GLOSSARY
-
Account Takeover (ATO)
An account takeover (ATO) is a form of cyberattack in which an attacker takes control of another person’s account without authorization. This can be achieved through various methods, s … -
Anycast
Anycast is a routing scheme in which a single IP address is applied to several geographically distributed servers. Data packets sent to this IP address reach the nearest or most suitable ser … -
API
An API (Application Programming Interface) is a programming interface that enables software applications to communicate and exchange data with each other. APIs define a set of rules and prot … -
API Attack
An API attack refers to any hostile or attempted hostile usage of an API (Application Programming Interface). Attackers exploit vulnerabilities in API endpoints to gain unauthorized access, … -
API Gateway
An API gateway is an interface between clients (such as web or mobile applications) and backend microservices. It acts as the single point of contact for clients, receiving their API calls a … -
API Security
API security refers to the measures and techniques implemented to protect APIs (Application Programming Interfaces) from malicious attacks, misuse, and other security threats. This includes … -
Application Layer DDoS attack
An application layer DDoS attack is a type of distributed denial of service (DDoS) attack that aims to disrupt the services of a web application or server by overloading the application laye … -
ARP (Address Resolution Protocol)
The Address Resolution Protocol (ARP) is a network protocol that allows IP addresses to be mapped onto corresponding physical MAC addresses. In local area networks (LANs), ARP helps translat … -
Artificial Intelligence (AI)
Artificial intelligence (AI) refers to the field of computer science that deals with the creation of machines or software capable of performing tasks that typically require human intelligenc … -
Artificial Intelligence (AI) for DDoS Mitigation
Why Automation and AI are Critical in DDoS Mitigation In recent years, the volume and severity of Distributed Denial of Service (DDoS) attacks have risen exponentially. The potential busines … -
Artificial intelligence: a game changer in cyber security
While the digital landscape has always been subject to change, the rapid shifts of the last few years have made this more obvious than ever. Cyberattacks are becoming increasingly sophistica … -
Attack vector
In IT security, an attack vector refers to a method or path used by an attacker to gain unauthorized access to a computer system or network. The aim of such an attack can be to steal sensiti … -
Auto Scaling
Auto Scaling is the automatic increase or decrease of computational resources that are available for assignment to workloads. Auto Scaling is closely associated with load balancing. Strict … -
Backbone
A backbone on the Internet refers to the central network of high-speed connections and routers that connect the various parts of the Internet. Metaphorically speaking, it is the the “b … -
Bad Bots
How To Protect Your Business Website from Bad Bots Every organization understands the threat posed by DDoS attacks. It is 2020, after all. DDoS flooding attacks against big name brands have … -
BAIT (Banking supervisory requirements for IT)
The Banking Supervision Requirements for IT (BAIT) were developed by the German Federal Financial Supervisory Authority (BaFin) to ensure that information technology in banks and other finan … -
BGP (Border Gateway Protocol)
The Border Gateway Protocol (BGP) is the standard routing protocol used to route data packets on the Internet. It enables Internet Service Providers (ISPs) and other large networks to commun … -
Big Data
Big data refers to extremely large and diverse collections of structured, unstructured and semi-structured data that are growing continuously and exponentially. These data volumes are so ext … -
Blockchain
Blockchain is a distributed database or ledger technology that provides a secure and immutable record of transactions. Each record or “block” of information is cryptographically … -
Bot Management
What is Bot Management (and What Does it Do?) In recent years, organizations worldwide and across all industries have been forced to develop and maintain increasingly tight controls to prote … -
Bot Mitigation
Bot mitigation is a vital part of securing web assets like websites, applications, and APIs against threat actors. Hostile bots wage a variety of attacks, from data scraping and account ta … -
Bot Traffic
Bot Traffic: What You Need to Know Over the last few years, bot traffic has become a massive headache for organizations across all industries. While bots themselves are nothing new, bot traf … -
Bot Website-Blocking
How and Why You Should Block Bots on Your Business Website When you think about cyberattacks, you probably imagine a hooded hacker sitting in a darkened room and typing furiously on their ke … -
Brute force attack
In the field of IT security, a brute force attack means cracking a password using trial and error. Although it can involve some level of calculation, it basically consists of trying thousand … -
BSI – Federal Office for Information Security
The Federal Office for Information Security (BSI) is a German federal authority responsible for security in information technology. It was founded in 1991 in response to the growing importan … -
Business Continuity Management (BCM)
… -
Captcha
What is Captcha and how does it work? CAPTCHA is a popular security mechanism that is often used to protect against spam on websites. Almost everyone has had to deal with such verification. … -
Carpet Bombing
In IT, the term Carpet Bombing refers to an overload attack (DDoS) in which an enormous number of small requests overload a system. The problem: Due to the small requests, usual protection m … -
CISO (Chief Information Security Officer)
A CISO (Chief Information Security Officer) is responsible for the development and implementation of an information security strategy within an organization. The main role of a CISO is to pr … -
Client Fingerprinting
Have you heard of client fingerprinting? As privacy and security become increasingly important, it is crucial to understand the different techniques used to identify and track users on the I … -
Climate neutrality
As the digital transformation progresses and awareness of environmental issues grows, companies, governments and private individuals are focusing on climate neutrality. The concept of climat … -
Cloud Act
The Cloud Act, short for “Clarifying Lawful Overseas Use of Data Act”, is a US law that was passed in March 2018. It regulates the access of US authorities to data stored by elec … -
Cloud Computing
Cloud computing refers to a technology in which various IT services are provided and used via the Internet, for example, storage space, computing power, and software. Instead of operating th … -
Cloud Security
The increasing shift of IT infrastructure to the cloud requires a special focus on security measures. Cloud security refers to strategies, technologies and processes that aim to protect data … -
CNAPP
A CNAPP (cloud-native application protection platform) is a comprehensive security solution designed specifically to protect cloud-native applications. The term was coined by Gartner to addr … -
Content Delivery Network (CDN)
What is a CDN and How Does it Work? In recent years, there’s been plenty of hype surrounding CDNs. Once the exclusive domain of huge digital service providers like Facebook, Google, and Ne … -
Content Security Policy (CSP)
A Content Security Policy (CSP) is a security measure used to protect web applications from various types of attacks, in particular cross-site scripting (XSS) and data injections. A CSP allo … -
Credential Stuffing
Cyber attacks have become an omnipresent threat in the age of the Internet and digital identities. One method gaining popularity and poses significant risks for online users is so-called  … -
Cross-site scripting (XSS)
Cross-site scripting (XSS) describes a security vulnerability that occurs in web applications when an attacker successfully inserts malicious code (usually in the form of scripts) into web p … -
Crypto Mining
Crypto mining, also known as cryptic mining or cryptocurrency mining, is the process of validating and adding new transactions to a blockchain network and generating new units of a cryptocur … -
Cryptography
Cryptography refers to the science and practice of encrypting and decrypting information. The goal of cryptography is to encrypt data using various methods and techniques so that it is prote … -
Cyberattack
A cyberattack is a targeted attempt to penetrate computer systems, networks, or digital devices with the intention of stealing, damaging, manipulating, or compromising data. These attacks ar … -
Cybersecurity
What does Cyber Security mean? By definition, cyber security refers to all measures required to protect the digital layers of a company. This includes computers, mobile devices, servers, oth … -
Data Loss Prevention (DLP)
In today’s digital landscape, where data is the lifeblood of every organization, protecting that data is of the utmost importance. To tackle this effectively, data loss prevention (DLP … -
DDoS attack
What is a DDoS Attack? A DDoS (Distributed Denial of Service) attack attempts to overwhelm an Internet-connected asset with the aim of making it unavailable to legitimate users. It does this … -
DDoS Attack on Municipal Web Infrastructure Successfully Mitigated
… -
DDoS Protection and Hosting & Data Center Providers: A Comprehensive Overview
A hosting provider offers services that enable individuals and businesses to host websites and applications on the Internet. These companies provide the infrastructure and technical resource … -
Deep Learning
Deep learning is a subfield of machine learning and thus also of artificial intelligence (AI). It involves the use of artificial neural networks that are designed to process information in a … -
DevOps
The word “DevOps” is a combination of “development” and “operations.” However, the word has a broader meaning than just a combination of these two concepts. What is DevOps? DevOp … -
DevSecOps
DevSecOps (stands for Development, Security and Operations) is the addition of security to DevOps. It is an overall process to ensure that security is “baked in” to the entire software d … -
Disaster Recovery
Disaster recovery (DR) describes the ability of a company to get back to working order after a serious incident. Above all, this includes restoring access to IT systems and continuing busine … -
DNS amplification attack
A DNS amplification attack is a type of Distributed Denial of Service (DDoS) attack in which an attacker exploits vulnerabilities in the Domain Name System (DNS) to amplify traffic and flood … -
DNS amplification attacks
What are DNS Amplification Attacks? DNS amplification attacks are a version of distributed denial-of-service attacks (also known as DDoS). These DNS amplification attacks use DNS servers as … -
DNS Cache Poisoning
DNS cache poisoning, also known as DNS spoofing, is a form of cyberattack in which an attacker injects data into the DNS resolver cache to trick the resolver into returning a false IP addres … -
DNS flood attack
A DNS flood attack is a form of Distributed Denial-of-Service (DDoS) attack that targets the Domain Name System (DNS). It works by flooding a DNS server with an extremely high number of quer … -
DNS Server
A DNS server (Domain Name System server) is an important part of the Internet that serves to convert human-friendly domain names into the corresponding IP addresses used by computers and net … -
DNS Tunneling
DNS tunneling is a technique that abuses the Domain Name System (DNS) to transfer data via DNS queries and responses. It is often used by attackers to sneak network traffic past firewalls or … -
Domain
A domain, also known as a domain name in the context of the Internet, is a unique address that is used to identify a website. It allows users to easily find and access a website without havi … -
DORA – Digital Operational Resilience Act
The Digital Operational Resilience Act (DORA) is a European Union regulation aimed at strengthening the security and resilience of information and communication technology in the financial s … -
DoS, DDoS and RDoS
DoS, DDoS und RDoS – What is the difference? The three terms DDoS, DoS and RDoS look very similar at first glance and also have many things in common, but despite all this they should be e … -
Doxing
“Doxing” (also spelled “doxxing”) is the practice of collecting personal and private information about an individual without their consent and publishing it on the In … -
Edge Computing
Edge computing is a computing paradigm that aims to bring data processing as close as possible to the source of data generation (i.e., the “edge” of the network). This approach a … -
Failover
Failover is a key technology for minimizing these risks and ensuring business continuity. In our technology-driven world, the constant availability of systems and services is crucial. Outage … -
False Negative Alarm
In web application security, an ideal security system would correctly evaluate all incoming traffic. All legitimate traffic would be allowed, and all hostile traffic would be blocked. Unfo … -
False Positive Alarm
The primary purpose of a web security solution is to detect potential threats, block them automatically, and notify administrators. However, no security system is flawless, and false alarms … -
GDPR Compliance
GDPR compliance refers to a set of regulations called the General Data Protection Regulation (GDPR), which is used in the European Union (EU). The GDPR is a comprehensive data protection law … -
Geo-blocking
Geo-blocking is a technique used to restrict access to Internet content based on a user’s geographical location. This restriction is made possible by recognizing the user’s IP addres … -
GRE Tunneling
GRE (Generic Routing Encapsulation) Tunneling is a network protocol developed by Cisco that transfers data packets between two networks over a public or private connection. It is used to cre … -
Hacker
A hacker is a person with in-depth knowledge of computer technology. Their skills enable them to understand systems and find security breaches, a process known as hacking. When the term is u … -
Honeypot
A honeypot is a security measure used to detect, analyze, and defend against cyberattacks. It is a deliberately vulnerable system or software that is meant to appear attractive to attackers. … -
HTTP 400 error
HTTP status codes are used for communication between web servers and clients to provide information about the status of a request. A HTTP 400 error: Bad Request is an HTTP status code that o … -
HTTP 403 error
The display of an HTTP 403 error informs the user that there was an error with a website request. If your web browser displays a 403: Forbidden code instead of the desired website, something … -
HTTP 404 error
One of the most common errors encountered on the Internet is the HTTP 404 error code. It indicates that the desired page or requested file is no longer available. If you make a request in yo … -
HTTP 500 error
The display of an HTTP 500 error is not uncommon when surfing the Internet. Many error codes, such as the HTTP 404 error, signal a clear problem and are therefore easy to fix. However, it is … -
HTTP 504 error
The HTTP 504 error is a common phenomenon in the online world, not only for website visitors but website operators too. While the error message itself is very well known, the causes are not … -
HTTP and HTTPs
HTTP and HTTPS: What is the difference? The HTTP and HTTPS protocols are important for communication on the Internet and are therefore terms often encountered while browsing the net. But wha … -
HTTP Cookie
An HTTP cookie, often simply referred to as a cookie, is a small text file created by a website that is stored on the user’s computer. It contains information, including settings or da … -
HTTP Flood DDoS attack
Web applications are a central part of business operations for organizations of all sizes. The availability of these applications is therefore crucial, but their ubiquity also means they are … -
Hybrid Cloud
A hybrid cloud is a cloud computing model that combines both private and public cloud environments. This model enables the orchestration, management, and use of IT resources across different … -
IDP (Identity Provider)
An identity provider (IDP) is a service or platform that manages and verifies digital identities. IDPs authenticate users by verifying their credentials and then issue authentication tokens … -
Immutable Infrastructure
As the name implies, “Immutable Infrastructure” refers to IT infrastructure that does not change. When an organization uses II, it sets up infrastructure parts like servers and Docker co … -
Information Security Management System (ISMS)
An Information Security Management System (ISMS) is a systematic approach to managing and protecting sensitive information within an organization. Its purpose is to ensure the confidentialit … -
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is the provisioning and management of computing infrastructure from machine-readable definition files. IaC not only includes traditional infrastructure such as s … -
Infrastructure-as-a-Service (IaaS)
Infrastructure as a Service (IaaS) is a cloud computing model that provides basic IT infrastructure resources via the internet. IaaS enables companies to rent computing power, storage space, … -
Internet of Things
The Internet of Things (IoT) is a term used to describe the networking of Internet-enabled, intelligent devices. These devices communicate with each other to automate processes and measure, … -
Intrusion Detection System (IDS)
An intrusion detection system (IDS) is a security mechanism that monitors and analyzes a network or system activity to detect suspicious behavior or unauthorized access. The main objective o … -
Inventory Hoarding
Inventory hoarding, also known as inventory denial, is a critical threat faced by web applications, particularly those offering online purchases or reservations. This attack involves hostile … -
IP address
An IP address (Internet Protocol Address) is a unique numeric identifier assigned to each device or machine on a computer network. This address is used to identify devices that use the Inter … -
IP fragmentation attacks
IP fragmentation attacks – how do they work? To understand IP fragmentation attacks, it is important to understand IP fragmentation first. IP communication is used to exchange data packets … -
IP Routing
IP routing is an essential process in computer networks. In short, it is the method by which networks route data packets from a source to their destination within an IP network. It is critic … -
ISO 27001 Certification
The ISO 27001 certification is an international standard for information security management systems (ISMS). It was developed by the International Organization for Standardization (ISO) in c … -
IT baseline protection
IT baseline protection is a framework developed in accordance with BSI specifications (German Federal Office for Information Security). Its purpose is to help organizations achieve an approp … -
IT Compliance
Compliance in IT is a fairly complex subject. It refers to the observance of legal, regulatory and industry-specific rules and regulations that affect the handling of information, data, syst … -
IT Infrastructure
An IT infrastructure refers to the entirety of hardware, software, network components, operating systems, and data storage required to provide and manage IT and telecommunications services i … -
Load Balancing
Load balancing is a technique that aims to distribute the workload evenly among multiple resources such as servers, processors or network connections. The main goal is to use the available r … -
Machine Learning
Machine learning is a subfield of artificial intelligence (AI) that deals with the development of algorithms and models. These enable computers to learn from experience and perform tasks wit … -
Man-in-the-middle attack
A man-in-the-middle attack (MitM) is a type of cyberattack in which the attacker secretly takes over or intercepts communications between two parties without the parties involved realizing. … -
MaRisk – Minimum requirements for risk management
The Minimum Requirements for Risk Management (MaRisk) is a regulatory requirement issued by the German Federal Financial Supervisory Authority (BaFin). These regulations apply to banks, fina … -
MTLS (Mutual TLS)
Mutual TLS (mTLS) is an extension of the TLS protocol that enables mutual authentication between a client and a server. In a typical TLS connection, only the server confirms its identity to … -
Multi-factor authentication (MFA)
Multi-factor authentication (MFA) is a security measure that requires users to provide two or more pieces of evidence (factors) to confirm their identity before gaining access to an online a … -
Negative Security Model
Cybersecurity is a complex field that requires constant attention; keeping current on a myriad of evolving attack types, selecting and adopting constantly-changing technology, and so on. The … -
Network Port
A network port is a virtual point in a computer network where network connections begin and end. It is a software-based construct that is managed by an operating system to uniquely identify … -
NIS-2 Directive
The NIS-2 Directive is a revised version of the European Union’s Network and Information Security Directive (NIS Directive). It was introduced to strengthen the existing cybersecurity … -
NTP (Network Time Protocol)
… -
NTP amplification attack
An NTP amplification attack is a form of distributed denial of service (DDoS) attack that uses the Network Time Protocol (NTP) to multiply data. The attacker sends fake requests to unprotect … -
Open Source
The term “open source” refers to software or technology where the source code is freely available to the public and can be collaboratively edited, improved, and shared by a commu … -
Original – Virtual Private Network (VPN)
VPN stands for Virtual Private Network. It is a technology that establishes a secure and encrypted connection to a private network via a public network. It is, therefore, as if the user were … -
OSI Model
On the web today, information can be transmitted to the other side of the globe in a few milliseconds. Most users do not understand how this works, nor do they need to do so. However, some p … -
OSI Model – Network Layer
What is a Network Layer? (OSI Model Explained) In the cybersecurity world, threats are often described as targeting a specific layer. But what does that actually mean? The idea of OSI layers … -
OWASP Top 10
OWASP stands for “Open Web Application Security Project” and is a global non-profit organization focused on improving web application security. OWASP aims to create awareness for … -
Patch
A patch is a software update or small program designed to fix errors (also called “bugs”) in a software application or operating system. Patches are also used to add new features … -
Pentest
Pentest: How does it work? In the field of IT security, a penetration test, or pentest for short, is a desired, commissioned test for vulnerabilities in IT infrastructure. As such, it is the … -
Phishing
What is Phishing? Phishing is a cyberattack in which fraudsters use fake communications, such as e-mails, text messages, or websites, to steal personal information from bona fide users. The … -
Ping (ICMP) flood DDoS attack
A Ping flood DDoS attack, also known as an “ICMP flood attack”, is a form of denial of service (DoS) attack in which an attacker attempts to overload a target system by sending a … -
Platform-as-a-Service (PaaS)
Platform-as-a-Service (PaaS) is a cloud computing model that provides a platform on which developers can develop, run, and manage applications without having to worry about the underlying in … -
Positive Security Model
What is the best approach to web application security? For many years, the negative security model was the basis of all Web Apllication Firewalls (WAF). Today, this is being supplanted b … -
Privacy Shield
The Privacy Shield, also known as the EU-US Privacy Shield or EU-US Privacy Shield Framework, was an agreement between the European Union (EU) and the United States (US). It was designed to … -
Private Cloud
A private cloud is a type of cloud computing infrastructure that is used exclusively by a single company or organization. It is hosted either internally (on-premises) or by a third-party pro … -
Proxy
A proxy is a server that acts as an intermediary between an end device, such as a computer, and the Internet. When a device establishes an Internet connection via a proxy server, the proxy s … -
Public Cloud
A public cloud is a model of cloud computing in which resources, such as computing power, storage and network services, are provided by an external service provider via the Internet to the g … -
Ransom DDoS
What is Ransom DDoS? When cybercriminals combine a DDoS attack with a ransom demand, this is known as a ransom DDoS attack (RDDOS). The damage in such a case can be considerable and should n … -
Ransomware
Ransomware: A Tool for Cyber Blackmail Blackmail by anonymous cybercriminals is an acute threat to companies of all sizes. Hackers also target administrations and government authorities. Onl … -
Ransomware/DDoS combined attack
DDoS attacks as a dangerous smokescreen Distributed denial of service attacks is currently on the agenda throughout Europe. However, due to the current situation, such attacks are no longer … -
Rate Limiting
Rate limiting is a defensive strategy for spreading network traffic. It involves setting an upper limit on how often users or applications can perform an action within a defined timeframe. R … -
Reverse Proxy
A reverse proxy is a type of proxy server that acts as an intermediary between external requests from the Internet and the servers running on an internal network. This is in contrast to a co … -
SASE (Secure Access Service Edge)
SASE (Secure Access Service Edge) is a network and security concept coined by Gartner in 2019. It combines network and security functions in a cloud-based architecture to meet the requiremen … -
Scam
Scam is an English term that stands for fraud or swindle. It refers to a form of deception in which fraudsters attempt to harm other people through fraudulent actions or exploit them for the … -
Scrubbing Center
A scrubbing center (also called a traffic scrubbing center) is a type of facility or service used in information and network security. It filters out malicious traffic from a network or Inte … -
Scrubbing Center
A scrubbing center (also called a traffic scrubbing center) is a type of facility or service used in information and network security. It filters out malicious traffic from a network or Inte … -
Secure DNS
What is Secure DNS and Why Do I Need it? Secure DNS infrastructure is an essential component of any cybersecurity program. Unfortunately, DNS exploits get far less media attention than other … -
Security Information and Event Management (SIEM)
In the complex and constantly evolving world of cybersecurity, it is essential for companies to have a comprehensive overview of their security situation. Security Information and Event Mana … -
Single Sign-On (SSO)
Single sign-on (SSO) is an authentication technology that allows users to log in once and access multiple applications, services, or systems. SSO is designed to improve user experience, … -
Skewing
In cybersecurity, skewing refers to the targeted manipulation of data to distort the results of analysis or machine learning models. This type of attack is often referred to as a skewing att … -
Slowloris
Slowloris is a type of DDoS attack in which the attacker attempts to overload a web server by holding multiple concurrent connections. The attack works by the attacker opening a connection t … -
Smurf DDoS attack
A Smurf DDoS attack is a form of distributed denial of service (DDoS) attack that floods networks and servers with an enormous number of Internet Control Message Protocol (ICMP) packets. Thi … -
Software-as-a-Service (SaaS)
Software-as-a-Service (SaaS) is a cloud-based software distribution model in which applications are provided as a service via the Internet. Instead of installing copies of the software on in … -
Spam
Spam refers to unwanted communication, usually in the form of emails sent in bulk, that often contain advertising, phishing attempts, or malware. These messages are typically sent without th … -
Spear Phishing
Spear phishing is a targeted form of phishing in which attackers target specific individuals or organizations. Unlike general phishing attacks, which are widely distributed to a large number … -
Spoofing
The concept of spoofing focuses on the deception of true identity or origin by an attacker to impersonate another person or entity. This deceitful technique can be applied at different level … -
SQL Injection
SQL injection (SQLi) is a type of cyberattack in which an attacker inserts malicious SQL code into a database query to manipulate the underlying database of a web application system. This ty … -
SSL (Secure Sockets Layer)
SSL (Secure Sockets Layer) is a standard security technology that establishes an encrypted connection between a web server and a browser. This connection ensures that all data transmitted be … -
Supply Chain Attack
A supply chain attack is a type of cyberattack in which attackers exploit vulnerabilities in a company’s supply chain to gain access to sensitive data, systems or networks. Instead of … -
SYN flood attack
A SYN flood attack is a form of Denial of Service (DoS) attack in which the attacker attempts to disable a server or network by overloading it with SYN packets. This attack uses a feature of … -
TCP/IP
TCP/IP stands for Transmission Control Protocol/Internet Protocol. The term refers to a suite of communication protocols that enable computers to communicate with each other over a network s … -
TLS (Transport Layer Security)
TLS (Transport Layer Security) is a protocol designed ensure the security of data communication on the Internet. It is used to encrypt and secure data transmission between servers, clients, … -
Tor Browser
The Tor Browser is a free, open-source web browser based on Mozilla Firefox. It was developed to protect the privacy and anonymity of users when surfing the Internet. The name “TorR … -
Transmission Control Protocol (TCP)
The Transmission Control Protocol (TCP) is one of the main protocols of the Internet. It is used to transfer data between computers on a network in a secure and reliable manner. TCP belongs … -
Trojan horse
A Trojan horse is a type of malicious software that masquerades as harmless or useful software in order to sneak onto a computer system undetected. Once installed, it can perform malicious a … -
UDP Flood DDoS Attack
A UDP flood DDoS attack is a type of denial-of-service (DoS) attack in which a large number of User Datagram Protocol (UDP) packets are sent to random ports on a targeted server. The aim of … -
UEBA (User and Entity Behavior Analytics)
UEBA (User and Entity Behavior Analytics) is a security solution that uses technologies and methods to monitor and analyze the behavior of users, applications, and devices within a network t … -
Virtual Machine (VM)
A virtual machine (VM) is a software-based simulation of a computer system. It allows an operating system and associated applications to run in an isolated environment on a physical host com … -
VPN (Virtual Private Network)
A Virtual Private Network (VPN) is a technology that creates an encrypted connection between a device and the internet. It protects data from unauthorized access, hides the IP address, enabl … -
WAAP
WAAP (Web Application and API Protection) is a security technology designed to protect web applications and API services from various types of threats. These attacks can include exploits tha … -
WAN (Wide Area Network)
A Wide Area Network (WAN) is a network that covers a large geographical area. It is used to connect various smaller networks, such as Local Area Networks (LANs) or Metro Area Networks (MANs) … -
Web application
A Web application, also known as web app, is a software application that runs on a web server and is accessible via a web browser on the user’s end device. In contrast to traditional d … -
Web Application Firewall (WAF)
A Web Application Firewall (WAF) is a type of firewall that specializes in protecting web applications from various security threats. In contrast to traditional firewalls, which filter and c … -
Web Application Security
Web application security is the process of protecting web applications from Internet threats. Traditionally, this is provided by a WAF: a web application firewall. What is a web applicatio … -
Web Crawler
A web crawler, also known as a spider or a bot, is an automated program or script that systematically visits websites. Its main goal is to collect and index information from these pages. Web … -
Web Scraping
In the world of digital information, a fascinating technique can help us deal with the sheer quantity of information on the Internet: web scraping, which can be used to read and save data fr … -
Whaling
Whaling is a form of cyberattack in which the attackers impersonate high-ranking executives or other authority figures to obtain sensitive information or money from companies or individuals. … -
Zero Day Exploit
A zero day exploit is an attack tool that exploits a previously unknown security vulnerability in software or hardware. This vulnerability is not known to the developers and users at the tim … -
Zero Trust
Zero Trust marks a new way of thinking in IT security. With this IT security approach, the focus is on protecting the boundaries of the company. Here, the focus is on verifying the trustwort …