Cyber Security Jargon Buster

Access control is a security technique that helps organizations to control individual access to business data by authenticating users and sharing information on a ‘need to know’ basis. Organizations can use access control to differentiate types of users within a network based on their level of access, such as view only, edit, manage, and administrator privileges.

Active Directory Federation Services (AD FS) is a software component developed by Microsoft which provides users with single sign-on access to systems and applications located across your organization. AD FS can help streamline user management and improve your security posture by consolidating identity information from multiple sources into a single, central repository.

The administrative interface is the area of a system that allows administrators to manage your system. This interface enables admins to perform activities such as managing users, groups, and permissions, as well as for configuring hardware and software. Administration interfaces need robust security to prevent threat actors gaining control of the application and other parts of the network.

Advanced Encryption Standard (AES) is a symmetric-key encryption standard developed by the U.S. National Institute of Standards and Technology (NIST), adopted by the U.S. government in 2001, and since then by commercial and private organizations around the world. AES is used in a wide variety of applications, including file and email encryption, as well as in the secure transport of data over networks.

An Application Programming Interface (API) is the bridge between different software programs which allows one piece of software to communicate and exchange data and functionality securely with other programs. An API can take different forms, but generally it is a set of rules and procedures that provides access to specific functions within the software.

An advanced persistent threat (APT) is a targeted stealth attack where an attacker infiltrates a network slowly and methodically. Once hackers are inside the network, they can remain undetected for extended periods of time by mimicking the behaviour of authorized users to avoid detection. This contrasts with other attacks where the perpetrators tend to get in and out as quickly as possible. APT is typically targeted at large enterprise or government organizations. However, smaller businesses with less robust security are often used as a steppingstone to gain access to higher-level targets.

An asset-based threat model (also known as the "threats to assets" or "threats to resources" model), is a process for identifying, assessing, and mitigating risks to information assets. This model is used in the context of enterprise security management to mitigate both technical and human vulnerabilities such as insider threats or mistakes made by employees. The goal is to figure out how an attacker could cause harm, what would happen if they did, and what can be done about it.

Authentication is the process of verifying the identity of a user, whereas authorization is the process of ensuring that the user has the right to access files and information. These two security processes work together to ensure that only legitimate users’ access can access information based on their user privileges therefore protecting systems and information.

Authentication bypass refers to several methods by which an unauthorized user might gain access to a system, by running brute force attacks to test possible login credentials or credential stuffing using a stolen set of legitimate login data for multiple accounts. Bypassing authentication can also be achieved using cookie theft which mimics legitimate user identity on a website without requiring a password to login.

A backdoor is a weakness in a software program usually because of poor coding practices. This creates a way into a server or system that can be exploited by a threat actor. Backdoors can also be the result of poor configuration by the end user inadvertently creating an access point for hackers.

Banner grabbing is used by both hackers and in penetration testing to obtain open port information displayed on host servers to find hosts that are running applications and operating systems with known exploits. It can be carried out manually or by using open-source intelligence (OSINT) tools to collect information such as the software type and version running on the system to scan for known and exploitable vulnerabilities.

Business Continuity Management (BCM) is a proactive risk management technique that addresses threats that may disrupt your daily business activities. In case of a security threat or other unforeseen circumstances, business continuity management gives your organization assurance that business activities and processes can continue with minimal disruption.

Business Continuity Planning (BCP) maintains operations, services, and supply chain delivery during periods of disruption, such as downtime resulting from a data breach. A BCP allows companies to continue working and should be updated periodically following any changes in the company’s infrastructure, technology, location, or personnel.

Black box testing is a type of penetration test that most closely simulates a real-world hacking attempt. The pen tester will know very little, if anything, about the target other than from publicly available information. Black box testing relies solely on the pen tester discovering vulnerabilities in outwardly facing components, which means that they are unlikely to uncover any vulnerabilities or misconfigurations that may be present internally. (See also, white box testing)

Blue teaming is a defensive or ‘audit’ style type of penetration testing which assesses security infrastructure by identifying and remediating existing flaws and system vulnerabilities within the network. The aim of blue team testing is to patch and fix weaknesses which could be exploited by a hacker assuming they have gained access to the network, whereas red team testing places the penetration tester outside the network like a real-world hacking scenario.

Bot management is a way for websites to filter which bots to allow for optimum website performance, and which bots to block based on predefined rules configured during the web development cycle and deployed within security software such as Web Application Firewalls (WAF). More advanced technologies such as machine learning and user behavioural analytics (UBA), can also manage bots by differentiating them from human users with tools such as google reCAPTCHA, and cookie banners.

Bring Your Own Device (BYOD) is used by many businesses to allow employees to access their corporate systems and online work environments using their personal smartphone, tablet, or PC. Every organization which allows employees to use their own devices for work related activities is required to have a BYOD policy in place to maintain business security regarding the use of personal IT equipment.

A certification body is a third-party organization that independently verifies individuals and companies for the purposes of awarding standards and accreditations for a variety of milestones and achievements. For example, companies requiring compliance certifications are often awarded by the International Electrotechnical Commission (IEC) for achieving ISO related standards. Similarly, companies seeking to achieve Cyber Essentials will be awarded by the National Cyber Security Centre (NCSC).

CHECK, which refers to ‘IT Health Check Service’ is a security standard which has been developed by the National Cyber Security Centre (NCSC) to be used as a trust signal for government and public sector organizations that require penetration testing services in line with statutory frameworks. Cyber security vendors seeking to win contracts with public organizations will therefore need to ensure that their pen testing services are CHECK approved. (See also, CREST penetration test)

What is CHECK and CREST Penetration Testing?

Cloud infrastructure entitlement management is a process of managing the rights and privileges of users and machines for accessing cloud resources. CIEM uses machine learning and user and entity behaviour analytics (UEBA) to manage identities and credentials, as well as to monitor and control usage. It authorizes users to access cloud services based on the ‘least privileged access model’ which allows them to only access those services necessary for task completion, significantly reducing the attack surface in the cloud.

The CIS Controls (formerly known as Critical Security Controls) are a recommended set of safeguards for cyber defence that provide specific and actionable ways to stop attacks against systems and networks. The current version, Release 8, contains 18 controls that can be implemented alone or in combination to protect your systems and data. The controls are organized by activities such as data protection, account management, penetration testing and malware defences.

The Chief Information Security Officer (or CISO) is responsible for company information and data security. The CISO ensures that an information security plan is developed and implemented, and that security policies are being followed by employees and clients to protect company data from cyber threats and maintain security compliance across all systems and processes.

Cloud application security (cloud app security) consists of the working practices, policies and controls that organizations can implement to secure their cloud environments. In terms of software this may include using solutions such as cloud access security brokers (CASBs) and web application firewalls (WAFs), as well as through operational controls such as cloud infrastructure entitlement management (CIEM) and leveraging security best practice for users such as enforcing multifactor authentication (MFA) for accessing cloud services.

Cloud encryption ensures data is secured when it is in storage, in transit, and while it is being accessed via cloud applications. The encryption process means that only authorized users can see the data by transforming it from plain text into ciphertext, making it unreadable to malicious entities and users on the web.

Cloud penetration testing is an effective method for assessing security within cloud infrastructure. With many organizations migrating to cloud technology, hackers have new opportunities to carry out cyber-attacks in this remote environment, such as exploiting insecure APIs. Cloud pen testing addresses known vulnerabilities and available information from cloud service providers to understand how to implement secure cloud configurations for individual businesses.

More about Cloud Pen Testing

Cloud security is all the technology and processes put in place to protect cloud computing environments, applications and data hosted in the cloud. Understanding the full scope of your cloud infrastructure and potential weaknesses, including weak credentials, insecure APIs, and outdated software, is key to keeping your cloud environment secured.

CrackMapExec is an open-source, post-exploitation tool designed to help penetration testers assess the security of large active directory networks. Because of the nature of the tool, CrackMapExec could be used for nefarious purposes or lead to accidental data loss if not used correctly.

A code of conduct is a set of principles, standards, and moral and ethical expectations that employees and third parties are held to as they interact with the organization. Codes of conduct help ensure that all your employees are working in a safe and healthy environment. In addition to being a legal requirement in many countries, codes of conduct are also important for retaining and attracting top talent.

Compromise assessments are a type of forensic security assessment that check for past or ongoing breach attempts using advanced security tools and human expertise. They can uncover evidence of hacking attempts and highlight any outstanding security weaknesses that could lead to further attacks to assist and advise companies on what steps they need to take to strengthen their security.

Configuration testing, also known as a configuration review or configuration assessment, is a security practice that involves evaluating the settings of various components within an IT infrastructure to ensure they align with security best practices and meet the organisation's security requirements. Config testing aims to identify misconfigurations, weaknesses, or deviations from secure configuration guidelines that could potentially expose systems to security risks or vulnerabilities.

Container security is the implementation of security tools, procedures and best practices put in place to ensure all containers are running as expected and remain protected from cyber threats and vulnerabilities.

The Council of Registered Ethical Security Testers (CREST) is an independent organization which provides a certification standard for cyber security vendors who provide penetration testing services for the third sector. CREST works in collaboration with the National Cyber Security Centre (NCSC) to ensure that the accreditation meets the statutory requirements for penetration testing for those vendors working with private sector organizations. (See also, CHECK penetration test)

Cryptography in cyber security is the practice of encoding files, data, and communication so that only authorized parties can 'decrypt' and read the files. File encryption uses rule-based algorithms to protect the confidentiality of data in storage and in transit- for example, by encrypting plain text into cipher text during an email transmission.

Cyber supply chain risk management (C-SCRM) is an organized approach to proactively address potential cyber security threats that can impact your supply chain and IT operations. This helps you to lower the potential impact of supply chain disruptions, while also maintaining product availability and protecting your brand reputation.

Cyber Essentials Plus is an independently verified on-site assessment of the five Cyber Essentials technical controls. Assessors will seek to understand whether your current security controls are in scope and working correctly. Cyber Essentials Plus can only be obtained within 3 months of your last Cyber Essentials assessment but will hold greater significance with customers and partners, than simply having a Cyber Essentials certification.

Cyber Essentials is an independently verified self-assessment questionnaire where the goal is to get all questions correct/compliant to obtain a pass. Having the Cyber Essentials certification demonstrates that your organization is taking cyber security seriously and has the five technical controls in place: access controls, firewalls and routers, malware protection, secure configuration, and software updates.

More about Cyber Essentials

Cyber Incident Response (CIR) is a systematic approach to managing and mitigating the impact of cyber security incidents, which involves taking steps to detect, contain, investigate, eradicate, and recover from security breaches. Organisations often have their own processes for dealing with cyber incidents to identify attacks, minimise the effects, contain damage and remediate the cause to decrease the likelihood of future incidents.

More about Cyber Incident Response

The cyber kill chain is a 7-step process that forms the basis of a cyber attack. By understanding the aims, strategies and technologies used at each stage of an attack, security defences and penetration testers can use the same principles as threat actors to counteract and manage the cyber kill chain.

What is the Cyber Kill Chain?

Data integrity refers to the accuracy, completeness, consistency, and validity of data. By ensuring that your data is free of errors and uncorrupted by unauthorised users, organisations can guarantee that data in their database is reliable and accurate. Data integrity is also essential to comply with the GDPR.

Data security is the protection of digital data from unauthorized use or exposure that threatens the confidentiality, integrity, and availability of that information. To ensure effective data security, organisations maintain physical and logical access control, implement strong authentication protocols, encrypt sensitive data, use secure backup systems, and regularly test security measures.

Defence in depth is a mature security strategy that combines multiple tools and processes to create a multi-layered cyber defence. If an attacker gets through one layer of cyber defences, such as breaching a firewall, there is another layer to stop them, such as an IPS.

A DoS (denial-of-service) attack is an attempt to make a computer or network resource unavailable to its intended users. DoS attacks are typically carried out by flooding the target with more requests than it can handle, effectively denying service to legitimate users, rendering it effectively offline. DDoS (distributed denial-of-service) attack is a type of DoS attack that uses multiple compromised computers to flood the target with requests. DDoS attacks are more difficult to defend against than DoS attacks, as they are launched from a large number of sources around the world.

Digital forensics in cyber security focuses on the identification, collection, analysis, and preservation of evidence from electronic devices and digital systems in response to a cyber attack. By using forensic methodology, investigators can uncover the digital footprint that hackers leave behind after an attack, for example by using evidence found in log file and system data to reveal how an attack took place.

More about Digital Forensics

Data loss prevention (DLP) is the process of identifying and protecting sensitive data, including information about customers, employees, and company intellectual property. DLP protects sensitive data from being accessed by unauthorized users through encryption and access control implemented by the company DLP policy.

In cyber security, a demilitarized zone (DMZ), also known as a network perimeter, is a security barrier that restricts untrusted traffic from entering your private network. The goal of a DMZ is to allow businesses to access untrusted networks, such as the internet, while safeguarding their private and local area networks. If a hacker were to successfully breach an organisation’s network, they would only compromise the DMZ perimeter, and not the main network it is shielding. A DMZ is considered more secure than a firewall..

The Data Protection Act is a British law that was created to regulate the processing of personal data and protect the privacy and security of UK residents. The DPA applies to any individual who is in control of personal information, as well as any company that processes such information on behalf of another company or organization, giving people more control over their personal information and how it can be used.

A DPIA, Data Protection Impact Assessments, is the framework by which you can make sure whatever your business is doing is compliant with the ‘by design and default’ section of the UK GDPR. A DPIA makes you look at each element of the project, process or system and analyse impact this has on data protection.

What is a DPIA?

Data Protection Officers (DPOs) are responsible for the protection of personal data. And are usually found in multinational companies and organizations that handle large amounts of personal data. The role of a DPO is to ensure that the company complies with all data protection laws. They do this by monitoring compliance, advising on data protection, carrying out audits and investigations, and providing training to staff. DPO responsibilities includes monitoring compliance, advising on privacy, carrying out audits and investigations, and providing training to staff.

More about DPO What is a Data Protection Officer?

A Data Subject Access Request – or DSAR for short – is when someone asks an organization for a copy of all personal data, they hold about them. As a data subject, you have the right to request access to your personal data, which a company is required to provide you in a clear and structured way. On the surface it sounds like it could be a simple task, but finding, collecting, and providing this information can be an extremely time-consuming and complicated process for businesses who aren’t prepared.

Encryption protects the confidentiality and integrity of data by encoding data this is stored or sent across a network, so that it cannot be read by anyone other than the intended recipient or those who are authorized to do so. The three main types of data encryption are DES, AES and RSA which provide varying levels of security by using symmetric and asymmetric keys, hashing and randomization techniques.

Ethical hacking also known as white hat hacking, is a cyber security practice which consists of authorizing a certified security specialist to investigate IT systems to find weaknesses and security flaws before they are exploited. Additionally, ethical hacking also entails finding previously disclosed security vulnerabilities and identifying looming threats.

What is Ethical Hacking?

The Federal Information Security Management Act (FISMA) was signed into law on November 24, 2002, as Title III of the E-Government Act of 2002 as United States federal law. The law requires all federal government agencies to develop, document, and implement an information security program. The goal of FISMA is to improve the security of government IT assets and improve the efficiency and effectiveness of the government's use of information technology through consistent and effective application of information security practices across federal government agencies.

Footprinting is the technique of gathering information about the security of a system or network. It is often used by hackers to gain information about potential targets that they can later attack. Public footprinting can be done manually and involves gathering information that is publicly available. Private footprinting on the other hand involves more intrusive methods and requires direct access to systems, often utilizing port scanners, vulnerability scanners, and database scanners to create a line of attack.

Fuzzing is a black box software testing technique that involves providing invalid, unexpected, or random data as inputs to a program. The program is then monitored for crashes or unexpected output. Fuzzing is also used in the dynamic analysis phase of the Software Development Life Cycle (SDLC) as part of the Quality Assurance process and can reveal many programming errors such as buffer overflows, syntax errors, and unimplemented features. Fuzzing can also uncover configuration errors such as memory leaks, race conditions, and potential exploitations of input validation errors.

The General Data Protection Act (GDPR) is a regulation that seeks to uphold the protection of an individual’s privacy and data rights. The GDPR exists to safeguard the rights and freedoms of individuals and regulate the processing and movement of personal data. The GDPR applies to all businesses who process the personal data of EU and UK citizens and offer goods or supply services to the UK/EU.

More about GDPR

Grey box penetration testing is a combination of white-box and black-box testing that employs limited knowledge of the internal structure, design, and architecture of the target system. The tester has some knowledge about how the target system operates but does not know all the details.

The Health Insurance Portability and Accountability Act (HIPAA) is a law concerning the privacy and security of patient health information. The HIPAA law consists of a set of standards that protects patient health information from being disclosed or shared without patient knowledge or consent.

The Information Commissioner’s Office (ICO) is the UK’s independent data protection regulator, responsible for upholding the information rights in the public interest. The ICO is tasked with investigating data breaches and complaints, ensuring businesses comply to data protection principles, and guiding individuals and organizations by promoting good information governance.

As defined by the OWASP Top 10, "Insecure Direct Object Reference (IDOR) occurs when an application exposes a reference to an internal implementation object. Used this way, it reveals the real identifier and format/pattern used of the element in the storage backend side. The most common example of this is a record identifier in a storage system (database, filesystem and so on).”

Infrastructure penetration testing, sometimes called network penetration testing, is a simulated attack on your IT system infrastructure and to evaluate its security posture and identify vulnerabilities. The goal of infrastructure pen testing is to uncover any weaknesses in the system that could be exploited by a malicious attacker, and to provide recommendations for improvement to enhance the overall security of the infrastructure.

Internal and external infrastructure testing are two different approaches to penetration testing that focus on different aspects of an organisation\s IT network and systems. Internal infrastructure testing simulates an attack from within the network. It aims to identify security weaknesses that could be exploited by an insider or someone who has already gained access to the network. External infrastructure testing, on the other hand, simulates an attack from outside the network. It aims to identify security weaknesses that could be exploited by an attacker who is not on the internal network, such as someone accessing the network from the internet.

ISMS stands for Information Security Management System and is the core component of ISO 27001. It’s the framework that outlines all security risks and your controls for them. It covers people, processes and technology and typically encompasses your entire organization, securing your corporate information assets confidentiality, integrity, and availability (CIA).

What is ISMS?

ISO 27001 is the leading international standard on how to manage information security and outlines the requirements for implementing an information security management system (ISMS). By achieving ISO 27001 certification, your organization demonstrates a commitment to information security, enriches your security culture, and helps to reduce the impact of a data breach.

More about ISO 27001

A Legitimate Interest Assessment is applicable under GDPR to aid the lawful processing of data either by consent, contractual or legal requirements, vital or public interest, or other legitimate interest criteria. An LIA seeks to define the data subject within the context of the data being processed to establish the necessity of processing the data and the rights of the data subject.

Managed Detection and Response (MDR) combines technology, threat intelligence, and human expertise to proactively detect, respond to, and mitigate cyber threats. The main goal of MDR is to enhance an organisation's ability to detect and respond to threats quickly and effectively, minimising the impact of potential security incidents. MDR services are typically provided by specialised cyber security companies or Managed Security Service Providers (MSSPs).

More about Managed Detection & Response

A MITM (man-in-the-middle) attack is where an attacker secretly relays and/or alters the communications between two parties without them knowing. The attacker can then eavesdrop on the communications or modify them to their own advantage. MITM attacks are a serious threat to security, as they can be used to steal sensitive information, such as passwords, credit card numbers, or other personal data.

Metasploit is an open-source framework for offensive and defensive cyber security. It provides a safe environment for security researchers to write and test their exploits and weapons. Metasploit is also widely used by both offensive and defensive pen testing teams as one of the most powerful automated and manual penetration testing tools available, with a variety of applications from use in military and government agencies to banking and healthcare industries.

Multi-factor authentication (MFA) is a login process by which the user establishes their identity via multiple sources using passwords, physical devices, and biometric data to confirm their credentials. MFA uses various login methods such as one-time passwords, PIN numbers, biometrics, security questions and authentication apps following the principles of something which is known (a password), something which the user has (for example, a mobile phone), and something which the user is (like a fingerprint). (See also, 2FA)

A mobile application penetration test is a comprehensive security review where a qualified tester takes on the role of a hacker. They’ll attempt to uncover and exploit security vulnerabilities or misconfigurations specific to your mobile application. Mobile application penetration testing provides vital information on how to secure your app and, ultimately, helps keep your organization and its customers secure online.

More about Mobile Pen Testing

Network penetration testing, sometimes also known as infrastructure penetration testing, is a type of security testing that focuses on evaluating the security of a network infrastructure. It simulates an attack on the network with the goal of identifying and exploiting vulnerabilities in the network's systems, devices, and configurations. Common areas of focus include identifying weak passwords, unpatched systems, and misconfigured network devices. Network pen testing can help your business identify and remediate potential security weaknesses before they can be exploited by malicious actors.

More about Network Pen Testing

Network security ensures that no unauthorized users have access to the network, using cutting-edge machine learning systems such as IDS to detect unusual traffic and send alerts about threats in real-time. Typical network security measures include using strong up-to-date encryption standards, firewalls (including web application firewalls), and ensuring patching on network firmware and devices such as switches and routers is up to date.

The NHS Digital Security and Protection Toolkit (DSP) is a self-assessment tool designed to aid the NHS and other health care services, to comply with data and security standards such as GDPR and NIS (Network and Information System) regulations. NHS DSP results are measured against the National Data Guardians, (an independent body for the health and social care sector) data security standards.

More about NHS DSP Toolkit

A Network-Based Intrusion Detection System (NIDS) monitors network traffic patterns to detect suspicious activity. Sensors are placed at strategic check points, such as the DMZ or behind a firewall analysing each individual packet (inbound and outbound) for malicious activity. It is crucial to consider where the sensors are placed to optimize visibility. A single sensor can monitor several hosts, but multiple NIDS might be required depending on the amount of traffic travelling to and from network devices. If abnormal traffic is found, the NIDS will send an alert to the administrator to investigate. Abnormal behaviour could include network-level Denial of Service attacks, port scanning, or a sharp increase in network traffic.

The National Institute of Standards and Technology (NIST) Cybersecurity Framework is a set of voluntary but critical practices for reducing cyber risks that can be implemented by both public and private sector organizations. It provides a common language for cybersecurity and outlines an approach to help protect the confidentiality, integrity, and availability of information systems.

Open-Source Intelligence (OSINT) is the process of gathering information from publicly available sources such as the surface web or deep web to build profiles of individuals or companies for the purposes of penetration testing. It can, however, also be used by threat actors due to the accessibility of the information.

The Payment Card Industry Data Security Standard (PCI DSS) is a global standard which was created to guide organizations that are storing, processing, or transmitting credit card payments on how to protect payment card data. The standard mandates businesses that wish to accept card payments to undertake an annual PCI DSS audit of the security measures in place protecting sensitive data.

The Privacy and Electronics Communications Regulations (PECR) are a set of laws that govern the use of electronic devices and outlines what marketing activities organisations can and cannot do without consent. PECR complements the UK GDPR and is in place to protect the confidentiality of the content that is exchanged through electronic devices, such as phones, email, text, or the use of cookies on your website.

What is PECR?

Penetration testers use a combination of open-source tools and licensed software to support security testing. These include port scanners to analyse traffic sources, web app and network scanners for automated vulnerability scanning, network sniffers used to track web traffic, and proxy tools that can intercept requests flowing between the client-side browser and the internet.

A penetration test, also known as a pen test or ethical hacking, is an agreed upon security exercise whereby certified security professionals assume the role of a hacker and attempt to methodically breach systems in-line with an agreed scope. At the end of the exercise, a full report outlines every security weakness uncovered so you know what to fix to strengthen your security posture. Penetration tests should be conducted at least annually.

More about Penetration Testing

Penetration testing (pen testing) and vulnerability assessments (VA scans) are different forms of security testing that have different goals and methods. Pen testing aims to enumerate and exploit all vulnerabilities, while VA scans use automated processes to quickly check for known, previously disclosed vulnerabilities. Pen testing is a more in-depth evaluation of security, while VA scans provide a quicker overview of potential vulnerabilities. Both are important components of a comprehensive security program.

Phishing is a term used to describe several types of cyber-attack which rely on deception and human error to allow unauthorised user profile and systems access. The most common and widely recognised form of phishing is emailing users to trick them into giving away login details or other sensitive information, although it can also be carried out over voice and text as a first point of contact for threat actors. (See also, Social Engineering).

What is Phishing?

Physical penetration testing evaluates the physical and procedural security of your business environment. This type of testing simulates real-world scenarios in which an attacker might attempt to physically access sensitive areas to steal information or cause damage. Physical pen testers evaluate physical security measures such as procedures, locks, cameras, alarms, and access controls, and attempt to bypass or defeat them. Physical pen testing can help you better understand your physical and procedural security to implement stronger security controls to prevent unauthorised access.

Penetration Testing as a Service (PTaaS) is a regular outsourced penetration test that provides a continuous cycle of testing and remediation for organizations to assess their security and uncover any risks and security loopholes that could be exploited by hackers. PTaaS include a range of pen test types, such as infrastructure, network, cloud, and physical penetration testing.

Public Cloud is a type of cloud computing that offers shared resources, such as processing power, storage space, and software applications. Amazon AWS, Microsoft Azure, and Google's GCP (known as the big three) are the most widely used public cloud service providers, and from a security perspective they work with businesses using the shared responsibility model, meaning that both the cloud provider and the business are responsible for securing the environment.

To improve their cyber capabilities, red and blue teams work together to provide continuous feedback and share data. Security teams can benefit from purple teaming in terms of vulnerability detection, threat hunting, and network monitoring by creating new methods to prevent and detect new threats by accurately simulating common scenarios and providing continuous feedback and knowledge transfer.

Quishing is a type of social engineering attack which uses QR codes to direct users to fake webpages or download malicious files and software. Once a user scans the QR code they are brought to a phishing site which attempts to steal sensitive information or initiates a download.

What is Quishing?

Ransomware is a type of malware that infects IT systems and encrypts the victim's data, then typically demanding a ransom payment in exchange for the decryption key. Ransomware attacks can be devastating for businesses and individuals alike, as they can lead to permanent loss of critical data. Most ransomware attack originate as social engineering attempts.

What is Ransomware?

Reconnaissance (or recon) is the first stage in the ‘cyber kill chain’ for both hackers and penetration testers, where publicly available information is gathered to build a profile of the target. Bulletproof’s threat recon scan shows you this information, letting you know what your business looks like to a hacker, and helping you secure it against attacks.

Red team testing is a mix of penetration testing, social engineering, and physical intrusion. Testers will follow the same process as a standard penetration test to compromise data but will also see if they can exploit physical technological flaws to gain access to buildings and data centres. Red team testing will often involve attempting to gain entry to the target premises, requiring pen testers to impersonate authorized employees, site staff or official visitors. As a result, red team testing can provide businesses with key insights into site security and employee awareness to inform staff training and the implementation of further security measures.

More about Red Teaming

A Record of Processing Activities (ROPA) is a set of documents that are required to be maintained and updated under GDPR by the data controller to keep comprehensive records. This includes data mapping to track processing activities, providing detailed records of all personal data transfers, and documenting security measures that are currently in place.

Security and compliance certifications apply to various frameworks that businesses adopt to ensure that they are operating lawfully. For example, businesses accepting credit card payments online usually require a Payment Card Industry Data Security Standard (PCI DSS) certificate. Other compliance standards, such as Service Organization Control Type 2 (soc 2) and ISO 27001 are also recommended for any business that handles sensitive data within IT systems. Certifying against security and compliance standards is also the best way to build trust with vendors and ensure that regulations are being met.

Social engineering is where humans are manipulated into providing access to sensitive information or systems. It usually involves psychological manipulation and deception to exploit human vulnerabilities, often relying on trust and persuasion to trick individuals into revealing confidential information, perform certain actions, or grant access to protected systems. (See also, Phishing)

SOC 2 (Service Organization Control 2) is a compliance standard set by the AICPA (American Institute of Certified Public Accountants). By achieving SOC 2 compliance, organizations can provide their customers with assurance that their sensitive data is protected and that appropriate controls are in place to manage security risks. SOC 2 compliance is becoming increasingly important for organizations that handle sensitive customer data, especially those in highly regulated industries such as finance, healthcare, and technology.

More about SOC 2

Supplier due diligence is an action taken by an organization to identify and understand the credibility and suitability of a prospective partner or vendor. Conducting supplier due diligence can help guide decision-making when choosing the right vendor, detect risks with potential suppliers and protect customer data in the process. It's also considered good business practice and can help mitigate future financial and reputational damage caused by a data breach.

A third country is any country, in addition to the EU member states and the three other EEA countries (Norway, Iceland, and Liechtenstein) that has an approved national law in place for implementing the GDPR.

Third party risk management (TPRM) is a form of risk management that involves identifying, assessing, and diminishing risks associated with third-party vendors, suppliers, service providers, contractors, and all other parties external to a business. TPRM aims to give companies full visibility across the supply chain including overseeing supplier due diligence and contingency planning.

Two-Factor Authentication (2FA) confirms login credentials using two verification methods. Most commonly these are the user password backed up by a PIN number sent to a personal device. As well as using a physical token, two-factor authentication methods can use a security question, authentication apps, such as Google authenticator, and biometric data to confirm user identity. (See also, MFA)

"VAPT" stands for "Vulnerability Assessment and Penetration Testing." It is a process of testing the security of a computer system or network to identify vulnerabilities that an attacker could exploit. VAPT can be performed on a regular basis to identify and remediate security weaknesses before they are discovered and exploited by attackers. As the name suggests, VAPT is a mix of automated vulnerability scans and manual penetration testing techniques.

A virtual Chief Information Security Officer, or vCISO, helps organisations develop, manage, and often implement an information security program. A vCISO is an outsourced role and a popular option for SMEs that don’t have the budget to hire a full-time CISO internally.

More about vCISO What is a vCISO?

Virtual machines allow you to run multiple operating systems on one computer. This is a great way to test software or to work on a project that requires the use of different operating systems. Virtual machines are used by hackers and security professionals alike to either disguise a malware payload (in the case of hacking) or to analyze malware that has been successfully isolated from the network.

Virtual Private Network (VPN) encrypt the internet connection and allows users to surf the web anonymously, which is especially useful when using public Wi-Fi hotspots as data is encrypted and cannot be intercepted by anyone else on the network. VPNs can also bypass geographic restrictions for streaming sites like Netflix and Hulu, making the user appear as if they are in a different location online. This also makes VPNs popular with hackers to disguise their real-world location.

Vulnerability scanning, or VA scanning is a proactive security practice that involves regularly scanning computer systems, networks, or applications to identify vulnerabilities and weaknesses that could be exploited. It is an essential part of vulnerability management in cyber security, and helps organisations identify potential security risks and take appropriate actions to mitigate them.

More about Vulnerability Scanning

A web application penetration test is a comprehensive security assessment where a team of specialized and accredited pen testers attempts to uncover and exploit security vulnerabilities and misconfigurations in your web application. Web application penetration testing provides vital information on how to secure your web app and, ultimately, helps keep your organization secure online.

More about Web App Pen Testing

Web application security refers to security measures which are specific to web apps to protect against vulnerabilities. A web application vulnerability is a flaw in the design of the software that can be exploited by hackers including Cross-site scripting (XSS), SQL injection, Insecure direct object references and Insecure deserialization.

White box testing offers a thorough security assessment in which the penetration tester has background information on the application or infrastructure they are testing and has been granted full permissions access prior to testing. In some cases, they may even have access to source code and/or a detailed map of the internal infrastructure to work with. The tester will probe for vulnerabilities and misconfigurations to try and gain access from an external position, as well investigating what damage can be done from an internal perspective. (See also, black box testing)

A wireless network penetration test is a comprehensive security review where a qualified pen tester takes on the role of a hacker. They’ll attempt to uncover and exploit security vulnerabilities or misconfigurations specific to your wireless network. Wireless network penetration testing provides vital information on how to secure your app and, ultimately, helps keep your organization secure online.

More about Wireless Pen Testing

The zero-trust model is a security methodology that demands identity verification for every person and device trying to access networked resources, and assumes that there is no security perimeter and, as such, regards everything as a potential threat. This can increase a business’ security posture in addition to reducing management and operational overheads.