top of page


Cyber Security Glossary

Key Terms and Phrases

Account Takeover

Unauthorized access and control of a user's online account by an attacker, typically achieved through various techniques such as phishing, credential stuffing, or password guessing.

Attack Surface

The sum total of all the vulnerabilities and entry points through which an attacker can gain unauthorized access to a system or network.


A network of compromised computers or devices that are under the control of a malicious actor, usually used to carry out coordinated attacks, send spam, or perform other malicious activities.

Brand Intelligence

The collection and analysis of data related to a brand's reputation, perception, and performance in order to make informed business decisions and protect the brand's interests.

Brand Protection

Measures taken to safeguard a brand's reputation, intellectual property, and customer trust from unauthorized use, counterfeiting, fraud, or other threats.

Breach Intelligence

Information gathered and analyzed about data breaches, including details such as compromised data, attack methods, and affected entities, in order to enhance security measures and prevent future breaches.

Business Email Compromise (BEC)

A type of cyber fraud where attackers compromise business email accounts to conduct fraudulent activities, such as tricking employees into making unauthorized transactions or revealing sensitive information.

Cyber Threat Intelligence

The collection, analysis, and dissemination of information about potential or ongoing cyber threats, including threat actors, their motives, tactics, techniques, and indicators of compromise.

Attack Surface Management

The process of identifying, assessing, and reducing the vulnerabilities and potential entry points that could be exploited by cyber attackers to compromise an organization's systems or networks.

Cybersecurity Attack

An intentional and malicious action or exploit that targets vulnerabilities in computer systems, networks, or digital infrastructure to gain unauthorized access, disrupt operations, steal data, or cause damage.

Cybersecurity Awareness

The knowledge, understanding, and vigilance of individuals or organizations regarding potential cybersecurity threats, best practices, and the adoption of security measures to protect against attacks.

Cybersecurity Risk Management

The process of identifying, assessing, and prioritizing cybersecurity risks to implement appropriate controls, safeguards, and mitigation strategies to protect critical assets and sensitive information.

- Read more about cybersecurity here.

Brand Monitoring

The practice of actively monitoring online platforms, social media, and other sources to track mentions, discussions, and sentiment related to a brand in order to manage reputation and identify potential risks.

Dark Web Threat Intelligence

The collection and analysis of information about cyber threats, illegal activities, and malicious actors operating in hidden online networks and marketplaces known as the dark web.

Data Breach

An incident where unauthorized individuals gain access to sensitive or confidential data, potentially resulting in its exposure, theft, or misuse.

Data Broker

A company or entity that collects, aggregates, and sells personal or business data to other organizations for various purposes, including marketing, research, and analytics.

- Read more about Data Brokers here.

Deep and Dark Web

Collective terms referring to parts of the internet that are not indexed by search engines and are intentionally hidden or require specific software or authorization to access, often associated with illegal activities and anonymity.

Digital Executive Protection

Measures and strategies implemented to safeguard high-profile individuals, such as executives or public figures, from digital threats, including cyberattacks, online harassment, or reputation damage.

Digital Risk Management

The process of identifying, assessing, and mitigating risks related to an organization's digital assets, including data, systems, networks, and online reputation.

Digital Risk Protection (DRP)

The use of tools, technologies, and strategies to monitor, detect, and mitigate digital risks, including threats to brand reputation, data breaches, intellectual property violations, and cyberattacks.

- Read more about Digital Risk Management here.

Domain Monitoring

Continuous monitoring of domain names to detect any unauthorized changes, malicious activities, or potential abuse that may affect an organization's online presence or brand reputation.

Domain Protection

Measures taken to secure and protect domain names from unauthorized transfers, hijacking, misuse, or reputation damage.

Domain Spoofing

A technique used by attackers to create deceptive domain names that closely resemble legitimate ones, aiming to trick users into disclosing sensitive information or downloading malicious content.


The act of publicly revealing or publishing private or personal information about an individual or organization without their consent, typically with malicious intent.

Email Security

Measures, protocols, and technologies implemented to protect email communication from unauthorized access, interception, tampering, or malicious content.

Email Spoofing

The forging of the "From" field in an email header to make it appear as if the email originated from a different sender, often used in phishing attacks or to deceive recipients.

Executive Protection

A comprehensive approach involving physical, digital, and personal security measures implemented to protect high-profile individuals, such as executives or public figures, from various risks and threats.

External Threat Intelligence Services

Services provided by external organizations or vendors that specialize in collecting, analyzing, and delivering timely and relevant threat intelligence to assist businesses in enhancing their security posture.


Pretending to be someone else, typically with malicious intent, in order to deceive or defraud individuals or organizations.

Incident Response

The process of identifying, investigating, containing, mitigating, and recovering from a cybersecurity incident or breach to minimize its impact and restore normal operations.

Information Leakage

The unauthorized disclosure or accidental exposure of sensitive or confidential information, potentially leading to privacy breaches or security incidents.


Malicious software or hardware that records keystrokes on a computer or mobile device, often used to capture sensitive information such as usernames, passwords, or credit card details.


Short for "malicious software," it refers to any software designed to harm, compromise, or gain unauthorized access to a computer system or network, including viruses, worms, Trojans, ransomware, or spyware.

Malware Intelligence

The collection, analysis, and dissemination of information about malware, including its characteristics, behavior, distribution methods, and indicators of compromise.

Open Source Intelligence (OSINT)

The process of collecting and analyzing information from publicly available sources, including websites, social media, online forums, and public records, to gather insights and intelligence.

Personally Identifiable Information (PII)

Any data or information that can be used to identify an individual, such as name, address, social security number, or email address.

Phishing Attack

A type of cyber attack where attackers send deceptive emails or messages pretending to be from a trustworthy source to trick individuals into revealing sensitive information, such as login credentials or financial details.

Physical Security

Measures and strategies implemented to protect physical assets, facilities, and individuals from unauthorized access, theft, vandalism, or harm.

Protective Intelligence

The gathering, analysis, and application of information and insights to proactively identify and mitigate threats, risks, or vulnerabilities to individuals, organizations, or assets.


Malicious software that encrypts a victim's data and demands a ransom payment in exchange for the decryption key, often causing significant disruption, data loss, and financial damage.

Security Operations Center (SOC)

A centralized team, facility, or department responsible for monitoring, detecting, analyzing, and responding to security incidents and threats in an organization's infrastructure or network.

Social Engineering

Psychological manipulation and deception techniques used by attackers to trick individuals into divulging sensitive information or performing actions that may compromise security.

Social Engineering Attack

An attack that exploits human psychology or trust to deceive individuals into revealing confidential information, providing access to systems, or performing harmful actions.

Social Media Monitoring

The process of tracking and analyzing social media platforms for mentions, discussions, trends, or sentiment related to a brand, individual, or topic to gather insights, manage reputation, or identify potential risks.

Social Media Risk

Potential negative consequences, threats, or risks associated with the use of social media platforms, including brand damage, privacy breaches, data leaks, or reputational harm.

Spear Phishing Attack

A targeted phishing attack that focuses on specific individuals or groups, using personalized and tailored messages to increase the chances of success and deception.

Spoof Email Address

An email address created or forged to mimic a legitimate email address, often used in phishing attacks or to deceive recipients.

Supply Chain Intelligence

The process of gathering and analyzing information about suppliers, vendors, partners, or third-party entities to assess their security posture, potential risks, or vulnerabilities to ensure the security and integrity of the supply chain.

Surface Web

The publicly accessible and searchable portion of the internet that can be indexed by search engines.

Third-Party Risk Intelligence

The collection, analysis, and evaluation of information about the security posture, vulnerabilities, and potential risks posed by third-party vendors, suppliers, or partners to an organization's systems or data.

Threat Intelligence

Information about potential or emerging threats, including threat actors, their motives, tactics, techniques, and indicators of compromise, used to enhance security measures, detect threats, and respond effectively.

Threat Intelligence Platform

A software or technology solution that automates the collection, analysis, and management of threat intelligence data to provide actionable insights and support cybersecurity operations.

Threat Intelligence Software

Software tools or applications specifically designed to gather, process, analyze, and present threat intelligence data to aid in the identification, understanding, and mitigation of potential threats.

Threat Intelligence Tools

Various tools, technologies, or resources used to collect, analyze, and disseminate threat intelligence, including threat feeds, data aggregators, sandboxes, or malware analysis platforms.

Threat Landscape

The current state and dynamics of potential threats, risks, and vulnerabilities within the cybersecurity ecosystem, including emerging trends, attack vectors, and threat actor activities.


A weakness or flaw in a system, network, software, or process that can be exploited by attackers to gain unauthorized access, perform unauthorized actions, or cause damage.

Zero Day

A software vulnerability that is unknown to the vendor or has no available patch or fix, making it attractive to attackers as they can exploit it before it is discovered or mitigated.


bottom of page