Cybersecurity Terms Summary (from A TO Z)

By CYBERWARZONE.COM
FREE TO USE 117 PAGE

Additional Terms

Asset Discovery

Asset discovery is the automated identification of internet assets linked to the attack surface to minimize false positives, a fundamental part of Attack Surface Management, to be done regularly.

Attack Surface

The attack surface encompasses all internet assets, including internal and external ones, that an attacker can target for access or compromise, regardless of their location or protection status.

Attack Surface Management (ASM)

ASM is a proactive approach involving continuous discovery and monitoring of an organization’s IT infrastructure, covering both known and unknown assets. It provides visibility from both inside and outside perspectives, enabling security teams to build secure solutions and protect the business. External Attack Surface Management (EASM) is a subset of ASM focused on the external attack surface.

Shields🛡️Up Attack Surface Management is a top-notch ASM solution with deep-dive predictive capabilities, context based false-positive reduction, a human review, and offers security teams real-time visibility and context from an attacker’s viewpoint to manage and communicate their cybersecurity posture effectively, including risk assessment and prioritization based on your preferences.

Automatic Protocol Detection

Automatic Protocol Detection is a technique used in port scanning to analyze server responses and identify the underlying service, even when it’s not typically associated with the port number (e.g., SSH on port 1234). This accounts for the possibility of services running on non-standard ports, which is common, with around 60% of internet services observed on such ports.

Continuous Threat Exposure Management (CTEM)

CTEM, as termed by Gartner, encompasses processes and capabilities for ongoing assessment of an enterprise’s digital and physical assets’ accessibility, exposure, and exploitability. CTEM strategies can include solutions like Shields🛡️Up Attack Surface Management, which unveil unknown assets and provide continuous attack surface monitoring.

Critical Infrastructure

Critical Infrastructure encompasses the vital physical and virtual assets, systems, and networks crucial for a functioning economy and national security. It’s a prime target for hackers and nation-state threat actors, as seen in incidents like the 2021 Colonial Pipeline Attack. Countries like the United States prioritize defending critical infrastructure from cyberattacks and emphasize a collaborative, technology-enabled approach for enhanced cybersecurity in their national strategies.

Exposure

Exposure refers to the external access points of an asset visible from an outside perspective, such as the internet. While exposures alone don’t define an organization’s risk, they represent opportunities that attackers can exploit, necessitating monitoring or mitigation.

Exposure Management

Exposure Management is a proactive cybersecurity approach aimed at identifying and managing all publicly exposed assets. It enhances risk identification across the attack surface to prevent cyberattacks and can be facilitated using Attack Surface Management solutions.

External Asset

An External Asset is an entity controlled by an organization for online business operations, encompassing items like IP addresses, domains, websites, certificates, and more. Collectively, External Assets form an organization’s external attack surface.

External Attack Surface Management (EASM)

EASM is a system or procedure for ongoing discovery, inventory, and monitoring of both known and unknown external assets. It is a component of a broader Attack Surface Management initiative, with a focus on prioritizing outside-in visibility of external assets, as these are most susceptible to attack.

False Positives

False Positives occur when an AI or automated cybersecurity system incorrectly identifies benign activity as a security risk. Frequent false positives can burden security teams, causing them to waste time and resources on non-threats. Effective insider threat detection systems use multiple tools to filter alerts and reduce false positives. Shields🛡️Up cybersecurity experts employ human review to validate potential threats, minimizing or eliminating false positives for users.

Misconfiguration

Misconfiguration refers to the improper or absent implementation of security configurations and protocols, creating vulnerabilities in an organization’s security. Examples include unencrypted services, inadequate security controls, and self-signed certificates. Research reveals that misconfigurations are the most common risk on the internet, accounting for four of the top five observed risks.