Cybersecurity Glossary
Cybersecurity terminology can be confusing, especially when you're comparing products or trying to understand how different technologies work together. Whether you're researching solutions for your organization or just need a quick refresher on industry terms, these definitions will help.
Admin Rights
Elevated permissions that allow users to make system-level changes on computers and servers, such as installing software, modifying security settings, and accessing protected files. When users operate with permanent admin rights, any malware that infects their system automatically inherits those same elevated permissions.
Data Breach
A security incident where unauthorized individuals gain access to confidential or protected information. Data breaches result from cyberattacks, insider threats, or human error, often leading to financial losses, regulatory penalties, and reputational damage.
Endpoint Security
The practice of protecting devices like computers, mobile phones, and servers that connect to your network. Endpoint security solutions monitor, detect, and respond to threats targeting these devices, which are often the first entry point for cyberattacks.
JIT (Just-in-Time)
A security approach that provides temporary access to resources only when needed, for only as long as necessary. JIT access eliminates standing privileges by granting elevated permissions on demand, then automatically removing them when the task is complete.
Least Privilege
A security principle that gives users and applications only the minimum access rights needed to perform their job functions. By limiting permissions to what’s absolutely necessary, least privilege reduces the potential damage from compromised accounts, insider threats, and malware infections.
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Common types include viruses, ransomware, spyware, and trojans. Malware often spreads through email attachments, infected websites, or compromised software downloads.
MFA (Multi-Factor Authentication)
A security method that requires users to provide two or more verification factors to gain access to systems or applications. Common factors include something you know (password), something you have (phone or token), and something you are (fingerprint or facial recognition).
PAM (Privileged Access Management)
Security solutions that control and monitor access to critical systems and sensitive data within an organization. PAM manages privileged accounts, enforces access policies, and provides audit trails for high-risk activities across both servers and endpoints.
Remote Access
The ability to connect to and control computers or networks from a different location. While remote access supports flexible work and IT support, traditional methods can create security vulnerabilities without proper just-in-time access controls and session monitoring.
Social Engineering
The ability to connect to and control computers or networks from a different location. While remote access supports flexible work and IT support, traditional methods can create security vulnerabilities without proper just-in-time access controls and session monitoring.
SSO (Single Sign-On)
An authentication method that allows users to access multiple applications and systems with one set of login credentials. SSO reduces password fatigue, enables centralized access control, and simplifies the user experience across different platforms.
VPN (Virtual Private Network)
A technology that creates an encrypted connection between a device and a network over the internet. Traditional VPNs provide broad network access but can create security risks by granting excessive permissions and maintaining persistent connections that attackers can exploit.
Zero Trust
A security model that assumes no user, device, or application should be automatically trusted, even if they’re already inside the network. Zero Trust requires continuous verification and authentication for every access request, replacing traditional perimeter-based security with identity-based access controls.
