Stands for Common Vulnerabilities and Exposures. A list of standardized names for all publicly known vulnerabilities and exposures, essential for vulnerability management, as it allows companies to prioritize threats and ensure they are not using outdated, insecure software.
A type of attack that attempts to make an online service unavailable by flooding the target with more requests than it can handle, usually from a single source.
A type of attack that attempts to make an online service unavailable by flooding the target with more requests than it can handle. Unlike a DoS attack that typically comes from a single source, in a DDoS attack attackers use multiple compromised devices to generate traffic from many sources simultaneously.
A technique that tricks a DNS server into believing it has received authentic information when, in reality, the information is false. Used to take unsuspecting victim to a malicious website.
An attack technique where a hacker intercepts a system's requests to a DNS server in order to issue false responses as though they came from the real DNS server.
A type of cyberattack that uses legitimate, built-in system tools (like PowerShell, WMI) and resides in computer memory (RAM) instead of writing malicious files to the hard drive. Extremely difficult for traditional antivirus software to detect. Often called living-off-the-land (LotL) attacks.
A proactive, real-time behavioral indicator, like suspicious admin activity, abnormal user behavior, or privilege escalation, that reveals an attack is in progress.
A digital clue that helps security teams detect, investigate, and respond to malicious activity that has already taken place on a network or endpoint. Clues include a suspicious IP address, file hash, or unusual inbound and outbound network traffic.
A fileless malware cyberattack technique in which hackers use legitimate, native operating system tools and features like scripts, admin tools, or scheduled tasks, to conduct malicious activities. They avoid detection by blending in with normal system operations.
Legitimate processes and services that Windows uses to perform
certain tasks can be hijacked by attackers to use for malicious
purposes. They are effective because these are trusted process
names and binaries that look non-malicious.
Type of cyberattack where attackers secretly insert themselves into the communication channel established between two legitimate parties to read, intercept, or even manipulate the data traffic.
Read MoreThe process of applying vendor-issued updates to close security vulnerabilities and optimize the performance of software and devices. The best patch management services detect missing patches, outdated or EOL software, and known CVEs, then correlate that data with risk severity to help teams prioritize remediations.
When users install and use devices and unapproved SaaS apps, increasing data exposure.
The act of disguising a communication so that it appears to come from a trusted, legitimate source. Attackers manipulate identifying information to deceive recipients and security systems.
Read MoreThe process of inputting SQL queries into a data field and tricking the backend database into divulging data not intended to be outputted.
A type of threat that exploits an unknown software vulnerability before the user/developer knows about it or has a patch ready, giving defenders no time to fix it. Also known as a 0-day.