text password. PtH attacks exploit the authentication protocol, as the passwords hash remains static for every session until the password is rotated. Attackers commonly obtain hashes by scraping a system’s active memory and other techniques.
A unique authorization key used for API interactions. Each token is granted a certain level of access and control and often continues to provide access until the token is manually revoked.
A deliberate configuration change within a system by a malicious actor, typically to create back-door access or exfiltrate information. While the original change in configuration might involve a compromised account or other vulnerability, a malconfiguration has the benefit of offering long term access using legitimate tools, without further need of a password or after a vulnerability is closed.
A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider. (Not all private clouds are hosted in this fashion.) VPCs combine the scalability and convenience of public cloud computing with the data isolation of private cloud computing.
Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. This decoupling allows container-based applications to be deployed easily and consistently, regardless of whether the target environment is a private data center, the public cloud, or even a developer’s personal laptop. It provides a clean separation of concerns, as developers focus on their application logic and dependencies, while IT operations teams can focus on deployment and management without bothering with application details such as specific software versions and configurations specific to the app.
An acronym for Cloud Access Security Broker. This is a type of security that monitors and controls the cloud applications that an organization’s employees might use. Typically, the control is enforced by routing web traffic through a forward- or reverse-proxy. CASBs are good for managing Shadow IT and limiting employee’s use of certain SaaS or the activity within those SaaS, but do not monitor third-party activity in the cloud—i.e. shared documents or email.
An account which has been accessed and is possibly controlled by an outside party for malicious reasons. This can be done either via API connection or by gaining credentials to the account from a leak or phishing email. Typically, the goal of the attacker is to remain undetected, in order to use the account as a base for further attacks.
A type of security that prevents sensitive data, usually files, from being shared outside the organization or to unauthorized individuals within the organization, through policies that encrypt data or control sharing settings.
A dangerous or unapproved configuration of an account that could potentially lead to a compromise typically done by a well-intentioned user attempting to solve an immediate business problem. While there is no malicious intent, misconfiguration is actually the leading cause of data loss or compromise.
Any unapproved cloud-based account or solution implemented by an employee for business use. It might also include the use of an unknown account with an approved provider, but administered by the user rather than corporate IT.
A security measure in which a file’s behavior is monitored and analyzed in an isolated environment in order to see if it contains hidden malicious functions or is communicating with an unknown third-party.
