Sign in
Schedule a demo

Glossary

A B C D E F G H I J K L M N OP Q R S T U V W X Y Z

A

An asset is any valuable IT element that could be a target for an attack: a server, a database, a user account, a cloud application… in short, anything that a hacker could compromise.

Notification generated by a security system when a suspicious or abnormal event is detected.

B

A Brute Force attack is an attempt to guess a password by testing thousands of combinations until the correct one is found. The simpler the password, the faster and more effective the attack.

BYOD allows employees to use their own personal devices (PCs, smartphones, tablets) to work. Practical, but risky, because without proper security controls, these devices can become gateways for cyber-attacks.

C

Digital asset attack surface management provides a clear, up-to-date view of all the potential entry points an attacker could exploit. This includes servers, applications, digital identities and anything else that could serve as an entry point for an attack.

Rather than waiting for an attack before reacting, CTEM is an approach that constantly assesses exposure to threats. The aim is to identify risks on an ongoing basis and adapt defenses in real time.

Cyber Threat Intelligence involves collecting, analyzing and exploiting information on cyber threats. The aim is to anticipate attacks and adapt defenses to avoid being caught off guard.

The CVSS is a vulnerability rating system that assesses the severity of a vulnerability on a scale of 0 to 10. The higher the score, the more critical the flaw and the faster it needs to be corrected.

The CWE is a database of the most common security weaknesses in software and systems. It enables developers and cybersecurity experts to identify and correct vulnerabilities right from the design stage.

D

A DDoS attack could be likened to a giant traffic jam that blocks a website. Thousands of infected devices send out a tsunami of requests to saturate a server and render it inaccessible.

The digital footprint is all the traces a company or individual leaves on the Internet, including sites visited, online accounts, data exposed… The larger the footprint, the greater the risk of information falling into the wrong hands.

Unique textual address used to identify a website on the Internet, serving as a readable alias for an IP address.

Digital risk protection services monitor external threats to an organization. These include protection against phishing, identity theft, data leakage and targeted attacks on social networks and the dark web.

E

EPSS is a system that predicts the likelihood of a vulnerability being exploited in the near future. Unlike CVSS, it measures not only the severity of the vulnerability, but also the actual risk of an attacker actively using it.

A publicly accessible IP address on the Internet that can be a target for cyberattacks.

F

As the name suggests, a false positive is a security alert that turns out to be unfounded. The detection tool reports a vulnerability, but after verification, it turns out that there is no real risk. Too many false positives can slow down teams and waste time.

G

H

A host is any device connected to a network (computer, server, router, etc.) and capable of sending or receiving data

I

As the name suggests, an attack hint is a signal that an intrusion attempt is underway. It enables suspicious behavior to be identified upstream, and action to be taken before a hacker actually compromises a system.

A hint of compromise is a telltale sign that a system has been hacked. It may be a suspicious IP address, a malicious file or abnormal network traffic. In other words, it’s a warning that an attack has already taken place.

An exposure indicator signals a vulnerability that could be exploited by an attacker. Unlike an IoC, which detects a past attack, the IoE helps identify what could go wrong before an incident even occurs.

J

K

This is the system developed by Apple for its macOS and iOS systems, enabling secure data to be synchronized between multiple Apple devices via iCloud, guaranteeing seamless access to passwords and other sensitive information.

L

Data leakage, often due to misconfiguration or security compromise

Recording of events and activities in a system or application to enable monitoring, analysis and incident detection.

M

Mapping consists in listing and analyzing the assets of a system or network (machines, services, connections) in order to identify potential entry points and vulnerabilities.

Enhanced multi-factor authentication (password, temporary code, fingerprint, etc.)

Real-time monitoring of computer system performance and security.

A Managed Service Provider (MSP) is an IT company that remotely administers and supervises its customers’ services on a subscription basis, providing a recurring revenue stream and easing the burden of IS management.

N

O

A set of disciplines involving the collection, validation, analysis and use of publicly accessible data.

P

This refers to all potential security flaws in a company, whether technical (servers, misconfigured applications) or human (weak passwords, phishing).

Phishing is the quintessential Internet scam: an attacker poses as a company or trusted individual (bank, IT department, etc.) to trick his victim into revealing passwords, banking information or other sensitive data.

A port scan is a method used to identify open ports on a system in order to detect listening services.

Q

Quishing (or QR code phishing) is a cybersecurity attack technique that exploits QR codes to lure victims into visiting malicious sites.

R

The initial phase of an attack, when an attacker gathers information about his target in order to identify potential vulnerabilities to exploit.

Refers to all actions taken to eradicate a threat, correct a vulnerability and prevent an attack from happening again.

An approach that identifies, assesses and mitigates potential threats to a system, network or organization, in order to minimize their impact.

S

Shadow IT refers to all IT applications and tools used within a company without the approval of the IT department. In other words, software, cloud services or equipment installed “in the shadows”, often for convenience… but which can pose serious security problems.

T

Attack surfaces fall into several categories:

  • Physical: all hardware, such as servers, terminals, or even an employee’s access badge.
  • Digital: all online assets, such as cloud applications, websites or databases.
  • Social / Human: the exploitation of human vulnerabilities through social engineering, phishing or other forms of manipulation to gain access.

U

V

An attack vector is the means used by a hacker to infiltrate a system. It can be a phishing e-mail, a software vulnerability, stolen access… anything that can be used to open a breach and infiltrate.

A Vulnerability Disclosure Program (VDP) is a policy that enables cybersecurity researchers to report security flaws to a company in a regulated manner. The aim is to encourage the reporting of information without legal risk, to correct vulnerabilities before they are exploited by attackers.

W

Firewall protecting web applications against attacks by filtering and monitoring HTTP/HTTPS traffic.

List of entities authorized to access a system or network, as opposed to “blacklisting”.

X

Y

Z

A zero-day flaw is a vulnerability unknown to software publishers and for which no patch is yet available.

Zero Trust is a security model based on a simple principle: never trust, always verify. Unlike previous systems, where everything “inside” the network was considered trustworthy, here every user, device or application must prove its identity before gaining access.