ZTX Logo
SecureTrustCybersecurity Services

Cybersecurity Glossary

Essential cybersecurity terms and definitions to help you understand the industry terminology

A

Attack Surface

The total sum of vulnerabilities that can be exploited to carry out a security attack, including physical and digital points where an unauthorized user can attempt to enter or extract data from an environment.

B

Breach

An incident where data, computer systems, or networks are accessed or affected without authorization. Common types include data breaches involving PII or PHI.

C

CMMC (Cybersecurity Maturity Model Certification)

A unified security standard and certification process developed by the U.S. Department of Defense (DoD) for defense contractors to verify implementation of cybersecurity requirements.

D

DDoS (Distributed Denial of Service)

A malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target with a flood of internet traffic from multiple sources.

E

Endpoint Protection

Security approach that focuses on protecting end-user devices like desktops, laptops, and mobile devices from malicious activities and cyberattacks.

F

Firewall

A network security device or software that monitors and filters incoming and outgoing network traffic based on predefined security rules.

G

GDPR (General Data Protection Regulation)

A European Union regulation that standardizes data protection laws across the EU and addresses the transfer of personal data outside the EU and EEA areas.

H

HIPAA (Health Insurance Portability and Accountability Act)

U.S. legislation that provides data privacy and security provisions for safeguarding medical information and other personal health information.

I

IDS/IPS (Intrusion Detection/Prevention System)

Security technologies that examine network traffic flows to detect and prevent vulnerability exploits. IDS passively monitors, while IPS actively blocks threats.

M

MFA (Multi-Factor Authentication)

An authentication method requiring users to provide two or more verification factors to gain access to a resource, typically something you know (password), something you have (security token), and something you are (biometric).

N

NIST (National Institute of Standards and Technology)

A U.S. federal agency that develops technology, metrics, and standards, including the NIST Cybersecurity Framework widely used for security program management.

P

PHI (Protected Health Information)

Any information about health status, provision of healthcare, or payment for healthcare that can be linked to an individual and is protected under HIPAA regulations.

R

Ransomware

A type of malicious software designed to block access to a computer system or data until a sum of money (ransom) is paid, typically by encrypting data and demanding payment for the decryption key.

S

SASE (Secure Access Service Edge)

A cloud architecture model that combines network security functions with WAN capabilities to support the dynamic secure access needs of organizations.

SOC (Security Operations Center)

A centralized function staffed by security analysts who identify, analyze, respond to, report on, and prevent cybersecurity incidents.

SOC 2 (Service Organization Control 2)

An auditing procedure that ensures service providers securely manage customer data based on five Trust Service Criteria: security, availability, processing integrity, confidentiality, and privacy.

X

XDR (Extended Detection and Response)

A security approach that automatically collects and correlates data across multiple security layers – email, endpoint, server, cloud workload, and network – providing holistic protection and improved threat detection and response.

Z

ZTNA (Zero Trust Network Access)

A security model that requires strict identity verification for every person and device trying to access resources on a network, regardless of whether they are inside or outside the network perimeter.

Ready to Secure Your Business?

Get started with a comprehensive security assessment and discover how we can protect your organization.

Zero Trust eXtended

The "first fully integrated Zero Trust eXtended platform" that goes beyond ZTNA by embedding XDR, SIEM, SASE and Remote Management.

Legal

© SecureTrust Cyber ZTX Platform. All rights reserved.