Discover published sets by community

In cybersecurity, a vulnerability refers to a weakness in a system that can be exploited by a threat actor to perform unauthorized actions within a computer system.

Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information, a common tactic for information breaches.

A Distributed Denial of Service (DDoS) attack is an attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

SIEM is software that provides real-time analysis of security alerts generated by applications and network hardware, giving organizations insight into their IT security systems.

Incident Response is an organization's process of responding to a cybersecurity breach or attack, aiming to handle the situation in a way that limits damage and reduces recovery time and costs.

Encryption is the process of converting information or data into a code to prevent unauthorized access, ensuring data confidentiality.

Identity Theft is the fraudulent acquisition and use of a person’s private identifying information, often for financial gain.

A Zero-Day Exploit is an attack that targets a previously unknown vulnerability in a computer system or application, which is called a 'zero-day vulnerability'.

Antivirus software is designed to detect, prevent, and remove malware, as well as providing protection against a variety of other cybersecurity threats.

A rootkit is a software program that has the ability to obtain root-level access and hide certain things from the operating system, making it difficult to detect and remove.

SSL is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication to ensure data privacy and integrity.

Spear Phishing is a more targeted version of phishing, where an attacker chooses specific individuals or enterprises and customizes the message based on characteristics, job positions, or other factors.

A VPN extends a private network across a public network, enabling users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

A cybersecurity audit is a comprehensive review of an organization's adherence to regulatory guidelines and its cybersecurity policies and procedures to ensure security protocols and defenses are up-to-date.

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on security rules.

Phishing is a type of social engineering attack where attackers deceive individuals into providing sensitive information by disguising as trustworthy entities in electronic communication.

Two-Factor Authentication (2FA) is a security process in which users provide two different authentication factors to verify themselves, enhancing protection against unauthorized access.

An IDS monitors network traffic for suspicious activities and issues alerts when such activity is discovered, often a part of a layered security approach.

Ransomware is malware that encrypts the victim's data, with the attacker demanding a ransom from the victim to restore access to the data upon payment.

A honeypot is a security mechanism set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems, often acting as a decoy.

A botnet is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge, usually to send spam messages or to attack other systems.

PKI is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.

Penetration Testing is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system, with the objective of identifying any weak spots.

Malware is short for malicious software, designed to harm, exploit, or otherwise unauthorized action on data, devices, or networks.