Cyber Security


A Host Based Security System. Commercial-off-the-shelf (COTS) suite of software applications. Monitors, detects, and defends the Department of Defence (DoD) computer networks and systems.  


Stands for Host Intrusion Prevention System. Aims to protect endpoint devices. Stops malware by monitoring the behavior of the code.

Identity and Access Management

A framework of policies and technologies that facilitates the management of electronic or digital identities. Controls who is authenticated and authorized to use resources.

Incident Response

A method of rapidly responding to security breaches or cyber attacks. Aims to detect an attack, limit the damage, manage it in a way that reduces recovery time and costs.

Information Assurance

A practice of protecting information and managing risks related to the use, processing, storage, and transmission of data and information systems. It ensures availability, integrity, authentication, confidentiality, and non-repudiation.

Information Security

An acronym of Information Security. It is practice of preventing unauthorized access as well as abuse of illegally acquired information. This also includes disclosure, modification, disruption or destruction, inspection or recording of information.

Intrusion Detection

Monitors a network or systems for malicious activity, policy violations or port scanners. Raises alerts on recognizing a known threat’s signature.


Stands for an intrusion prevention system. Identifies malicious activities such as policy violations or security threats. Denies network traffic based on a security profile and reports it.


ISO framework developed by the International Organization for Standardization. Helps organizations manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.


Stands for the Information Technology Infrastructure Library. It's a framework of best practices for delivering IT services within a business. Aims to improve efficiency and achieve predictable service delivery.


Stands for Control Objectives for Information and Related Technologies. Created by a professional association ISACA, it is a roadmap for IT management and governance, information security, audit and risk management.

log analysis

A process of analyzing computer-generated records to diagnose and resolve issues within an application. Helps mitigate a variety of risks and meet compliance regulations.


Any software used to disrupt computer operations. Once it gains access to private computer systems, it can gather sensitive information or display unwanted advertising. There are many malware types that perform different functions; e.g., spyware, trojan horse, ransomware, worms, viruses, etc.

Malware Analysis

A process of determining and analyzing the functionality, origin and potential impact of given malware samples.


A remote vulnerability scanner, that is used during vulnerability assessments and penetration testing engagements, including malicious attacks.

Network Address Translation

A process of translating the IP addresses of computers in a local network to a single IP address. It helps decrease the number of public IP addresses an organization or company use, for both economy and security purposes.

Network Security

A practice of preventing and protecting the underlying networking infrastructure against unauthorized intrusion into corporate networks. It is designed to protect the usability and integrity of the network and data.

Next Generation Firewall

A part of the third generation of firewall technology. It's a more advanced version of the traditional firewall that performs a more in-depth inspection. Includes such features as application awareness and control, integrated intrusion prevention, cloud-delivered threat intelligence.

NIST Cybersecurity Framework

US Government guidance for private sector organizations that assesses and improves their ability to prevent, detect, and respond to cyber attacks. 


Stands for the Payment Card Industry Data Security Standard. Aims to increase controls around cardholder data to reduce credit card fraud.


An enterprise security information and event management (SIEM) product. It provides security teams with the visibility and analytics needed to quickly detect, investigate and respond to threats. It"s available on premises and in a cloud environment.

Risk Management Framework

Federal government policy and standards that dictate how United States government IT systems must be architected, secured, and monitored. It helps secure information systems developed by the National Institute of Standards and Technology.


A process of selecting a path for traffic from source to a particular destination. Performed by a router. 

SANS GIAC certifications

Global Information Assurance Certification founded by the SANS Institute. It offers more than 30 security certifications across different levels. Ensures that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

Security Architecture

A plan and set of principles that should be provided to achieve security goals. Defines when and where to apply security controls.

Development by

Sign up for updates
straight to your inbox