Cybersecurity Glossary
Learn about key terms and concepts in cybersecurity and information security.
Anycast DNS
A network addressing technique where multiple servers share the same IP address, routing requests to the nearest or most available server for improved performance and resilience.
API Abuse
API abuse involves exploiting application programming interfaces through excessive requests, parameter manipulation, or unauthorized access to bypass security controls, extract data, or disrupt services.
Attribute-Based Access Control (ABAC)
Access control model that evaluates multiple attributes to determine access permissions.
BEAST (CVE-2011-3389)
BEAST is a security vulnerability in TLS 1.0 that allows attackers to decrypt HTTPS traffic through a man-in-the-middle attack exploiting CBC mode weaknesses.
Biometric Authentication
Secure authentication method using unique biological characteristics to verify user identity.
Blind SQL Injection
Blind SQL Injection is a type of SQL Injection attack where attackers infer data from application behavior rather than direct error messages or output.
Broken Authentication
Broken Authentication is a web security vulnerability that occurs when authentication mechanisms are implemented incorrectly, allowing attackers to compromise user accounts, passwords, session tokens, or keys.
Brute Force Attack
A trial-and-error method used by attackers to guess passwords, encryption keys, or other credentials through exhaustive enumeration.
Business Logic Flaws
Business logic flaws are vulnerabilities that allow attackers to manipulate application workflows, bypass intended functionality, or exploit design flaws to achieve unauthorized outcomes.
CAPTCHA
Learn about CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart, and how it protects against automated attacks.
Certificate Authority (CA)
A Certificate Authority (CA) is a trusted entity that issues digital certificates to verify the identity of websites, individuals, and organizations on the internet.
Certificate Revocation (CRL, OCSP)
Certificate revocation is the process of invalidating digital certificates before their expiration date, using mechanisms like CRL and OCSP to maintain security in the PKI ecosystem.
Certificate Signing Request (CSR)
A Certificate Signing Request (CSR) is a file containing public key and identity information that is submitted to a Certificate Authority (CA) to obtain a digital certificate.
Certificate Transparency
Certificate Transparency is an open framework that monitors and audits digital certificates to prevent misissuance and enhance the security of the SSL/TLS ecosystem.
Clickjacking
Clickjacking is a web security vulnerability that tricks users into clicking on malicious elements disguised as legitimate content, enabling attackers to perform unauthorized actions on behalf of the user.
Content Security Policy (CSP)
A security layer that helps prevent cross-site scripting (XSS), data injection attacks, and other malicious content execution in web browsers.
Credential Stuffing
Cyberattack technique using stolen username and password pairs to gain unauthorized access to accounts.
Cross-Origin Embedder Policy (COEP)
HTTP security header that controls how documents can embed cross-origin resources to prevent security vulnerabilities.
Cross-Origin Opener Policy (COOP)
HTTP security header that controls how documents can interact with cross-origin windows to prevent security vulnerabilities.
Cross-Origin Resource Sharing (CORS)
Security mechanism that enables controlled access to resources located outside of a given domain, relaxing the Same-Origin Policy.
Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) is a web security vulnerability that tricks users into executing unwanted actions on a web application where they are authenticated, exploiting the trust a site has in a user browser.
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is a web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users, enabling data theft, session hijacking, and account compromise.
Deserialization Attack
Deserialization attacks exploit insecure deserialization of data to execute arbitrary code, access sensitive data, or compromise systems by manipulating serialized objects before they are deserialized.
Directory Traversal
Directory Traversal is a web security vulnerability that allows attackers to access files and directories outside the intended application directory, potentially exposing sensitive system files.
DNS Record
Database entries in the Domain Name System that define how domain names are translated and configured for various services.
DNS Spoofing / Cache Poisoning
A cyber attack where false DNS information is injected into cache, redirecting users to malicious websites instead of legitimate ones.
DNS Tunneling
A technique that encodes data within DNS queries and responses to bypass network security controls and exfiltrate data.
DNSSEC (DNS Security Extensions)
A suite of extensions to DNS that provides cryptographic authentication of DNS data, preventing spoofing and cache poisoning attacks.
DOM-Based XSS
DOM-Based XSS (Document Object Model Cross-Site Scripting) is a client-side vulnerability where malicious scripts execute due to unsafe manipulation of the DOM environment by JavaScript, without server-side reflection.
Domain Fronting
A technique that hides the true destination of internet traffic by routing it through legitimate, high-reputation domains to bypass censorship or surveillance.
Domain Hijacking
Unauthorized takeover of a domain name by changing its registration information, often through security vulnerabilities or social engineering.
Domain Name System (DNS)
The Domain Name System (DNS) is the hierarchical naming system that translates human-readable domain names into machine-readable IP addresses.
Expect-CT
HTTP header that enforces Certificate Transparency requirements to detect misissued SSL/TLS certificates.
Exploit Chain
An exploit chain combines multiple vulnerabilities to achieve a more significant compromise, often bypassing security controls and escalating privileges.
Extended Validation (EV) Certificate
An Extended Validation (EV) Certificate is a digital certificate that provides the highest level of identity verification and security assurance through rigorous validation processes.
Fast Flux DNS
A DNS technique used by cybercriminals to rapidly change IP addresses associated with malicious domains, making detection and takedown difficult.
FREAK (CVE-2015-0204)
FREAK is a security vulnerability that allows attackers to force RSA-based TLS connections to use weak export-grade encryption, enabling decryption of sensitive data.
Heartbleed (CVE-2014-0160)
Heartbleed is a critical security vulnerability in OpenSSL that allowed attackers to read sensitive memory contents, exposing private keys, passwords, and other confidential data.
HTTP/2
The second major version of the HTTP protocol that improves web performance through multiplexing, header compression, and server push.
HTTP Header Injection
HTTP Header Injection is a web security vulnerability that allows attackers to inject malicious headers into HTTP responses, enabling various attacks including XSS, session fixation, and cache poisoning.
HTTP Response Splitting
HTTP Response Splitting is a web security vulnerability that allows attackers to inject malicious data into HTTP responses, enabling cache poisoning, cross-site scripting (XSS), and other attacks by exploiting improper handling of CRLF sequences.
HTTP Strict Transport Security (HSTS)
A web security policy that enforces HTTPS connections, preventing protocol downgrade attacks and cookie hijacking.
HTTPS
Hypertext Transfer Protocol Secure (HTTPS) is the secure version of HTTP that uses SSL/TLS encryption to protect data transmitted between client and server.
Insecure Direct Object Reference (IDOR)
Insecure Direct Object Reference (IDOR) is a web security vulnerability that allows attackers to access unauthorized data by manipulating direct object references, bypassing access controls.
JSON Web Token (JWT) Attacks
JWT attacks exploit vulnerabilities in JSON Web Token implementation and validation to bypass authentication, escalate privileges, or access sensitive data by manipulating token signatures, payloads, or algorithms.
JWT (JSON Web Token)
Learn about JSON Web Tokens (JWT), the compact, URL-safe standard for securely transmitting information between parties as JSON objects.
Local File Inclusion (LFI)
Local File Inclusion (LFI) is a web security vulnerability that allows attackers to include files from the server filesystem, potentially leading to information disclosure, remote code execution, and complete system compromise.
Logjam (CVE-2015-4000)
Logjam is a security vulnerability that exploits weak Diffie-Hellman key exchange implementations, allowing attackers to downgrade TLS connections to 512-bit export-grade cryptography.
Man-in-the-Middle (MITM)
A cyberattack where an attacker secretly intercepts and potentially alters communications between two parties who believe they are directly communicating.
Memory Corruption (Buffer Overflow, Heap Overflow)
Memory corruption vulnerabilities occur when programs improperly access or manipulate memory, leading to crashes, data leaks, or arbitrary code execution.
ModSecurity
Open-source web application firewall engine for real-time HTTP traffic monitoring and filtering.
Multi-Factor Authentication (MFA)
Enhance security by requiring multiple verification methods to access accounts, protecting against unauthorized access and credential theft.
NoSQL Injection
NoSQL Injection is a security vulnerability that allows attackers to inject malicious NoSQL queries into database operations, bypassing authentication and extracting data.
OAuth 2.0
Understand the industry-standard protocol for authorization, enabling secure delegated access to resources without sharing credentials.
OAuth Misconfiguration
OAuth misconfiguration vulnerabilities allow attackers to bypass authentication, escalate privileges, or access sensitive user data by exploiting improper implementation of the OAuth 2.0 protocol.
OAuth Token Theft
Security threat involving the unauthorized acquisition and misuse of OAuth access tokens.
Open Redirect
Open Redirect is a web security vulnerability that allows attackers to redirect users to malicious websites, enabling phishing attacks, malware distribution, and credential theft by exploiting unvalidated redirect parameters.
OpenID Connect (OIDC)
Learn about the identity layer built on OAuth 2.0, enabling secure authentication and user profile sharing across applications.
OWASP Core Rule Set (CRS)
Open-source set of generic attack detection rules for web application firewalls.
Password Hashing (bcrypt, Argon2, PBKDF2)
Learn about secure password hashing techniques including bcrypt, Argon2, and PBKDF2 to protect user credentials from attacks.
Password Spraying
A cyberattack technique that tests common passwords against multiple accounts to avoid detection and gain unauthorized access.
Permissions-Policy (formerly Feature-Policy)
HTTP header that controls browser features and APIs available to a webpage to enhance security and privacy.
POODLE (CVE-2014-3566)
POODLE is a security vulnerability that exploits SSL 3.0 fallback mechanisms, allowing attackers to decrypt secure communications through man-in-the-middle attacks.
Privilege Escalation
Privilege escalation allows attackers to gain higher-level access than authorized, enabling unauthorized actions and system compromise.
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) is a framework of policies, technologies, and procedures that enables secure communication through public key cryptography and digital certificates.
Race Condition
Race conditions occur when multiple processes access shared resources simultaneously, leading to unexpected behavior, security vulnerabilities, and system instability.
Rate Limiting
Security mechanism that controls the number of requests a client can make to a server within a specific time window.
Referrer-Policy
HTTP header that controls how much referrer information is included with requests to enhance privacy and security.
Reflected XSS (Non-Persistent XSS)
Reflected XSS (Non-Persistent Cross-Site Scripting) is a web security vulnerability where malicious scripts are reflected immediately in a web application response, requiring user interaction to execute and enabling targeted attacks through social engineering.
Remote Code Execution (RCE)
Remote Code Execution (RCE) is a severe web security vulnerability that allows attackers to execute arbitrary code on a target system, potentially gaining full control over the affected server or application.
Remote File Inclusion (RFI)
Remote File Inclusion (RFI) is a critical web security vulnerability that allows attackers to include and execute malicious files from external servers, potentially leading to complete system compromise.
Replay Attack
A network attack where valid data transmissions are maliciously or fraudulently repeated or delayed to deceive systems or gain unauthorized access.
Reverse DNS Lookup
The process of determining the hostname associated with a given IP address, the opposite of a standard DNS lookup.
Role-Based Access Control (RBAC)
Access control model that assigns permissions to users based on their organizational roles.
Salt (Cryptography)
Learn about cryptographic salt - random data added to passwords before hashing to prevent attacks like rainbow tables and enhance security.
Same-Origin Policy (SOP)
Fundamental web security concept that prevents scripts from one origin from interacting with resources from another origin.
SAML (Security Assertion Markup Language)
Discover how SAML enables secure single sign-on (SSO) and identity federation across enterprise applications and organizations.
Second-Level Domain (SLD)
The unique name that identifies a specific website within a top-level domain (TLD), appearing directly before the TLD.
Self-Signed Certificate
A self-signed certificate is a digital certificate that is signed by its own creator rather than by a trusted Certificate Authority (CA), providing encryption but no third-party identity verification.
Server-Side Request Forgery (SSRF)
Server-Side Request Forgery (SSRF) is a web security vulnerability that allows an attacker to induce the server to make unauthorized requests to internal or external systems, potentially exposing sensitive data or enabling further attacks.
Server-Side Template Injection (SSTI)
Server-Side Template Injection (SSTI) is a web security vulnerability that allows attackers to inject malicious template code into server-side templates, enabling remote code execution, data theft, and server compromise by exploiting insecure template engine implementations.
Session Fixation
Session Fixation is a web security vulnerability where an attacker forces a user to use a known session ID, allowing the attacker to hijack the user session after authentication.
Session Hijacking
Session Hijacking is a web security attack where an attacker takes over a valid user session by stealing or predicting session tokens, gaining unauthorized access to the user account and sensitive data.
Session Management
Learn about secure session management techniques to protect user authentication and prevent session hijacking attacks.
Side-Channel Attack
A cyberattack that exploits physical implementation characteristics rather than software vulnerabilities to extract sensitive information.
Single Sign-On (SSO)
Authentication method allowing users to access multiple applications with a single set of credentials.
Small Language Models
Compact AI models that offer efficient performance for specific tasks with reduced computational requirements.
SQL Injection (SQLi)
SQL Injection is a web security vulnerability that allows attackers to interfere with database queries, enabling data theft, manipulation, or deletion.
SSL/TLS
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide secure communication over computer networks.
Stored XSS (Persistent XSS)
Stored XSS (Persistent Cross-Site Scripting) is a severe web security vulnerability where malicious scripts are permanently stored on a target server and served to users, enabling large-scale attacks without requiring user interaction.
Subdomain
A prefix added to a domain name to create separate sections or services within a website, appearing before the second-level domain.
Subresource Integrity (SRI)
Security feature that enables browsers to verify that fetched resources have not been tampered with.
Time-Based SQL Injection
Time-Based SQL Injection is a blind SQL injection technique that uses database time delays to extract information from databases when error messages are not available.
Top-Level Domain (TLD)
The highest level in the hierarchical Domain Name System (DNS), representing the last segment of a domain name.
Typosquatting
A form of cybersquatting that exploits common typing errors to register domain names similar to popular websites for malicious purposes.
Web Application Firewall (WAF)
Security solution that filters and monitors HTTP traffic between web applications and the internet.
WebSockets Security
Understanding the security risks and best practices for WebSockets, a protocol enabling real-time bidirectional communication between clients and servers.
WHOIS
A protocol and database system that provides information about domain name registrations, including ownership details and registration dates.
Wildcard Certificate
A wildcard certificate is a digital certificate that secures a domain and all its subdomains with a single certificate using the wildcard character (*).
X-Content-Type-Options
A security header that prevents browsers from MIME sniffing, reducing the risk of content-based attacks.
X-Frame-Options
A security header that prevents clickjacking attacks by controlling how a webpage can be embedded in frames.
X-XSS-Protection
HTTP header that enables browser-based XSS protection mechanisms to prevent cross-site scripting attacks.
X.509 Certificate
X.509 is a standard format for public key certificates used in SSL/TLS, code signing, and digital signatures to verify identity and establish secure communications.