Cybersecurity & Cloud Glossary

A technique to control the number of requests a user or system can make within a time window.

Design principles ensuring color usage is perceivable by people with visual impairments, including color blindness.

A web security vulnerability allowing attackers to interfere with database queries through unsanitized input.

A trial-and-error method of guessing passwords, encryption keys, or credentials by systematically trying all possibilities.

A previously unknown software vulnerability that attackers exploit before the vendor has released a patch or fix.

Continuous Integration and Continuous Deployment - automated practices for building, testing, and releasing software rapidly and reliably.

A scheduled task that runs automatically at specified times or intervals on Unix-like operating systems.

Using software to perform repetitive tasks automatically, reducing manual effort and errors.

An open-source infrastructure-as-code tool that enables teams to define, provision, and manage cloud infrastructure using declarative configuration files.

The set of policies, tools, and procedures designed to enable recovery of critical IT infrastructure and systems following a natural or human-induced disaster.

A contract between a service provider and customer defining the expected level of service, including uptime guarantees, response times, and remedies for failures.

A character encoding standard using 7 bits to represent 128 characters including letters, numbers, and symbols.

A service that acts as a single entry point for API requests, handling routing, authentication, rate limiting, and other cross-cutting concerns.

Amazon's comprehensive cloud computing platform offering over 200 services for compute, storage, databases, networking, security, and application development.

Microsoft's cloud computing platform providing integrated services for compute, analytics, storage, networking, AI, and enterprise applications.

A geographically distributed network of servers that cache and deliver web content from locations closest to end users, improving performance and reliability.

A platform for developing, shipping, and running applications in lightweight, portable containers that package code with all its dependencies.

An open-source container orchestration platform that automates deployment, scaling, and management of containerized applications across clusters of hosts.

A system that distributes incoming network traffic across multiple servers to ensure high availability, reliability, and optimal resource utilization.

A dedicated infrastructure layer that handles service-to-service communication, providing observability, traffic management, and security without changing application code.

AWS service that aggregates security findings from multiple AWS services and third-party tools, providing a unified view of security posture.

A security solution that sits between cloud service users and cloud applications to enforce security policies, provide visibility, and protect data.

Continuous monitoring and remediation of cloud misconfigurations across accounts, services, and regions.

Security tooling that safeguards cloud-native workloads—containers, serverless functions, and VMs—across build and runtime.

A unified security platform that combines CSPM, CWPP, and other cloud security capabilities into a single solution.

A network security technique that divides the network into isolated segments, applying granular access controls between workloads.

A framework that outlines which security tasks the cloud provider handles versus what the customer must secure.

An isolated virtual network within a cloud provider where you can launch resources with control over IP addressing, subnets, and routing.

A security control that filters, monitors, and blocks HTTP/HTTPS traffic to and from web applications based on predefined rules.

The right of individuals to control how their personal information is collected, used, stored, and shared by organizations.

A U.S. federal agency that develops cybersecurity standards, guidelines, and best practices widely adopted by organizations globally.

Consensus-based security configuration guidelines developed by the Center for Internet Security for hardening systems and cloud environments.

A collection of independent computers that appear to users as a single coherent system.

A numbering system using 16 symbols (0-9, A-F) commonly used in computing for compact binary representation.

Temporary text or media used in design mockups to represent actual content before it is available.

The process of creating the visual appearance, layout, and user experience of websites and web applications.

A simple substitution cipher that shifts letters by a fixed number of positions in the alphabet.

A mathematical procedure for encrypting and decrypting data to protect confidentiality.

A one-way mathematical algorithm that converts data into a fixed-size string, used for integrity verification and password storage.

The process of converting readable data (plaintext) into an unreadable format (ciphertext) using mathematical algorithms, protecting confidentiality.

A measure of randomness or unpredictability in data, critical for generating secure cryptographic keys, passwords, and tokens that resist guessing attacks.

A security protocol where both client and server authenticate each other using X.509 certificates, providing bidirectional identity verification beyond standard TLS.

Cryptographic protocols that provide secure communication over networks by encrypting data in transit.

An encryption method using the XOR (exclusive or) operation to combine plaintext with a key.

CSV format is a simple text file format for tabular data where each line represents a row and columns are separated by commas.

The process of converting data structures into a format that can be stored or transmitted and reconstructed later.

The process of organizing data structure, relationships, and constraints to efficiently store and retrieve information.

Controls that detect and prevent sensitive data from leaving an organization through unauthorized channels.

A vocabulary for annotating and validating JSON documents, defining structure, data types, and constraints.

Techniques to improve database query performance by reducing execution time and resource usage.

Principles and guidelines for combining colors to create visually harmonious and effective designs.

An additive color model using Red, Green, and Blue light to create a spectrum of colors for digital displays.

The art and technique of arranging type to make written language legible, readable, and visually appealing.

A lightweight, standalone, executable package containing everything needed to run an application: code, runtime, libraries, and settings.

A repository for storing, managing, and distributing container images, providing version control and access management.

Testing a running application from the outside to discover security vulnerabilities by simulating attacks.

An infrastructure paradigm where servers are never modified after deployment; changes require replacing instances with new ones built from updated images.

Managing and provisioning infrastructure through machine-readable configuration files rather than manual processes.

Defining and enforcing security, compliance, and operational policies through code that can be versioned, tested, and automated.

Monitoring and protecting applications during execution to detect and prevent attacks in real-time.

Moving security testing and controls earlier in the software development lifecycle to find and fix vulnerabilities sooner.

Identifying open-source components and third-party libraries in applications and detecting known vulnerabilities.

Analyzing source code, bytecode, or binaries for security vulnerabilities without executing the application.

A set of rules and protocols that allows different software applications to communicate and exchange data.

A time-based job scheduling syntax using five or six fields to specify when tasks should run.

A set of practices combining software development (Dev) and IT operations (Ops) to shorten development cycles and deliver high-quality software continuously.

A computational method for comparing two sets of data and identifying differences between them.

An operational framework that uses Git repositories as the single source of truth for declarative infrastructure and application configurations.

A lightweight data interchange format using human-readable text to represent structured data.

A lightweight markup language that uses plain text formatting to create structured documents.

Pattern-matching syntax used to search, validate, and manipulate text based on rules.

A versioning scheme using MAJOR.MINOR.PATCH format that communicates the scope and impact of changes, enabling predictable dependency management.

A comparison showing line-by-line or character-by-character changes between two versions of text.

A 128-bit identifier guaranteed to be unique across space and time without central coordination.

The number of seconds elapsed since January 1, 1970 00:00:00 UTC (the Unix epoch).

A system that tracks changes to files over time, enabling collaboration, history tracking, and the ability to revert to previous states.

An HTTP callback that delivers real-time data from one application to another when a specific event occurs.

The practice of optimizing websites and content to improve visibility and ranking in search engine results pages (SERPs).

Email authentication method that uses cryptographic signatures to verify that email content has not been tampered with in transit.

Email validation system that builds on SPF and DKIM to prevent email spoofing and provide reporting on email authentication failures.

A set of protocols (SPF, DKIM, DMARC) that verify the sender of an email is who they claim to be, preventing spoofing and phishing.

Metadata attached to emails that shows routing information, authentication results, and delivery path.

API-based email security solutions that integrate directly with cloud email platforms like Google Workspace and Microsoft 365, rather than routing mail through an external gateway.

A security solution that filters incoming and outgoing email traffic to protect against spam, phishing, malware, and data loss.

Email authentication method that specifies which mail servers are authorized to send email on behalf of your domain.

A binary-to-text encoding scheme that converts binary data into ASCII characters for safe transmission over text-based protocols.

A mechanism for encoding special characters in URLs using percent signs followed by hexadecimal values.

A file format containing data in binary rather than plain text, requiring specific software to read and interpret.

Unique byte sequences at the start of files that identify the file type, regardless of extension.

Authentication verifies who you are, while authorization determines what you can do.

An open authentication standard that enables passwordless and phishing-resistant login using hardware security keys or platform authenticators.

The policies and technologies used to verify identities, govern permissions, and log access across systems.

A network authentication protocol that uses secret-key cryptography and trusted third parties to verify user and service identities without transmitting passwords.

An open, vendor-neutral protocol for accessing and maintaining distributed directory services over a network.

An authentication method that requires users to provide two or more verification factors to gain access.

An open standard for delegated access authorization that allows applications to access user resources without exposing credentials.

An identity layer built on OAuth 2.0 that enables applications to verify user identity and obtain basic profile information through a standardized protocol.

A framework for securing and auditing accounts with elevated permissions, such as admins, service accounts, and break-glass users.

The process of securely maintaining user state and authentication across multiple HTTP requests.

A security incident where authentication credentials (passwords, API keys, tokens) are stolen, exposed, or otherwise obtained by unauthorized parties.

An attack where adversaries use compromised cloud resources to mine cryptocurrency, resulting in significant compute costs for the victim.

A system design approach that ensures a specified level of operational performance, typically measured in "nines" of uptime percentage.

The routing protocol that exchanges network reachability information between autonomous systems, forming the backbone of Internet routing.

The Domain Name System translates human-readable domain names into IP addresses that computers use to connect to websites and services.

A suite of specifications that add cryptographic authentication to DNS responses, preventing DNS spoofing and cache poisoning attacks.

The hierarchical naming system that translates human-readable domain names into IP addresses.

The process of determining the geographic location of an internet-connected device using its IP address.

A unique hardware identifier assigned to network interfaces for local network communication.

A DNS record type that specifies which mail servers are responsible for receiving email for a domain.

A hardware component that connects a computer or device to a network, enabling communication through its unique MAC address.

A set of rules defining how data is transmitted and received over a network.

The first three bytes of a MAC address, assigned by IEEE to identify the manufacturer of a network device.

Numerical identifiers (0-65535) used to route network traffic to specific services on a device.

A 32-bit number that divides an IP address into network and host portions for routing.

A value that specifies how long a DNS record or network packet should be cached or forwarded before being discarded or refreshed.

A public directory that stores registration information for domain names and IP address blocks.

The last segment of a domain name following the final dot, such as .com, .org, or country codes like .uk.

A public logging system that records all SSL/TLS certificates, enabling detection of misissued or malicious certificates.

A framework of policies, processes, and technologies for managing digital certificates and public-key encryption.

A digital certificate standard that binds a public key to an identity, enabling encrypted connections and authentication.

A technique to identify and track users based on unique browser and device characteristics without using cookies.

Financial fines and sanctions imposed for failing to meet regulatory data protection and security requirements.

The General Data Protection Regulation is the EU's comprehensive data privacy law that governs how organizations collect, process, and protect personal data.

The Health Insurance Portability and Accountability Act establishes standards for protecting sensitive patient health information in the United States.

Service Organization Control 2 is an auditing standard for service providers that store customer data, focusing on security, availability, processing integrity, confidentiality, and privacy.

An assessment that identifies critical business processes and quantifies the impact of their disruption.

Insurance coverage that protects organizations against financial losses from cyberattacks and data breaches.

The total financial impact of a security incident, including detection, response, notification, and long-term damages.

A documented, tested approach for detecting, containing, and recovering from cybersecurity incidents.

A globally accessible knowledge base of adversary tactics, techniques, and procedures mapped to the attack lifecycle.

Malware that encrypts systems or exfiltrates data, demanding payment to restore access or prevent disclosure.

The maximum acceptable amount of data loss measured in time, defining how far back systems must be restored after an incident.

The maximum acceptable downtime for a system or service before business impact becomes unacceptable.

A metric that quantifies the financial benefit of security investments relative to their cost.

A systematic process of identifying, analyzing, and evaluating cybersecurity risks to inform treatment decisions.

Deliberately making code difficult to understand to protect intellectual property or hide malicious intent.

The total number of points where an unauthorized user could try to enter data into, or extract data from, an environment.

The process of verifying the identity of a user, device, or system before granting access to resources or services.

The practice of granting users and services the minimum access they need to perform their duties.

A weakness in a system, application, or process that could be exploited by a threat actor to gain unauthorized access or cause harm.

A security model that assumes breach, requiring continuous verification of every user, device, and workload regardless of location.

A trusted entity that issues, validates, and revokes digital certificates used for secure communications.

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

An encrypted network connection that creates a secure tunnel between a device and a remote network over the internet.

Google Cloud security analytics platform that provides threat detection, investigation, and response using Google infrastructure and intelligence.

Security software that monitors endpoints for malicious activity, enabling rapid detection and containment.

A security service that combines technology and human expertise to detect, investigate, and respond to threats 24/7.

Microsoft cloud-native SIEM and SOAR solution that provides intelligent security analytics and threat detection across the enterprise.

A comprehensive inventory of all components, libraries, and dependencies that make up a software application, enabling transparency in the software supply chain.

The practice and tooling for securely storing, accessing, rotating, and auditing sensitive credentials like API keys, passwords, certificates, and encryption keys.

A platform that ingests security telemetry, correlates events, and surfaces alerts for investigation.

A dedicated function responsible for monitoring, detecting, and responding to cybersecurity threats in real time.

An outsourced executive who provides strategic cybersecurity leadership and governance without the cost of a full-time hire.

The continuous process of identifying, prioritizing, and remediating security weaknesses in systems and applications.

Authorized simulated cyberattacks against systems to identify security vulnerabilities before malicious actors exploit them.

A sophisticated, long-term cyberattack where an intruder gains unauthorized access and remains undetected for an extended period to steal data or cause damage.

An automated attack that uses stolen username/password pairs from data breaches to gain unauthorized access to user accounts on other services.

A trustworthiness score (0-100) assigned to IP addresses based on observed malicious behavior, spam activity, and threat intelligence data.

Malicious software or hardware that secretly records keystrokes to capture passwords, credit card numbers, and other sensitive information typed by users.

Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems and data.

A social engineering attack that uses fraudulent communications to trick recipients into revealing sensitive information or installing malware.

A cyberattack that targets less-secure elements in an organization's supply chain—vendors, software dependencies, or service providers—to compromise the ultimate target.

Evidence-based knowledge about existing or emerging threats used to inform security decisions and response.

A technique to render URLs and IPs non-clickable by replacing characters, preventing accidental access to malicious sites.

Placeholder text used in design and publishing to demonstrate visual form without meaningful content.

A two-dimensional barcode that stores data in a matrix pattern, readable by cameras and smartphones.

The process of translating time from one geographic timezone to another, accounting for UTC offsets and daylight saving time.

A standardized identifier for publicly disclosed security vulnerabilities in software and hardware.

A browser security mechanism that controls how web pages can request resources from different domains, preventing unauthorized cross-site data access.

An attack that tricks a victim into submitting unauthorized requests using their authenticated session.

A web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

A method of representing special characters in HTML using named or numeric references to prevent interpretation as code.

Small pieces of data stored by web browsers, used for session management, personalization, and tracking.

Response headers that enable browser security protections against common web attacks.

A compact, URL-safe token format used to securely transmit claims between parties in web applications.

A server that sits in front of backend servers, forwarding client requests and returning responses while hiding the origin server's identity.

A security feature that allows browsers to verify that files from CDNs have not been tampered with.

Registering domain names similar to popular sites by exploiting common typing errors to deceive users.

A technique that forwards users from one URL to another, often used for site migrations or link shortening.

A specific URL where an API can be accessed, representing a function or resource in a web service.

Three-digit codes returned by web servers to indicate the result of an HTTP request.

The phenomenon where hyperlinks become permanently unavailable as web pages are moved or deleted.

A web address that specifies the location of a resource on the internet, composed of protocol, domain, path, and optional parameters.

A text string sent by web browsers to identify the browser, operating system, and device to web servers.

A service that creates short aliases for long URLs, making them easier to share and track clicks.