The Future of NDR Solutions: Integration Requirements for 2026 and Beyond.

Read More

Top Use Case of SIEM for Threat Detection Every Enterprise CISO Should Know.

Download Ebook

Unified Security in Action: Achieving Complete Visibility and Rapid Response.

Watch Webinar
Talk To An Expert

Cyber Glossary

Fundamental Concepts and Terms of Cybersecurity

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

  • Advanced Threat Detection

    What is Advanced Threat Detection? Advanced threat detection (ATD) is the process of identifying complex cyberattacks that traditional tools miss. It uses automation, analytics, and…

  • Attack Surface Discovery

    What is Attack Surface Discovery? Attack surface discovery is the systematic process of identifying, mapping, and understanding all potential entry points and vulnerabilities across an organization's…

  • Attack Surface Intelligence

    What is Attack Surface Intelligence? Attack Surface Intelligence (ASI) is the practice of identifying, mapping, and monitoring every potential point a threat actor could exploit…

  • Automated Incident Response

    What is Automated Incident Response? Automated Incident Response is the practice of using technology to detect, respond to, and remediate security incidents with minimal human…

  • Automated Threat Detection

    What is Automated Threat Detection? Automated Threat Detection is the use of advanced technology, including artificial intelligence (AI) and machine learning, to automatically identify, analyze,…

B

  • Brand Exposure

    What is Brand Exposure? Brand exposure is the total footprint of your brand across the internet and cloud environments. It includes official websites, social profiles,…

C

  • Cloud Assessment

    What is Cloud Assessment? Cloud assessment is the systematic evaluation of an organization's cloud infrastructure, security controls, compliance posture, and operational practices to identify vulnerabilities, misconfigurations, and…

  • Cloud Threat Hunting

    What is Cloud Threat Hunting? Cloud threat hunting is the proactive process of actively searching for cyber threats, suspicious behaviors, and hidden adversaries within cloud…

  • Cyber Risk Quantification

    What is Cyber Risk Quantification? Cyber Risk Quantification (CRQ) is the systematic process of calculating and expressing cybersecurity risks in monetary terms, translating technical vulnerabilities…

  • Cyber Security Monitoring

    What is Cyber Security Monitoring? Cyber Security Monitoring is the ongoing process of detecting, analyzing, and responding to security threats across an organization’s IT environment. It’s a…

  • Cyber Threat Analysis

    What is Cyber Threat Analysis? Cyber Threat Analysis is the activity operation for identifying, assessing, and interpreting potential cybersecurity threats that could compromise an organization’s…

  • Cyber Threat Hunting

    What is Cyber Threat Hunting? Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat…

  • Cyber Threat Intelligence Services

    What are Cyber Threat Intelligence Services? Cyber Threat Intelligence Services help organizations understand, detect, and respond to evolving cyber threats. By collecting and analyzing threat…

  • Cyber Threat Management

    What is Cyber Threat Management? Cyber threat management is the continuous process of identifying, analyzing, prioritizing, and mitigating threats that could compromise an organization’s digital…

  • Cyber Threat Monitoring

    What is Cyber Threat Monitoring? Cyber threat monitoring is the continuous process of scanning, analyzing, and responding to potential security risks across an organization's digital…

  • Cybersecurity Management

    What is Cybersecurity Management? Cybersecurity Management encompasses the strategic planning, implementation, and oversight of policies, processes, technologies, and resources organizations deploy to protect information systems,…

  • Cybersecurity Mesh Architecture

    What is Cybersecurity Mesh Architecture (CSMA)? Cybersecurity Mesh Architecture (CSMA) is a composable and scalable approach to designing distributed security systems that provide flexible, interoperable…

  • Cybersecurity Threat Detection

    What is Cybersecurity Threat Detection? Cybersecurity threat detection is the process of identifying malicious activity, suspicious behavior, or potential vulnerabilities within an organization’s digital environment…

D

  • Data Analytics as a Service (DAaaS)

    What is Data Analytics as a Service (DAaaS)? Data Analytics as a Service (often abbreviated DAaaS) is a cloud-delivered model that gives organizations on-demand access…

  • Data Lake Security

    What is Data Lake Security? Data lake security encompasses the comprehensive measures, technologies, and policies used to protect vast repositories of structured, semi-structured, and unstructured…

  • Data Risk Management

    What is Data Risk Management? Data Risk Management is the comprehensive process of identifying, assessing, prioritizing, and mitigating potential threats to an organization's data assets…

  • Database Monitoring Tools

    What are Database Monitoring Tools? Database Monitoring Tools are software solutions designed to continuously observe, measure, and analyze the health, performance, security, and activity of database…

  • Digital Operations

    What is Digital Operations? Digital Operations encompass the comprehensive strategies, processes, and technologies organizations implement to manage, automate, and optimize business functions using digital technologies…

  • Digital Risk Management

    What is Digital Risk Management? Digital Risk Management is the practice of identifying, assessing, and mitigating risks associated with digital technologies, platforms, and transformation initiatives.…

  • Digital Risk Protection

    What is Digital Risk Protection? Digital Risk Protection (DRP) is a proactive cybersecurity approach that monitors public and hidden online spaces to detect risks such as data leaks, impersonation, fraud,…

  • Digital Threat Monitoring

    What is Digital Threat Monitoring? Digital threat monitoring is the ongoing process of identifying, analyzing, and responding to digital risks that could impact an organization’s…

E

  • Endpoint Visibility

    What is Endpoint Visibility? Endpoint visibility refers to the capacity to see and understand the status, behavior, and security posture of every device within your…

  • Enterprise Data Security

    What is Enterprise Data Security? Enterprise Data Security refers to the policies, technologies, and strategies organizations use to protect sensitive information across their IT environments. As data becomes the lifeblood…

  • External Threats

    What are External Threats? External threats refer to malicious activities, actors, or events that originate outside an organization’s internal environment and attempt to compromise confidentiality, integrity,…

F

  • File Security

    What is File Security? File Security refers to the practices and technologies used to protect files from unauthorized access, alteration, or destruction. It's a critical…

G

  • Generative AI Security

    What is Generative AI Security? Generative AI security focuses on protecting the systems and data utilized by AI technologies that generate new content. This encompasses…

H

  • Hybrid Cloud security

    What is Hybrid Cloud Security? Hybrid Cloud Security refers to the strategies, technologies, and practices employed to protect data, applications, and infrastructure across a hybrid…

I

  • Identity Threat Detection and Response

    What is Identity Threat Detection and Response? Identity Threat Detection and Response (ITDR) is the practice of identifying, assessing, and mitigating risks associated with compromised…

  • Insider Threat Mitigation

    What is Insider Threat Mitigation? Insider Threat Mitigation encompasses the comprehensive strategies, technologies, and processes organizations implement to prevent, detect, and respond to security risks…

  • Internal Threats

    What is Internal Threats? Internal threats are security risks that originate from within an organization. These can stem from current or former employees, contractors, or…

  • IoT Monitoring

    What is IoT Monitoring? IoT Monitoring (Internet of Things Monitoring) is the systematic practice of collecting, analyzing, and managing data from Internet of Things devices…

  • IT and OT Convergence

    What is IT and OT Convergence? IT and OT convergence is the systematic integration of Information Technology (IT) systems responsible for data management and processing…

  • IT/OT

    What is IT/OT? IT/OT refers to the connection between Information Technology (IT) and Operational Technology (OT), two worlds that used to work separately but now…

  • ITOps

    What is ITOps or IT Operations? ITOps (IT Operations or Information Technology Operations) encompasses the comprehensive services, processes, and responsibilities that IT departments execute to…

J

  • Just-in-Time Access

    What is Just-in-Time (JIT) Access? Just-in-time access is a security methodology that grants users elevated permissions to systems and resources only when needed for specific…

K

  • Keystroke Logging

    What is Keystroke Logging? Keystroke logging is the practice of monitoring, recording, and analyzing keyboard inputs to capture typed information including passwords, personal data, and…

L

  • Log Access

    What is Log Access? Log access refers to the process of retrieving, monitoring, and analyzing log files generated by systems, applications, and network devices. These…

M

  • Managed EDR

    What is Managed EDR? Managed EDR (Endpoint Detection and Response) is a security service where specialized providers deploy, monitor, and manage endpoint detection and response tools…

  • Managed Threat Hunting

    What is Managed Threat Hunting? Managed threat hunting is a proactive cybersecurity service that involves actively searching for, identifying, and neutralizing advanced threats that may…

  • Mean Time to Detect (MTTD)

    What is Mean Time to Detect? Mean Time to Detect (MTTD) is a critical cybersecurity metric that measures the average time elapsed between when a…

N

  • Network Access Control

    What is Network Access Control? Network access control (NAC) is the practice and technology that decides who or what can connect to your network and what they’re allowed…

  • Network Operations Center (NOC)

    What is Network Operations Center (NOC)? A Network Operations Center (NOC) is the centralized team and facility responsible for continuously monitoring, managing, and maintaining an…

  • Network Performance Management

    What is Network Performance Management? Network Performance Management (NPM) is the continuous process of measuring, analyzing, and optimizing network infrastructure to ensure reliable connectivity, minimize…

  • Network Security Vulnerability

    What is Network Security Vulnerability? Network Security Vulnerability encompasses flaws, weaknesses, and potential exploits in system hardware, software, configurations, and organizational processes that adversaries can…

  • Network Visibility

    What is Network Visibility? Network visibility is the ability to see, understand, and control everything happening across network infrastructure. It's the foundation for making smart…

O

  • Operational Technology

    What is Operational Technology (OT)? Operational Technology (OT) encompasses the hardware and software systems that monitor and control physical devices, processes, and infrastructure in industrial…

  • OT Cybersecurity

    What is OT Cybersecurity? OT Cybersecurity refers to the strategies, technologies, and practices that protect operational technology systems - the equipment, controllers, sensors, and software…

  • OT Security

    What is OT Security? OT security is the discipline of protecting operational technology - the machines, controllers, sensors, and industrial systems that keep factories running,…

  • OT Threat Detection

    What is OT Threat Detection? OT threat detection is the practice of identifying and stopping cyber threats targeting operational technology (OT) - the hardware and…

  • OT Vulnerability Management

    What is OT Vulnerability Management? OT Vulnerability Management is the comprehensive program organizations implement to identify, assess, prioritize, and remediate security weaknesses across Operational Technology…

P

  • Proactive Threat Detection

    What is Proactive Threat Detection? Proactive threat detection is a preventative cybersecurity approach that involves actively searching for, identifying, and neutralizing threats before they can…

Q

  • Quality of Service

    What is Quality of Service? Quality of Service (QoS) is a comprehensive set of technologies and methodologies that manage network traffic to guarantee reliable performance…

R

  • Risk Operations

    What is Risk Operations? Risk Operations (RiskOps) is the systematic integration of risk management practices into day-to-day operational workflows, enabling organizations to identify, assess, monitor, and mitigate risks in real-time rather…

  • Risk Quantification

    What is Risk Quantification? Risk quantification is the systematic practice of converting cybersecurity risks into measurable financial terms using statistical methods and analytical frameworks. This…

S

  • Secure Cloud Analytics

    What is Secure Cloud Analytics? Secure Cloud Analytics refers to the process of analyzing data stored in cloud environments while ensuring robust security measures. It…

  • Secure Remote Access

    What is Secure Remote Access? Secure remote access encompasses the security measures, policies, and technologies organizations implement to enable employees to safely connect to corporate…

  • Security Risk Management

    What is Security Risk Management? Security risk management is the structured practice of identifying, assessing, prioritizing, and mitigating risks that could compromise an organization’s systems, data,…

  • SIEM Architecture

    What is SIEM Architecture? SIEM architecture defines how a Security Information and Event Management (SIEM) platform is designed, deployed, and integrated across an organization’s environment.…

T

  • Threat Detection Engineering

    What is Threat Detection Engineering? Threat Detection Engineering is the practice of designing, implementing, and refining systems that detect and respond to cyber threats efficiently.…

  • Threat Hunting Framework

    What is Threat Hunting Framework? A threat hunting framework is a structured set of repeatable processes and methodologies that guide security teams in proactively searching…

  • Threat Hunting Process

    What is Threat Hunting Process? The threat hunting process is the proactive pursuit of cyber threats that have evaded traditional security defenses. Instead of waiting…

  • Threat Intelligence Lifecycle

    What is the Threat Intelligence Lifecycle? The Threat Intelligence Lifecycle is the structured process used by cybersecurity teams to collect, analyze, and apply threat intelligence…

  • Threat Management

    What is Threat Management? Threat management is the end-to-end process of identifying, assessing, and responding to security risks that can compromise an organization’s data, systems,…

  • Threat Monitoring

    What is Threat Monitoring? Threat monitoring is the continuous process of collecting, analyzing, and responding to security events and indicators across an organization's digital infrastructure…

U

  • UEBA Tools

    What are UEBA tools? UEBA tools (User and Entity Behavior Analytics) are advanced security platforms that use machine learning and statistical analysis to detect anomalous…

V

  • Vulnerability Intelligence

    What is Vulnerability Intelligence? Vulnerability intelligence is the systematic collection, analysis, and application of information about security weaknesses in systems, applications, and networks to enable…

  • Vulnerability Remediation

    What is Vulnerability Remediation? Vulnerability remediation is the process of identifying, prioritizing, and fixing security weaknesses that could be exploited by attackers. It’s a vital…

W

  • Web Security

    What is Web Security? Web security is the comprehensive practice of protecting networks, servers, websites, and web applications from cyberattacks, unauthorized access, and data breaches.…

X

  • XDR vs. MDR

    What is XDR vs MDR? XDR vs MDR is one of the most common comparisons security leaders make when evaluating threat detection and response strategies.…

Y

  • YARA Rules

    What are YARA Rules? YARA rules are a powerful tool in cybersecurity, designed to help security professionals detect and classify malware by describing patterns of…

Z

  • Zero-Day Vulnerability

    What is Zero Day Vulnerability? Zero day vulnerability occurs when attackers discover and exploit a software flaw before the vendor can issue a patch. These…

Accelerate Your Threat Detection and Response Today! 

Talk to an Expert
Netwitness
X-twitter Linkedin Youtube

Modules

Services

Contact

Resources

Company

© 2026 NetWitness LLC. All rights reserved.

Before You Leave - Does the GenAI Threat Landscape Worry You?

Learn from John Pirc, Chief Product & Technology Officer at NetWitness, on how autonomous AI defenders help organizations stay ahead of evolving threats.