Cybersecurity Glossary

Decode cybersecurity jargon with our glossary

Identity and Access Management New

Identity and Access Management (IAM) Explained IAM is built around the management of electronic identities, which governs how individuals are identified in a system, how roles are assigned, and how permissions are granted or revoked.

Read now

SOAR

SOAR Explained SOAR (Security Orchestration, Automation, and Response) platforms are designed to address the challenges of modern cybersecurity by integrating with existing security tools, automating repetitive tasks, and providing a centralized platform for incident management. By leveraging ...

Read now

Get your phishing prevention guide

Stay up to date with our latest news, articles and resources.

conversion_panel

MDR (Managed Detection and Response) New

Managed Detection and Response (MDR) Explained MDR services are designed to enhance an organization’s ability to handle and respond to cyber threats. They combine cutting-edge tools for threat detection with the knowledge and experience of security professionals who actively monitor, investigate, ...

Read now

XDR (Extended Detection and Response) New

Extended Detection and Response (XDR) Explained XDR represents the evolution of traditional detection and response tools, addressing the growing complexity and sophistication of modern cyber threats. Traditional security solutions like Endpoint Detection and Response (EDR) focus solely on endpoint ...

Read now

DNS Exfiltration

Domain Name Systems (DNS) Exfiltration Explained Domain Name Systems (DNS) Exfiltration, a type of DNS Tunneling attack, is a sophisticated technique employed by cybercriminals to covertly transmit sensitive data from a target network to external servers using the DNS protocol. This method allows ...

Read now

Drive-by Download Attack

Drive-by Download Attacks Explained A drive-by download attack is a type of cyberattack in which malicious code or software is unintentionally downloaded to a user's computer or mobile device without their consent or interaction. These attacks exploit vulnerabilities in applications, web browsers, ...

Read now

Phishing Kit

Phishing Kits Explained Phishing kits typically include web development software with a low-code/no-code graphical user interface (GUI), email templates, graphics, and sample scripts. These elements help create convincing imitations of legitimate correspondence. Some kits also offer additional ...

Read now

Targeted Attack Protection (TAP)

Targeted Attack Protection Explained Targeted attacks, also known as advanced threats, involve highly sophisticated techniques to infiltrate an organization's network or compromise individuals within the organization. These attacks can be difficult to detect and mitigate due to their tailored ...

Read now

Threat Response Auto-Pull (TRAP)

Threat Response Auto-Pull Explained Threat Response Auto-Pull (TRAP) is a crucial tool for messaging and security administrators, providing an automated solution to manage and mitigate email-based threats. Given that email remains the primary vector for cyberattacks, accounting for over 90% of data ...

Read now

DNS Sinkhole

DNS Sinkholes Explained DNS sinkholes, also called sinkhole domains, are specialized domains created and managed by cybersecurity professionals to intercept and redirect malicious traffic. Instead of allowing malicious traffic to reach its intended target, DNS sinkholes capture this traffic, ...

Read now

Data Loss

Data Loss Explained Data loss refers to the intentional or unintentional destruction or compromise of digital information, leading to the permanent or temporary loss of data. It can occur due to various reasons, including hardware malfunctions, software corruption, human error, natural disasters, ...

Read now

Honeypot

Honeypot Explained A honeypot is a cybersecurity technique that involves setting up a network-attached system with the purpose of luring cyber attackers. It acts as a decoy or trap designed to detect, divert, and study hacking attempts. The primary objective of a honeypot is to gather information ...

Read now

Data Leak

Data Leak Explained A data leak refers to an unauthorized and unintentional release or exposure of sensitive or confidential information from a secure location to an untrusted environment. In the context of the digital era, data leaks most commonly occur within computer networks, cloud services, or ...

Read now

Typosquatting

Typosquatting Explained Typosquatting is a malicious practice where cybercriminals register domain names that are similar to popular websites but contain typographical errors. The goal is to deceive users into visiting these fake websites and potentially steal sensitive information, distribute ...

Read now

Vishing

Vishing Attacks Explained Vishing is a social engineering attack delivered through phone calls or voicemails that attempts to fool people into revealing sensitive information. The caller usually masquerades as someone from a trusted company or government department. Attempts to elicit the desired ...

Read now

Ransomware as a Service

Ransomware as a Service (RaaS) Explained Ransomware as a Service (RaaS) is a cybercrime model where ransomware tools are developed and leased out by creators to other criminals, often with minimal technical expertise, for the execution of ransomware attacks. This service-based model mirrors ...

Read now

Watering Hole Attack

Watering Hole Attacks Explained A watering hole attack is a type of targeted cyber attack that aims to compromise users within a specific industry or group by infecting websites they frequently visit. It derives its name from the behavior of predators in the animal kingdom, who wait near watering ...

Read now

Threat Exposure Management

Threat Exposure Management Explained Threat Exposure Management (TEM) is a comprehensive and strategic approach to managing the increasing risks and vulnerabilities faced by organizations in the modern threat landscape. It encompasses a set of processes, methodologies, and capabilities that enable ...

Read now

Common Vulnerabilities and Exposures

Common Vulnerabilities and Exposures (CVE) Explained Common Vulnerabilities and Exposures (CVE) is a comprehensive list of publicly disclosed information security vulnerabilities and exposures. It was launched in 1999 by the MITRE Corporation, a nonprofit organization that operates federally funded ...

Read now

SMTP

SMTP Explained Simple Mail Transfer Protocol (SMTP) is a standard for sending email messages between servers. It was first defined in 1982 and is now the de facto standard for email delivery across the internet. It supports both text and binary attachments, as well as providing authentication and ...

Read now

DKIM

DKIM Explained DKIM (DomainKeys Identified Mail) is an email authentication technique that helps protect both senders and recipients from fraudulent emails. DKIM uses digital signatures to analyze incoming emails from the sending domain, and then compares this signature with public information ...

Read now

User Behavior Analytics (UBA)

User Behavior Analytics (UBA) Explained User Behavior Analytics (UBA) involves tracking, collecting, and assessing user data and activities through monitoring systems. Initially focused solely on users, the term has evolved into User and Entity Behavior Analytics (UEBA) to reflect that users are ...

Read now

Unicode Domain Phishing

Unicode Domain Phishing Explained Unicode Domain Phishing, also known as script spoofing or internationalized domain name (IDN) homograph attack, is a type of cyber attack where attackers exploit the visual similarity of characters from different scripts to deceive users. By registering domain ...

Read now

Natural Language Understanding

Natural Language Understanding Explained Natural language understanding (NLU), a subset of Natural Language Processing (NLP), is a field of artificial intelligence that focuses on enabling machines to understand and interact with humans in their own natural language. NLU processes linguistic input ...

Read now

Content Disarm and Reconstruction (CDR)

Content Disarm and Reconstruction (CDR) Explained Content Disarm and Reconstruction (CDR), also known as Threat Extraction, is a security technology that proactively protects against known and unknown threats contained in documents by removing executable content. It is designed to prevent ...

Read now

Pharming

Pharming Explained Pharming is a type of cyberattack that involves redirecting website traffic from a legitimate website to a fake one designed to steal personal information or financial data from the user. Unlike phishing, where the user is tricked into clicking on a link that takes them to a fake ...

Read now

Data Broker

Data Brokers Explained A data broker, often referred to as an information broker, is a business that collects, aggregates, organizes, and sells or distributes information about individuals to other businesses, organizations, or entities. This data can be utilized for various purposes, including ...

Read now

Compliance Monitoring

Compliance Monitoring Explained Compliance monitoring is a dynamic process that ensures organizations adhere to policies, procedures, and regulatory requirements to identify and address compliance risks. It involves the surveillance, review, and analysis of organizational performance and risk ...

Read now

Indicators of Compromise (IOC)

Indicators of Compromise (IOC) Explained Indicators of Compromise (IOC) are digital artifacts or traces left behind by cybercriminals that suggest a network or endpoint has been breached, providing valuable clues for identifying security threats such as data breaches, insider threats, or malware ...

Read now

Smishing

Smishing Explained Smishing is a type of social engineering scam that uses mobile texting rather than emails to deliver nefarious messages that dupe people into taking specific actions. The term is a combination of phishing and SMS, and its increasingly widespread use reflects a belief among ...

Read now

Whitelist

Whitelists (Allowlists) Explained Whitelists, also known as allowlists, are a fundamental cybersecurity strategy employed to enhance the security of computer systems, networks, and applications. These lists serve as a proactive access control mechanism by explicitly permitting only a predefined set ...

Read now

Spyware

Spyware Explained Spyware is a broad term that encompasses malicious software designed to infiltrate computer devices and mobile devices with the primary intent of gathering data about users without their consent. This data is typically transmitted to a third party, often for malicious purposes, ...

Read now

Data Loss Prevention (DLP)

Data Loss Prevention (DLP) Explained Data Loss Prevention (DLP) is a proactive cybersecurity strategy designed to safeguard sensitive data from breaches, leaks, and unauthorized access. In an increasingly digital world, protecting valuable information is paramount for organizations to maintain ...

Read now

Abuse Mailbox

Abuse Mailbox Explained An Abuse Mailbox refers to a designated destination where users can report suspicious emails to IT and security teams for further investigation and analysis. It serves as a crucial component in tracking and preventing potential email threats within an organization. The Abuse ...

Read now

Polymorphic Attacks

Polymorphic Phishing Attacks Explained A polymorphic attack is a type of cyber attack that uses a constantly changing code, content, or structure in order to evade detection by security systems. In the context of email, polymorphic phishing attacks may use a different sender's address, subject ...

Read now

Quantum Cryptography

Quantum Cryptography Explained Quantum cryptography is an encryption method that leverages the principles of quantum mechanics to secure data transmission. Unlike traditional cryptographic systems, which rely on mathematical algorithms, quantum cryptography utilizes the inherent properties of ...

Read now

DMARC

DMARC Explained DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that uses specifically formatted messages to verify the authenticity of the sender’s domain. DMARC helps protect a company from unauthorized use of its domain name by ...

Read now

Dark Web Monitoring

Dark Web Monitoring Explained Dark web monitoring involves the use of specialized technology and expertise to scan, identify, and assess threats that emerge within the dark web. This proactive security measure aims to detect and alert individuals or organizations to potential threats, such as ...

Read now

Identity Cloning

Identity Cloning Explained Identity cloning is a sophisticated form of identity theft in which an individual maliciously assumes another person's identity, typically for personal gain or to evade legal consequences. This deceptive act involves the replication of various personal details, such as a ...

Read now

Threat Assessment

Threat Assessment Explained Threat assessment refers to the process of evaluating and analyzing potential risks and vulnerabilities to an organization's digital assets, networks, and systems. It involves identifying and understanding various threats that may compromise the confidentiality, ...

Read now

Credential Stuffing

Credential Stuffing Explained Credential stuffing is a cyber attack technique that exploits the common practice of reusing the same username and password combinations across multiple websites and services. The attack relies on leaked or stolen credentials, which are typically obtained from previous ...

Read now

Advanced Persistent Threat

Advanced Persistent Threat Explained An advanced persistent threat (APT) is a type of attack in which an intruder or group of intruders gain unauthorized access to a network and remain undetected for long periods of time in order to steal sensitive data. Some APTs will sit dormant for long periods ...

Read now

MFA Bypass

MFA Bypass Attacks Explained MFA bypass attacks encompass various strategies employed by cybercriminals to overcome the additional security measures introduced by MFA. These attacks often leverage social engineering tactics, phishing, or exploitation of vulnerabilities in the authentication process ...

Read now

Quishing Attack

Quishing Explained In the realm of cyber threats, quishing attacks, also known as QR code phishing, have emerged as deceptive tactics employed by cybercriminals. These attacks manipulate QR codes to lure unsuspecting individuals into visiting fraudulent websites, with the ultimate aim of either ...

Read now

IoT Security

IoT (Internet of Things) Security Explained IoT security, or Internet of Things security, refers to the practices and measures implemented to protect Internet-connected devices from unauthorized access, data breaches, and cyberattacks. These devices, ranging from smart home appliances to industrial ...

Read now

Spear Phishing Attack

Spear Phishing Explained Spear phishing, a form of business email compromise (BEC), is a highly targeted form of phishing that uses deceptive emails to trick recipients into taking certain actions, such as providing sensitive information or downloading malware. In spear phishing, the attacker ...

Read now

Credential Harvesting Attack

Credential Harvesting Explained Credential harvesting, also known as password harvesting or username harvesting, is a form of cyberattack that involves the theft of personal or financial data such as usernames and passwords, typically carried out through phishing, malicious websites, email scams, ...

Read now

Graymail

Graymail Explained Graymail is a term used to describe emails that are not exactly spam but are not wanted by the recipient either. These emails may come from reputable sources such as newsletters or mailing lists, but the user may no longer be interested in receiving them. Unlike spam, Graymail is ...

Read now

Business Email Compromise

Business Email Compromise (BEC) Explained Business email compromise is a type of targeted phishing (spear phishing) in which a threat actor either accesses or mimics a genuine business email account to defraud the business. This tactic relies on exploiting the assumed trust that victims have in ...

Read now

Integrated Cloud Email Security (ICES)

Email has become the essential communication tool in the digital age, but it also exposes us to increased risk of cyberattacks targeting email systems. Integrated Cloud Email Security (ICES) solutions are designed to address this concern by providing advanced protection against various email-based ...

Read now

Sandbox

Sandbox Explained A Sandbox is a cybersecurity tool that uses an isolated and controlled environment designed to test, analyze, and execute potentially malicious or suspicious code, software, or applications. The primary purpose of a sandbox is to provide a secure space where the unknown code can ...

Read now

SPF

SPF Explained SPF (Sender Policy Framework) is an email authentication system that works by verifying the IP address of any message sent from a specific domain. SPF allows ISPs and email services to make sure that the messages they receive are actually coming from a legitimate source. SPF assists ...

Read now

Clickjacking

Clickjacking Explained Clickjacking is a malicious technique used by attackers to trick users into clicking on a webpage element that is disguised or hidden. The objective of clickjacking is to deceive users into unknowingly performing actions that they did not intend to do, such as downloading ...

Read now

Brute Force Attack

Brute Force Attack Explained A brute force attack is a trial-and-error method used by cybercriminals to gain unauthorized access to sensitive information or systems by systematically attempting to guess credentials, such as passwords, encryption keys, or personal identification numbers (PINs). ...

Read now

Security Operations Center (SOC)

SOC (Security Operations Center) Explained A Security Operations Center (SOC) is a central function within an organization dedicated to monitoring, detecting, analyzing, responding to, and reporting security incidents and threats. It serves as the frontline defense against cyber attacks, staffed by ...

Read now

Security Awareness Training

Security Awareness Training Explained Security Awareness Training refers to educational programs designed to teach individuals about potential security risks and how to mitigate them. These programs aim to increase knowledge and awareness of security best practices, policies, and procedures within ...

Read now

HTML Smuggling

HTML Smuggling Explained HTML Smuggling is an advanced cyberattack technique where attackers use HTML5 and JavaScript features to create malicious files on the fly within a victim's browser. This method bypasses traditional security measures that scan files at the network perimeter, as the ...

Read now

Identity Fabric

Identity Fabric Explained Identity Fabric refers to a deployment architecture that enables organizations to establish and manage identities in a digital environment. It allows individuals to securely use their personal identities across various online platforms and services. Your Identity Fabric ...

Read now

Fake Login Page

Fake Login Page Attacks Explained A fake login page, also known as a phishing page, is a type of cyberattack that attempts to trick users into providing their login credentials for a particular service, such as an email account, social media platform, or even an online banking account. The fake ...

Read now

Generative AI

Generative AI Explained Generative AI is a subset of artificial intelligence that focuses on the development of algorithms and models capable of generating new data that resembles existing patterns and distributions. Unlike traditional AI systems that are used for prediction and classification, ...

Read now

MX Record

MX Records Explained MX records (Mail Exchange records) are a type of DNS (Domain Name System) record that identifies which mail server is responsible for accepting incoming email messages on behalf of a domain. In other words, MX records provide the information needed for email to be delivered to ...

Read now

Accidental Data Exposure

Accidental Data Exposure Explained Accidental Data Exposure, also known as Sensitive Data Exposure, refers to unintended instances where sensitive data becomes accessible to unauthorized individuals or entities. This could range from personal information such as social security numbers and banking ...

Read now

Outbound Email Protection

Outbound Email Protection Explained Outbound email protection is a security measure implemented by organizations to prevent data breaches originating from emails sent within the organization to external entities. It ensures that sensitive data, whether shared intentionally or by mistake, doesn’t ...

Read now

MFA Fatigue Attacks

MFA Fatigue Attacks Explained MFA Fatigue Attacks leverage the reliance on MFA as an additional layer of security beyond traditional passwords. By bombarding users with a high volume of MFA prompts—typically push notifications to mobile devices—attackers exploit the tendency of users to eventually ...

Read now

CEO Fraud

CEO Fraud Explained CEO fraud (commonly referred to as executive phishing or ‘whaling’) is when an attacker successfully impersonates a company executive in order to gain sensitive information or coerce a financial transaction from targeted executives or employees.

Read now

Zero Trust

Zero Trust Explained Zero Trust is a cybersecurity framework that operates on the principle of never trusting any user or device by default. It requires continuous authentication, authorization, and validation of users and devices before granting or maintaining access to applications and data. ...

Read now

Conversation Overflow

Conversation Overflow Explained Conversation Overflow attacks involve crafting emails with two distinct sections: a visible portion prompting the recipient to take action, such as clicking a link or providing sensitive information, and a concealed segment containing benign text. The hidden text is ...

Read now

Vendor Email Compromise

Vendor Email Compromise Explained Vendor Email Compromise (VEC), sometimes referred to as Vendor Impersonation or Vendor Spoofing, is a type of cyber attack in which an attacker gains access to a vendor’s email account and uses it to send fraudulent emails to the vendor’s customers. The emails ...

Read now

Account Takeover

Account Takeover Explained Account takeover (ATO) is a form of cybercrime that occurs when a cybercriminal gains access to a victim’s online account. The attacker can then use the account to commit fraud, steal money or sensitive data, or commit other malicious activities. ATO is a subset of ...

Read now

Deepfake Phishing

Deepfake Phishing Explained Deepfake phishing uses AI algorithms to fabricate audio, video, or image content that appears to be authentic. This content is then used to manipulate the target into taking actions beneficial to the attacker. For example, an attacker might create a deepfake voice note ...

Read now

Data Breach

Data Breach Explained A data breach refers to any incident where unauthorized individuals gain access to sensitive or confidential data. This can include personal information like social security numbers, financial data, healthcare records, or corporate information such as customer databases and ...

Read now

Ransomware

Ransomware Explained Ransomware is a type of malicious software that encrypts a victim’s files, rendering them inaccessible, and demands a ransom payment in exchange for the decryption key. Ransomware can infect computers and networks through various channels, including phishing emails, malicious ...

Read now

Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM) is a technology that aids in threat detection, compliance, and security incident management by collecting, analyzing, and correlating security events and contextual data from various sources. SIEM solutions provide organizations with a centralized ...

Read now

Machine Learning

Machine Learning (ML) Explained Machine Learning is a subfield of artificial intelligence and computer science that involves the development of algorithms and models that enable computers to learn and improve their performance on specific tasks based on data inputs. It is an integral component of ...

Read now

Impersonation

Impersonation Explained Impersonation is a deceptive technique used by cybercriminals to masquerade as someone else, typically a trusted individual or entity, with the aim of tricking individuals into performing malicious actions or divulging sensitive information. Impersonation attacks often rely ...

Read now

Human-centric Security

Human-centric Security Explained Human-centric security (i.e., Human Centricity) refers to an approach to cybersecurity that prioritizes the understanding and integration of human behavior, psychology, and interaction within the context of security measures. It recognizes that humans play a ...

Read now

Email Encryption

Email Encryption Explained Email encryption is a security method that uses encryption algorithms to encode email messages, making them unreadable to anyone who doesn't have the decryption key. When an email message is encrypted, its contents are transformed into a coded language that can only be ...

Read now

Pretexting

Pretexting Explained Pretexting is a social engineering technique used by threat actors in business email compromise attacks to manipulate individuals into divulging sensitive information. It involves creating a fictional scenario or pretext to deceive victims and gain their trust. By posing as a ...

Read now

OCR Deep Learning

OCR Deep Learning Explained Optical Character Recognition (OCR) is a technology used to convert various types of documents, such as scanned paper documents or images, into editable and searchable text data. Traditional OCR systems rely on predefined rules and templates to recognize text characters ...

Read now

IP Reputation

IP Reputation Explained IP reputation is a measure of the trustworthiness of an IP address based on its past behavior. IP reputation is important because it is used by email filters, firewalls, and other security tools to identify and block potentially malicious traffic. An IP address with a good ...

Read now

Phishing

Most employees are required to take security awareness training during their first week of work. Normally these courses outline company policies, talk about the importance of online security, what is phishing, and share examples of email attacks so that employees can detect and report them in the ...

Read now

Email Security

Email Security Explained Email security refers to the tools, techniques, procedures, and software used to defend against malicious attempts to access and compromise sensitive data. In 2019, Verizon’s Data Breach Investigations Report found that 90% of cyber attacks can be attributed to email. ...

Read now

Email Spoofing

Email Spoofing Explained Email spoofing is a technique scammers use to make fraudulent emails appear as if they came from a known entity. By impersonating someone familiar, scammers use phishing attacks to obtain sensitive information such as company credit card numbers, payroll data, and even ...

Read now

Whaling

Whaling Explained Whaling is a type of spear phishing in which threat actors directly target C-level executives at an organization. This type of social engineering attack sends fraudulent messages to individuals with high levels of seniority to exploit three particular characteristics of these ...

Read now

SPAM

Email SPAM Explained Email spam, also known as junk email, refers to unsolicited and unwanted messages that are sent in bulk to a large number of recipients. These messages are typically commercial in nature and driven by a financial motive. Spammers use various techniques to deceive recipients, ...

Read now

Impossible Travel

Impossible Travel Explained Impossible travel is a cybersecurity detection method used to identify potential compromise or unauthorized access to user accounts. It detects instances where a user's account is accessed from two different countries within an unreasonably short timeframe, suggesting ...

Read now

Link Jacking

Link Jacking Explained Link jacking is a digital strategy involving the redirection of internet traffic from its original source to an alternative website. This can be achieved by copying content from one site and reposting it on another, often on aggregator websites that consolidate various ...

Read now

Invoice Fraud

Invoice Fraud Explained Invoice fraud is a well-coordinated ploy in which an attacker attempts to scam a business into paying a fake invoice–or paying a legitimate invoice to a fake account–by impersonating a vendor or partner. The lure of large transactions makes invoice fraud very appealing to ...

Read now

Phishing Simulation Testing

Phishing Simulation Explained Phishing simulation is the process of using a phishing simulator to mimic real-world phishing attacks by sending simulated phishing emails to test targeted recipients within an organization. The primary objective of using phishing simulation testing (PST) is to assess ...

Read now

Clone Phishing

Clone Phishing Explained Clone phishing is a type of cyberattack where an attacker clones or replicates a legitimate email and modifies it to spread malware or steal sensitive information. The cloned email appears to come from a trusted source, such as a well-known brand or organization, making it ...

Read now

Supply Chain Attacks

Supply Chain Attacks Explained A supply chain attack is a sophisticated cyberattack strategy that strategically targets trusted third-party vendors or suppliers within an organization's intricate supply chain network. These malicious attacks take advantage of the established trust between ...

Read now

Log4j

Log4j Exploit Explained Log4j is an open-source logging library that is widely used by software applications and online services to track and record system activities and events. It is part of the Apache Logging Services Project, developed by the Apache Software Foundation. The library provides ...

Read now

Artificial Intelligence

Artificial Intelligence Explained Artificial Intelligence (AI) is a field of computer science that focuses on creating intelligent machines capable of performing tasks that typically require human intelligence. It involves developing algorithms and systems that can learn from data, reason, and make ...

Read now

Consent Phishing

Consent Phishing Explained Consent phishing relies on the OAuth 2.0 authorization protocol, which enables users to grant applications access to their resources without divulging their passwords. Attackers exploit this process by registering malicious applications with OAuth 2.0 providers, tricking ...

Read now

Computer Vision

Computer Vision Explained Computer vision is a field of artificial intelligence that focuses on giving machines the ability to interpret, analyze and understand visual data from images or videos. This can include recognizing objects in an image, understanding the context of an image or scene, ...

Read now

Man-in-the-Middle Attack

Man-in-the-Middle Attack Explained A Man-in-the-Middle (MITM) Attack is a cyberattack in which an attacker intercepts communication between two parties, such as a user and an application, to eavesdrop or impersonate one of the parties. The attacker can steal personal information like login ...

Read now

Transport Layer Security (TLS)

Transport Layer Security (TLS) Explained Transport Layer Security (TLS) operates as a client-server handshake protocol, facilitating the establishment of an encrypted connection and verifying the authenticity of communication. This handshake involves negotiation between the client and server to ...

Read now

Insider Threat

Insider Threat Explained Insider threats in cybersecurity are risks originating from within an organization, often involving individuals with legitimate access to systems and data. These threats can be intentional or unintentional, leading to compromises in data confidentiality, availability, and ...

Read now

Generative AI Fraud

Generative AI Fraud Explained Generative AI fraud refers to the deceptive use of artificial intelligence models, particularly generative models, to create fraudulent content that can be used for malicious purposes. These purposes include identity theft, financial fraud, and spreading ...

Read now

Social Engineering

Social Engineering Explained Social engineering is a type of malicious attack used by cybercriminals to gain access to an organization’s sensitive data and resources. This attack usually involves manipulating individuals into providing confidential information or performing actions that can put the ...

Read now

Barrel Phishing

Barrel Phishing Explained Barrel phishing, also known as double-barrel phishing or multi-stage phishing, while not a specific attack, typically refers to a general phishing tactic that involves two or more separate emails, to steal sensitive information or data from unsuspecting victims. This type ...

Read now

Emergency Inbox

Emergency Inboxes Explained During an email service outage, the Emergency Inbox automatically captures incoming messages, ensuring that critical communications are not lost. It differs from regular email inboxes as it only displays messages received during the outage period and does not show those ...

Read now

AI TRiSM

AI TRiSM (Trust, Risk & Security Management) Explained AI TRiSM is a proactive approach to identify and mitigate risks inherent in AI models and applications. It aims to integrate governance measures upfront to ensure compliance, fairness, reliability, and privacy protection from the initial ...

Read now

Large Language Model

Large Language Model Explained A Large Language Model (LLM) is a type of deep-learning model based on transformer architecture that has been trained on a massive amount of text data. LLMs are designed to understand and generate human-like text in a coherent and contextually relevant manner. These ...

Read now

Explore More Articles

Say goodbye to Phishing, BEC, and QR code attacks. Our Adaptive AI automatically learns and evolves to keep your employees safe from email attacks.