Access Control
Security techniques that regulate who or what can view or use resources in a computing environment.
Glossary
Access a comprehensive list of cybersecurity and darknet terms used across DarkScout workflows.
Filter:
Key Cybersecurity Terms
Advanced Persistent Threat (APT)
A prolonged and targeted cyberattack where an intruder gains undetected access to a network to steal data.
Attack Surface
The total sum of vulnerabilities and entry points that a threat actor could exploit to gain unauthorized access.
Antivirus Software
A program designed to detect, prevent, and remove malware from a computer or network.
Authentication
The process of verifying the identity of a user, device, or system (e.g., via passwords or biometrics).
Asset Management
The practice of tracking and managing an organization's devices, software, and data to ensure security visibility.
Backdoor
A hidden method for bypassing normal authentication controls to gain unauthorized remote access to a system.
Blue Team
A security team responsible for defending the organization's network against internal and external threats.
Botnet
A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.
Breach
A security incident that results in unauthorized access to data, applications, services, or devices.
Brute Force Attack
A trial-and-error method used to guess login credentials or encryption keys.
Bug Bounty
A reward program offered by organizations to individuals who report security exploits and vulnerabilities.
C2 (Command and Control)
A server controlled by an attacker to send commands to systems compromised by malware.
CIA Triad
The three pillars of information security: Confidentiality, Integrity, and Availability.
Credential Stuffing
An attack where stolen username/password pairs are automatically entered into other websites to gain access.
Cryptography
The practice of securing information by transforming it into an unreadable format.
CVE (Common Vulnerabilities and Exposures)
A public glossary of known cybersecurity vulnerabilities, each assigned a unique identification number.
Cyber Hygiene
Routine practices (like patching and password changes) that maintain the health and security of users and devices.
Dark Web
Encrypted overlay networks that use the internet but require specific software (like Tor) for access.
Data Loss Prevention (DLP)
Strategies and tools used to ensure sensitive data is not lost, misused, or accessed by unauthorized users.
DDoS (Distributed Denial of Service)
An attack that attempts to disrupt traffic to a server or network by overwhelming it with a flood of internet traffic.
Deep Web
Parts of the World Wide Web whose contents are not indexed by standard web search-engines.
Defense in Depth
Using multiple layers of security controls (defense) to protect information technology assets.
Digital Footprint
The trail of data you create while using the internet, including emails, social media, and browsing history.
Encryption
The conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people.
Endpoint Security
The process of securing the various endpoints (laptops, mobiles, IoT) that connect to a network.
EDR (Endpoint Detection and Response)
Tools designed to detect and remove malware or other malicious activities on end-user devices.
Exploit
Code or a technique that takes advantage of a software vulnerability or security flaw.
Exfiltration
The unauthorized transfer of data from a computer or other device.
False Positive
A security alert that incorrectly indicates a vulnerability or threat exists.
Firewall
A network security device that monitors and filters incoming and outgoing network traffic based on security rules.
Fileless Malware
Malicious software that exists exclusively in computer memory (RAM) rather than on the hard drive.
Forensics
The investigation and analysis of evidence from digital devices related to computer crime.
Fuzzing
A testing technique that inputs invalid or random data to a system to find coding errors and security loopholes.
Gateway
A network point that acts as an entrance to another network, often hosting security checkpoints.
GDPR
General Data Protection Regulation; a legal framework that sets guidelines for the collection and processing of personal info.
Gray Hat
A hacker who may violate laws or ethical standards but does not have the malicious intent typical of a black hat hacker.
Gap Analysis
A comparison of actual performance with potential or desired performance, often used in security compliance.
Hacking
The act of identifying and exploiting weaknesses in a computer system or network.
Hash
A fixed-size string of text generated from a file; used to verify data integrity and identify malware signatures.
Honeypot
A decoy system designed to attract cyberattackers to detect, deflect, or study hacking attempts.
HTTPS
Hypertext Transfer Protocol Secure; the secure version of HTTP, where traffic is encrypted.
Hardening
The process of securing a system by reducing its vulnerability surface (e.g., removing unnecessary software).
Identity and Access Management (IAM)
A framework of policies and technologies for ensuring that the right users have the appropriate access to technology resources.
Incident Response (IR)
The organized approach to addressing and managing the aftermath of a security breach or cyberattack.
Indicator of Compromise (IoC)
Artifacts observed on a network or in an operating system that indicate a computer intrusion with high confidence.
Insider Threat
A security risk that originates from within the targeted organization, such as an employee or contractor.
IPS (Intrusion Prevention System)
A network security tool that continuously monitors network traffic for malicious activity and takes action to prevent it.
Jailbreaking
The process of removing software restrictions imposed by the manufacturer (common in mobile devices), which can introduce security risks.
Jump Box
A secure computer that administrators connect to before accessing other sensitive servers, acting as a bridge.
JWT (JSON Web Token)
A standard method for securely representing claims between two parties, often used for authentication in web apps.
Jacking (Clickjacking)
A malicious technique of tricking a user into clicking on something different from what the user perceives.
Keylogger
Malicious software that records every keystroke made by a user to steal passwords and sensitive data.
Kill Chain
A model that describes the stages of a cyberattack, enabling defenders to stop the attack at various points.
Kerberos
A network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity.
Known Vulnerability
A security flaw that has been documented and for which a patch or mitigation typically exists.
Lateral Movement
Techniques used by attackers to move deeper into a network from an initial entry point to search for sensitive data.
Least Privilege
The principle that users should only be granted the minimum levels of access needed to perform their job functions.
Log Management
The collective processes and policies used to administer and facilitate the generation, transmission, and analysis of audit logs.
Logic Bomb
A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Look-alike Domain
A domain name that closely resembles a legitimate domain, often used in phishing attacks (Typosquatting).
Malware
Short for malicious software; software designed to disrupt, damage, or gain unauthorized access to a computer system.
MFA (Multi-Factor Authentication)
An authentication method that requires the user to provide two or more verification factors to gain access.
MitM (Man-in-the-Middle)
An attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are communicating directly.
Micro-segmentation
A security technique that enables fine-grained security policies to be assigned to data center applications.
Metadata
Data that describes other data; in security, it can be used to track communications without reading the content.
Network Segmentation
Dividing a computer network into smaller parts to improve performance and security by limiting the spread of attacks.
NIST Framework
A set of guidelines and best practices for managing cybersecurity risk, developed by the National Institute of Standards and Technology.
Non-repudiation
Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender's identity.
Next-Generation Firewall (NGFW)
A firewall that adds application-level inspection and intrusion prevention to traditional port-based blocking.
OSINT (Open Source Intelligence)
Data collected from publicly available sources to be used in an intelligence context.
OWASP
The Open Web Application Security Project; a foundation that works to improve the security of software.
Obfuscation
The practice of making code difficult for humans to understand to conceal its purpose or logic (often used by malware authors).
Operational Security (OpSec)
A process that identifies critical information to determine if friendly actions can be observed by enemy intelligence.
Phishing
A cybercrime in which a target is contacted by email, telephone, or text message by someone posing as a legitimate institution.
Penetration Testing (Pen Test)
A simulated cyberattack against your computer system to check for exploitable vulnerabilities.
Patch Management
The process of distributing and applying updates to software to correct errors (bugs) or security vulnerabilities.
PII (Personally Identifiable Information)
Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred.
Payload
The part of the malware code that executes the malicious action, such as destroying data or stealing passwords.
Quarantine
The isolation of a file or device suspected of being infected with malware to prevent the spread of infection.
Qishing (QR Phishing)
A social engineering attack that uses malicious QR codes to direct victims to fraudulent websites.
Quantum Cryptography
Using physics principles to create secure communication channels that are theoretically unhackable.
Quality Assurance (QA)
In security, ensuring that software is free of vulnerabilities before it is deployed to production.
Ransomware
Malware that employs encryption to hold a victim's information at ransom.
Red Team
A group of ethical hackers that simulates real-world attacks to test an organization's detection and response capabilities.
Rootkit
A collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed.
Risk Assessment
The process of identifying, estimating, and prioritizing information security risks.
Remote Code Execution (RCE)
A vulnerability that allows an attacker to run arbitrary code on a machine from a remote location.
SOC (Security Operations Center)
A centralized unit that deals with security issues on an organizational and technical level.
SIEM
Security Information and Event Management; software that provides real-time analysis of security alerts generated by applications and hardware.
Social Engineering
The psychological manipulation of people into performing actions or divulging confidential information.
Shadow IT
Information technology systems built and used within organizations without explicit approval from the IT department.
SQL Injection
A code injection technique used to attack data-driven applications by inserting malicious SQL statements.
Sandbox
An isolated environment used to run and test suspicious programs without risking the host machine.
Threat Intelligence
Evidence-based knowledge about existing or emerging menaces or hazards to assets.
Trojan Horse
A type of malware that is often disguised as legitimate software.
Two-Factor Authentication (2FA)
A subset of Multi-Factor Authentication that requires exactly two different forms of identification.
Threat Hunting
The practice of proactively searching for cyber threats that are lurking undetected in a network.
Traffic Analysis
The process of intercepting and examining messages in order to deduce information from patterns in communication.
Unpatched Vulnerability
A security flaw in a software program or system that has not yet been fixed by the vendor or administrator.
User Behavior Analytics (UBA)
The tracking, collecting, and assessing of user data and activities using monitoring systems to detect insider threats.
URL Filtering
A security feature that prevents users from accessing websites known to be malicious.
Unauthorized Access
When a person gains access to a computer, network, file, or other resource without permission.
Vulnerability
A weakness which can be exploited by a threat actor, such as an attacker, to perform unauthorized actions.
VPN (Virtual Private Network)
A service that protects your internet connection and privacy online by creating an encrypted tunnel for your data.
Virus
A type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another.
Vishing
Voice phishing; the criminal practice of using social engineering over the telephone system to gain access to private personal and financial information.
Vendor Risk Management
The process of managing the risks associated with third-party vendors and suppliers.
WAF (Web Application Firewall)
A firewall that filters, monitors, and blocks HTTP traffic to and from a web application.
Whitelist
A list of entities (users, IP addresses, applications) that are granted access or privileges, while all others are blocked.
Worm
A standalone malware computer program that replicates itself in order to spread to other computers.
War Driving
The act of searching for Wi-Fi wireless networks, usually from a moving vehicle, using a laptop or smartphone.
Weakness
Errors in software, hardware, or processes that can lead to vulnerabilities.
XSS (Cross-Site Scripting)
A vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
XDR (Extended Detection and Response)
A security tool that integrates data from multiple security products into a centralized system for threat detection.
X.509
A standard defining the format of public key certificates, used widely in TLS/SSL web security.
XOR Encryption
A simple encryption method often used by malware authors to obfuscate data or code.
YARA Rules
A tool used to identify and classify malware samples based on textual or binary patterns.
Yellow Team
Builders and software architects who are responsible for designing and developing secure systems (the "Builders").
YubiKey
A hardware authentication device that protects access to computers, networks, and online services (Hardware Token).
YAML Security
Ensuring configuration files (YAML) used in cloud infrastructure are free from misconfigurations that could lead to breaches.
Zero Day
A vulnerability in a system or device that has been disclosed but is not yet patched.
Zero Trust
A security model based on the principle of maintaining strict access controls and not trusting anyone by default.
Zombie
A computer connected to the internet that has been compromised by a hacker, computer virus, or trojan horse.
Zone Transfer
A DNS mechanism for replicating DNS databases, which, if misconfigured, can allow attackers to map the internal network.
Zero Knowledge Proof
A cryptographic method where one party can prove to another that they know a value without conveying any information apart from the fact that they know the value.
No terms found matching your search.
