The pixel


Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Access Control

The process of restricting access to resources, such as computers, files, or services, to authorized users only.

Learn More

A type of behavior or action that seems abnormal when observed in the context of an organization and a user's historical activity. It is typically analyzed using some sort of machine-learning algorithm that builds a profile based upon historical event information including login locations and times, data-transfer behavior and email message patterns. Anomalies are often a sign that an account is compromised.

Learn More

Data Anonymization is a process that alters personally identifiable data (PII) in such a manner that it can no longer be used to identify an individual. This can be done by removing certain identifying values from data sets, or by generalizing identifying values.

Learn More
Audit Trail

A trail of files, logs, or paperwork used to record an activity for auditing purposes.

Learn More

The act of systematically examining, evaluating, and analyzing an organization's assets to ensure compliance and security standards are met.

Learn More

The process of verifying a claimed identity and proving that someone is who they claim to be when attempting to access a resource.

Learn More

An acronym for Cloud Access Security Broker. This is a type of security that monitors and controls the cloud applications that an organization's employees might use. Typically, the control is enforced by routing web traffic through a forward- or reverse-proxy. CASBs are good for managing Shadow IT and limiting employee's use of certain SaaS or the activity within those SaaS but do not monitor third-party activity in the cloud–i.e. shared documents or email.

Learn More

An acronym for Chief Data Officer. This is the executive within an organization who is the head of information security.

Learn More

An acronym for Chief Information Security Officer. This is an executive within an organization responsible for managing compliance with privacy laws and policies.

Learn More

An acronym of Cybersecurity Maturity Model Certification.

It is a security framework for Defense Industrial Base contractors to follow. CMMC 2.0 was announced by the Department of Defense in November 2021 and sets forth requirements for safeguarding Controlled Unclassified Information and other regulated data.

Learn More

The protection of information and communications against damage, exploitation, or unauthorized use.

Learn More

An acronym for Data Leak Prevention or Data Loss Prevention. A type of security that prevents sensitive data, usually files, from being shared outside the organization or to unauthorized individuals within the organization. This is done usually through policies that encrypt data or control sharing settings.

Learn More
Data Breach

A data breach is a security incident during which sensitive, protected, or confidential data has been accessed or exposed to unauthorized entities. Data breaches occur in organizations of all sizes, from schools to small businesses to enterprise organizations. These incidents may expose protected or personal health information (PHI), personally identifiable information (PII), intellectual property, classified information, or other confidential data. 

Some types of protected personal information include: 

  • Driver’s license numbers
  • Medical records
  • Biometrics
  • Financial records 
  • Social security numbers 
  • Criminal records

For businesses, sensitive data may also include customer lists, source code, credit and debit card information, user data, and other sensitive information. 

Data breaches may be caused by different types of cyberattacks, such as malware, viruses, phishing attacks, ransomware, or theft of physical devices. Data breaches may also be due to misconfigurations, unpatched security vulnerabilities, malicious insiders, or other types of insider errors. Allowing unauthorized individuals into a building or floor, attaching or sharing the wrong document, or even copying the wrong person on an email all have the potential to expose data and result in a significant data breach

Many industries, particularly the financial and healthcare industries, mandate controls of sensitive data. Industry guidelines and government regulations increasingly require strict controls, disclosure rules if a breach occurs, and penalties or fines for organizations that fail to safeguard the data in their care. 

The Payment Card Industry Data Security Standard (PCI DSS) applies to financial institutions and businesses that handle financial information. The Health Insurance Portability and Accountability Act (HIPAA) regulates who has access to view and use PHI in the healthcare industry. 

The General Data Protection Regulation (GDPR) in the European Union increases individuals’ control and rights over their personal data and includes the potential for significant fines for organizations found not to be in compliance with the regulation. Other countries also have significant regulations regarding data protection. The United States has several laws at the federal and state levels intended to protect the personal data of U.S. residents.  

Negative impacts to a business due to a data breach include fines; costs related to investigating, mitigating, and recovering from the incident; reputation loss; litigation; and possibly even the inability to operate the business.     

Learn More
Data Flow

In communications, data flow is the path taken by a message from origination to destination that includes all nodes through which the data travels.

Learn More
Data Flow Diagram

An illustration that shows the way information flows through a process or system. Data flow diagrams include data inputs and outputs, data stores, and the various subprocesses the data moves through.

Learn More
Data Theft

The act of stealing of information.

Learn More

The unauthorized transfer of data off of a computer or network.

Learn More
False Positive

A false positive is an alert that incorrectly indicates a vulnerability exists or malicious activity is occurring. These false positives add a substantial number of alerts that need to be evaluated, increasing the noise level for security teams. 

False positives may be triggered by a variety of incidents, such as: 

  • User repeatedly mistypes their password, triggering a brute-force alarm
  • Scanning and security software identifies a legitimate operation as an attack
  • A signature configured to identify a type of malware misidentifies an activity
  • Software bugs misidentified as an attack
  • Unrecognized network traffic
  • Application security testing tools misidentify results as security issues

The increase of security testing and monitoring tools increases the overall number of alerts security teams receive, which in turn increases the number of false positives coming in to be triaged. These types of security events increase the noise for overburdened security teams, making them more likely to ignore valid security events because they assume they are false positives. 

Realistically, security teams cannot and do not need to resolve every single issue exposed by alerts, nor can software development and testing teams analyze each alert. These teams get a high number of alerts and it requires time to investigate each alert. When time-constrained teams continuously receive a high number of alerts, they are more likely to experience alert fatigue and focus on instances where there is a clear issue that needs to be resolved. 

False positives increase the likelihood that internal security teams will miss important security events because they believe them to be invalid or simply see too many alerts to investigate each one. False negatives are similarly problematic, because they show that no vulnerability or security issue is present when there actually is a problem that needs to be addressed. 

While some number of false positives will be investigated to verify that they do not, in fact, pose a threat to the organization, false negatives are less likely to be investigated as test results appear to indicate that the software is functioning as intended. Both false positives and false negatives can pose a threat to security teams and the organizations they protect.

Learn More
ISO 27001

International standard for how to manage information security, first published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005, then revised in 2013. It outlines standards for creating, executing, maintaining and optimizing an information security management system, in order to help organizations make their information assets more security.

Learn More
Information Security Policy

The directives, rules, regulations, and best practices that an organization follows to manage and secure information.

Learn More
Insider Threat

Any individual with insider access to an organization's networks or resources that would allow them to exploit the vulnerabilities of that organization's security or steal data.

Learn More
Least Privilege

A security principle which mandates that users should be granted the least amount of permissions necessary to perform their job.

Learn More

An acronym for Multifactor Authentication. This represents an authentication process that requires more than one factor of verification. An example would be a login that requires a username and password combination, as well as an SMS-code verification, or the use of a physical security key.

Learn More

A deliberate configuration change within a system by a malicious actor, typically to create back-door access or exfiltrate information. While the original change in configuration might involve a compromised account or other vulnerability, a malconfiguration has the benefit of offering long term access using legitimate tools, without further need of a password or after a vulnerability is closed.

Learn More

A term that represents a number of different types of malicious software that is intended to infiltrate computers or computer network.

Learn More
Masked Data

Sensitive information swapped with arbitrary data intended to resemble true production data, rendering it useless to bad actors. It's most frequently used in test or development environments, where realistic data is needed to build and test software, but where there is no need for developers to see the real data.

Learn More

A dangerous or unapproved configuration of an account that could potentially lead to a compromise typically done by a well-intentioned user attempting to solve an immediate business problem. While there is no malicious intent, misconfiguration is actually the leading cause of data loss or compromise.

Learn More

An acronym for the National Institute of Standards and Technology. NIST is a unit of the US Commerce Department tasked with promoting and maintaining measurement standards. NIST leads the development and issuance of security standards and guidelines for the federal government.

Learn More

In data security or privacy terms, this is the breach of a legal duty to protect personal information.

Learn More
Obfuscated Data

Sensitive information swapped with arbitrary data intended to resemble true production data, rendering it useless to bad actors. It's most frequently used in test or development environments, where realistic data is needed to build and test software, but where there is no need for developers to see the real data.

Learn More

An acronym for the Payment Card Industry Data Security Standard. This is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.

Learn More

An acronym of Personally Identifiable Information. This is any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means. Examples include social security number (SSN), passport number, driver's license number, taxpayer identification number, patient identification number, financial account number, or credit card number, personal address information including street address or email address, or personal telephone numbers.

Learn More

A type of malware that encrypts the files on an endpoint device using a mechanism for which only the attacker has the keys. While the attacker will offer the key in exchange for payment, fewer than half of victims that do pay actually recover their files.

Learn More
Sensitive Data

Any information that is protected against unwarranted disclosures, for reasons either legal, ethical, privacy, financial, or otherwise. This can include, but is not limited to: health data, personal information, confidential data such as trade secrets, etc...

Learn More
Shadow IT

Any unapproved cloud-based account or solution implemented by an employee for business use. It might also include the use of an unknown account with an approved provider, but administered by the user rather than corporate IT.

Learn More
Shadow SaaS

An unapproved cloud application that is connected in some way (typically by API) to that organization's SaaS or IaaS with access to corporate data but without permission from the organization.

Learn More

A vulnerability is a weakness that could be exploited or triggered by a threat source in internal controls, procedures for systems security, an information system, or implementation. A weakness is synonymous with deficiency and may result in security or privacy risks or both. 

In cybersecurity terms, a vulnerability is a security exposure that exists in an operating system, in system software, or in an application software component. Each vulnerability can potentially compromise the system or network if exploited.

There are multiple publicly accessible databases of vulnerabilities, sometimes based on the version numbers of software. Common Vulnerabilities and Exposures (CVE) is a common means of enumerating publicly known information security vulnerabilities operated by The MITRE Corporation. 

CVE identifiers assign each vulnerability with a unique name/number, The Common Vulnerability Scoring System (CVSS) is an open industry standard owned and managed by FIRST.Org, Inc. (FIRST), a US-based non-profit organization. 

CVSS 3.1 identifies the severity of a vulnerability based on the following metrics: 

Base metrics

  • Access vector (what access is required: local, adjacent network, network, physical)
  • Access complexity (how easy or hard it is to exploit)
  • Privileges required (what level of privileges an attacker requires before exploiting the vulnerability successfully)
  • User interaction (whether the attacker requires a separate user or user-initiated process to exploit the vulnerability)

Impact metrics

  • Scope (whether a vulnerability in one component impacts resources beyond its security scope)
  • Confidentiality (is the confidentiality of data impacted)
  • Integrity (what is the impact on the integrity of the system)
  • Availability (will the system remain fully functional, experience reduced performance or capabilities, or become unavailable)

A flaw may be the result of poor design or implementation mistakes, and results in unintended functionality. There are also temporal metrics (exploit code maturity, remediation level, and report confidence) and environmental metrics (modified base metrics and confidentiality requirement, integrity requirement, and availability requirement). 

 The Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses that have security ramifications. Weakness severity is scored using Common Weakness Scoring System (CWSS™) and Common Weakness Risk Analysis Framework (CWRAF™) and are based on base findings, attack surface, and environmental metrics. An attacker may exploit vulnerabilities, weaknesses, or user errors individually or combine them to carry out an attack. These metrics help incident response teams and cybersecurity professionals determine the threat level of a vulnerability and how to best address it.

Learn More