| Terminology | Definition |
|---|---|
| SOC | Security Operations Center โ A centralized team that monitors, detects, and responds to security incidents in an organization. |
| DevOps | Development + Operations โ A collaborative approach to software development and IT operations. |
| DevSecOps | Development + Security + Operations โ Extends DevOps by integrating security practices throughout the development lifecycle. |
| CIRT | Computer Incident Response Team โ A group that responds to computer security incidents within an organization. |
| CSIRT | Computer Security Incident Response Team โ Similar to CIRT, but emphasizes broader security incident handling. |
| CERT | Computer Emergency Response Team โ A specialized group that handles and coordinates responses to major security incidents. |
| Assets | Anything of value to an organization (data, systems, hardware, software, people). |
| Threats | Any potential danger that could exploit a vulnerability and cause harm. |
| Threat Agents | Entities (human or non-human) that carry out threats, such as hackers, insiders, or malware. |
| Vulnerability | A weakness in a system, process, or control that can be exploited by a threat. |
| Insider Threats | Security risks that originate from within the organization (employees, contractors, partners). |
| Threat Actor | Any individual or group responsible for a malicious action or attack. |
| Service Disruption | An event that interrupts or degrades the normal operation of services (e.g., DoS attack). |
| Data Exfiltration | Unauthorized transfer of data from a system, often by attackers. |
| Hacker | A person who uses technical skills to gain unauthorized access to systems. Motivations may vary. |
| Hacktivist | A hacker motivated by political, social, or ideological reasons. |
| APT (Advanced Persistent Threat) | A prolonged and targeted cyberattack where an intruder gains and maintains access to a network. Typically state-sponsored. |
| Nation-State Actors | Government-backed hackers with significant resources, often focused on espionage or disruption. |
| Shadow IT | Hardware, software, or services used within an organization without official approval. |
| Lure | A social engineering tactic used to trick users into taking an unsafe action. |
| Supply Chain | The network of organizations, people, and processes involved in delivering products or services โ a frequent attack target for inserting vulnerabilities. |
Confidentiality โ Protect data from unauthorized access.
Integrity โ Ensure data is accurate, unchanged, and reliable.
Availability โ Ensure data/resources are accessible when needed, without compromising confidentiality or integrity.