APT Advanced Persistent Threat — A prolonged, targeted cyberattack where an intruder gains access to a network and remains undetected for an extended period.
C2 Command and Control — Infrastructure used by threat actors to communicate with and control compromised systems.
CVE Common Vulnerabilities and Exposures — A standardized naming system for publicly known cybersecurity vulnerabilities.
CVSS Common Vulnerability Scoring System — A numerical scoring framework (0-10) for assessing the severity of security vulnerabilities.
DDoS Distributed Denial of Service — An attack that overwhelms a target with traffic from multiple sources to make it unavailable.
EDR Endpoint Detection and Response — Security solutions that monitor endpoint devices for threats and provide investigation and response capabilities.
IoC Indicator of Compromise — Forensic artifacts that identify potentially malicious activity on a system or network.
Lateral Movement Techniques attackers use to progressively move through a network after gaining initial access, searching for key data and assets.
MITRE ATT&CK A knowledge base of adversary tactics and techniques based on real-world observations, used for threat modeling and defense planning.
Phishing A social engineering attack that uses deceptive emails, messages, or websites to trick users into revealing sensitive information.
Privilege Escalation The exploitation of a vulnerability to gain elevated access to resources that are normally restricted.
Ransomware Malware that encrypts a victim's files and demands payment for the decryption key.
RCE Remote Code Execution — A vulnerability that allows an attacker to execute arbitrary code on a target system remotely.
SIEM Security Information and Event Management — Software that aggregates and analyzes security data from across an organization's IT infrastructure.
SOC Security Operations Center — A centralized team that monitors, detects, and responds to cybersecurity incidents.
Supply Chain Attack An attack that targets less-secure elements in a supply chain to compromise a primary target through trusted software or hardware.
TTP Tactics, Techniques, and Procedures — Behavioral patterns used by threat actors to carry out attacks.
XSS Cross-Site Scripting — A web vulnerability that allows attackers to inject malicious scripts into pages viewed by other users.
Zero Trust A security model that requires strict identity verification for every person and device attempting to access resources, regardless of network location.
Zero-Day A vulnerability that is unknown to the software vendor and has no available patch, making it highly valuable to attackers.