Cyber Glossary

Access Point
Advanced Persistent Threat
Algorithm
API Security
Application Security
Asymmetric Encryption
Authentication
Authorisation

Backdoor
Banner Grabbing
Base64 Encoding
Black Box Penetration Testing
Black Hat
Blue Team
Botnet
Bring Your Own Device
Broken Access Control
Broken Authentication
Brute Force Attack
Buffer Overflow
Business Continuity Management
Business Continuity Planning
Business Logic Vulnerabilities

Ciphertext
Clickjacking
Cloud Computing
Cloud Security
Code Obfuscation
Command Injection
Content Security Policy
CrackMapExec
Credential Stuffing
Cross-Site Request Forgery
Cross-Site Scripting
Cryptographic Failures
Cryptographic Hash Function
Cryptography
Cyber Espionage
Cyber Hygiene
Cyber Kill Chain
Cyber Risk
Cyber Security Architecture
Cyber Security Framework
Cyber Security Policy
Cyber Threat Intelligence
Cyber Warfare
Cybercrime

Dark Web
Data Breach
Defence in Depth
Demilitarized Zone
Denial of Service
DevSecOps
Digital Forensics
Directory Traversal
Digital Signature
Distributed Denial of Service
DNS Spoofing
Dynamic Analysis
Dynamic Application Security Testing

Encryption
Endpoint Security
EternalBlue
Exploit

Firewall
Footprinting
Fuzzing

Golden Ticket
Grey Box Penetration Testing
Grey Hat

Hash
Honeypot
HTTP Basic Authentication
HTTP Security Headers

Identity and Access Management
Incident Response
Indicator of Compromise
Injection Attack
Injection Flaws
Insecure Deserialization
Insecure Design
Insider Threat
Insufficient Logging and Monitoring
Intrusion Detection System
Intrusion Prevention System
IP Spoofing

JSON Web Token

Kerberoasting
Kerberos
Key Distribution Center
Keylogger

Least Privilege
Local File Inclusion

Malware
Man in the Middle Attack (MITM)
Mobile Device Management
Morris Worm
Multi-Factor Authentication (MFA)

Network Security
NotPetya
NTLM Authentication

One-Time Password
Open Redirect
OWASP Top Ten

Packet Sniffing
Password Spraying
Patch
Path Manipulation
Penetration Testing as a Service
Penetration Testing
Phishing
Port Scanning
Privacy
Privilege Escalation
Proxy Server
Pseudorandom Number Generator
Public Key Infrastructure
Purple Teaming

Random Number Generator
Reconnaissance
Ransomware
Replay Attack
Risk Assessment
Rootkit

Sandboxing
Security Audit
Security Awareness Training
Security Information and Event Management
Security Logging and Monitoring Failures
Security Misconfiguration
Security Patch
Security Policy
Security Token
Sensitive Data Exposure
Server-Side Request Forgery
Session Cookie
Session Hijacking
Session Management
Session Tokens
Single Factor Authentication
Social Engineering
Software and Data Integrity Failures
Spear Phishing
Spyware
SQL Injection
SQL Injection
SQLMAP
SSL Certificate Pinning
Static Application Security Testing
Static Code Analysis
Supply Chain Attack

Threat Actor
Threat Intelligence
Threat Modelling
TLS (Transport Layer Security)
Trojan
Two-Factor Authentication (2FA)

Virus
Virtual Private Network
Vulnerability
Vulnerable and Outdated Components

WannaCry
Watering Hole Attack
Web Server
White Box Penetration Testing
White Hat
Worm

XML External Entities

Zero Day Exploit
Zero Trust