Stands for Cloud Access Security Broker. A security solution that emphasizes strict access control and continuous verification by enforcing access policies for cloud resources and applications. An important component of a zero trust architecture.
Any attempt to gain greater permissions illicitly (typically, by impersonating a privileged user or otherwise bypassing normal authentication) within a computer system is considered an elevation of privilege.
A broad term for any software designed to damage, disrupt, or gain unauthorized access to computers, networks, or data. Includes ransomware, viruses, spyware, and much more. Because malware is constantly evolving and increasingly dangerous, modern cybersecurity requires multi-layered defensive tools that include Zero Trust Network Access, Managed Detection and Response, and Endpoint Detection and Response.
Read MoreMalware originally used to extort money from victims by encrypting or otherwise blocking access to applications or files until a sum of money is paid. Today, attackers’ more often steal information and threaten to make it public. For protection, Zero Trust Network Access (ZTNA) ensures that even if credentials are compromised, attackers cannot automatically access accounts, sensitive information, or critical services.
Read MoreA cloud-based framework that converges networking (like SD-WAN) and security functions (like Secure Web Gateway, CASB, Firewall as a Service, Zero Trust Network Access) into a single, unified service to securely connect users, devices, and applications anywhere.
A cybersecurity solution that filters Internet traffic between users and the web. When a user tries to visit a website, their request is first sent to the SWG, which checks the request against defined policies based on corporate and regulatory requirements. SWGs are insufficient as stand-alone solutions and need to be part of a larger, layered, zero trust defense strategy.
A cloud-based model that converges key security services like (ZTNA, SWG, CASB) to secure access to web, cloud, and private applications, crucial for hybrid work and cloud environments. Protects users, devices, and data regardless of location, and is considered a security component of the broader SASE framework.
A cloud-based model where software applications are delivered over the Internet, typically via a web browser, on a subscription basis, with the provider managing all underlying infrastructure, maintenance, and updates.
Stands for Extended Detection and Response. While EDR focuses on identifying and responding to threats at the endpoint level, XDR broadens the scope by collecting telemetry data and automatically correlating detections across multiple security domains, including endpoint, identity, email, network, and cloud. Using AI and machine-learning technologies, XDR then performs automatic analysis to integrate them into a centralized security system.
A cybersecurity strategy based on the principle of "never trust, always verify," assuming threats exist everywhere. Rather than relying on a single technology, it implements multiple security controls, including multi-factor authentication, EDR, Zero Trust Network Access, and dark web credential monitoring. In addition, users only have access to the specific parts of the network they need and not more.
A security model that requires strict identity verification for every person and device, inside or outside the network perimeter, trying to access resources on a private network.
A security framework that assumes threats are everywhere and therefore verifies every user and device attempting to access resources, and grants least-privileged access to specific applications rather than to the entire network. A foundational security model within SASE.