MKG Marketing MKG Marketing Logo Quotation Marks
Resources > Glossaries

Cybersecurity Glossary

Keep up with the industry and know your cybersecurity terms and definitions. We even include tips and tricks to help you stay ahead of the curve!


The MITRE ATT&CK (Adverserial Tactics, Techniques, and Common Knowledge) framework provides a detailed understanding of the tactics and techniques that attackers use to gain access to systems, move laterally within a network, and exfiltrate data. It is organized into several categories, including initial access, execution, persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement, collection, exfiltration, and command and control.

Application Security

Application security refers to the practice of ensuring the security and protection of software applications from threats and vulnerabilities that could compromise their functionality or expose sensitive data. It involves the use of various techniques, tools, and processes to prevent or mitigate attacks that could exploit weaknesses in an application's design, code, or deployment.

Application Security Assessment

An application security assessment is a process of evaluating the security of an application or software system to identify vulnerabilities and potential security issues. It is a critical part of the software development lifecycle, and helps organizations ensure that their applications are secure and meet industry best practices and compliance requirements.

Attack Surface

Attack surface refers to the sum total of all the vulnerabilities and entry points that an attacker could potentially exploit in a target system or network. This includes all the points of entry, such as network protocols, software applications, web interfaces, and user accounts, that can be targeted by an attacker to gain unauthorized access to the system or data.

Attack Surface Management

Attack surface management (ASM) is the process of identifying, assessing, and reducing the attack surface of an organization's systems and network infrastructure. The goal of ASM is to minimize the number of potential vulnerabilities and entry points that attackers can use to gain unauthorized access to sensitive information and systems.

Cloud Security

Cloud security refers to the set of practices, technologies, and policies used to protect data, applications, and infrastructure in cloud computing environments. It is essential because cloud computing relies on the Internet to store and transmit data and applications, which makes them vulnerable to cyber-attacks.

Cloud Security Platform

A cloud security platform is a software solution that provides a range of security services and features designed to protect data, applications, and infrastructure in cloud computing environments. A cloud security platform typically integrates with cloud service providers and provides a centralized console for managing security policies and controls across multiple cloud environments.

Container Security

Container security refers to the set of practices and tools used to protect containerized applications and their underlying infrastructure from security threats. Containers are a lightweight and portable way of packaging applications and their dependencies, allowing them to be run consistently across different computing environments.


The protection of critical internet-connected systems from malicious actors.

Cybersecurity Asset Management

Cybersecurity asset management (CAM) is the process of identifying, tracking, and managing the hardware, software, and digital assets within an organization's network infrastructure. This includes devices such as servers, workstations, laptops, mobile devices, routers, switches, firewalls, and other network-connected devices.

Cybersecurity Mesh

Cybersecurity Mesh is a collaborative ecosystem of tools to secure a distributed enterprise, whether it is on site, in data centers, or in the cloud.

Cybersecurity Risk

There are many cybersecurity risks that organizations and individuals face today. Here are some of the most common: phishing, malware, denial-of-service attacks, weak passwords, and cloud security risks.

Cybersecurity Risk Management

Cybersecurity risk management refers to the process of identifying, assessing, and mitigating risks to an organization's information assets, including data, systems, and networks, from cybersecurity threats.

Cybersecurity Threat

Cybersecurity threats come in many different forms- from phishing, malware, to DDoS and password attacks. These threats can be mitigated through a variety of solutions like XDR and EDR.

Cybersecurity Vulnerability

Vulnerabilities are very common, especially in organizations that utilize outdated software or unsecured networks.


Distributed Denial of Service (DDoS) attacks are when malevelant actors overwhelm a network or website with bot traffic to disrupt operations.

Data Security

Data security refers to the practice of protecting digital information from unauthorized access, theft, destruction, or modification. This can include sensitive information such as personal data, financial records, intellectual property, or trade secrets.

Detection and Response Platform

A detection and response platform is a powerful cybersecurity tool that can help organizations improve their security posture and protect against a wide range of security threats. By combining multiple security technologies into a single platform, these solutions provide a comprehensive security solution that can help organizations respond quickly and effectively to security incidents.

Dynamic Application Security Testing (DAST)

Dynamic application security testing (DAST) is a security testing technique that involves testing web applications while they are running to identify potential vulnerabilities and security issues.

EDR Software

EDR software is an important tool for organizations that want to improve their endpoint security posture and protect against a wide range of security threats. By providing real-time visibility and automated response capabilities, these solutions can help organizations detect and respond to security incidents more quickly and effectively, reducing the risk of data breaches and other security incidents.

EDR Solution

EDR solutions typically provide real-time monitoring and analysis of endpoint activity, using behavioral analysis and machine learning algorithms to identify potential threats. They may also include features such as file integrity monitoring, application control, and device control, to prevent unauthorized changes to endpoint configurations and applications.

Endpoint Detection and Response (EDR)

Endpoint Detection and Response offers real-time visibility into endpoint activity (laptops, servers, and mobile devices).

Endpoint Devices

Endpoint devices refer to any computing device that is connected to an organization's network, such as desktops, laptops, smartphones, tablets, servers, and IoT (Internet of Things) devices. These devices act as endpoints that communicate with other devices and services over a network.

Endpoint Management

Endpoint management is the process of managing and securing endpoint devices, such as desktops, laptops, smartphones, and tablets, that are connected to an organization's network. It involves a range of activities, including software deployment, patch management, configuration management, security management, and asset management.

Endpoint Protection

The process of securing endpoint devices such as desktops, laptops, smartphones, and tablets against various cyber threats, including malware, phishing, ransomware, and other types of attacks

Endpoint Protection Platform

An endpoint protection platform (EPP) is a cybersecurity solution that provides a comprehensive approach to endpoint security. An EPP also includes advanced endpoint management capabilities, such as patch management, software deployment, and configuration management. These capabilities help to ensure that endpoint devices are up-to-date and secure, reducing the risk of vulnerabilities that could be exploited by cyber attackers.

Endpoint Security

Endpoint security solutions typically include a range of software and hardware-based technologies, such as antivirus and antimalware software, intrusion detection and prevention systems, firewalls, encryption tools, and mobile device management software.

Extended Detection and Response (XDR)

Extended Detection and Response is a unified platform using advanced analytics across multiple data sources, blocking malicious files and traffic.

External Attack Surface Management

External attack surface management is the process of identifying and managing the potential attack vectors and vulnerabilities that exist outside an organization's network perimeter. It involves understanding and mapping the organization's external-facing assets, such as web applications, cloud services, third-party vendors, and digital footprints, and assessing the risks associated with them.

FTC compliance

To comply with FTC regulations, cybersecurity organizations may need to implement specific data security practices, such as implementing data encryption, access controls, regular vulnerability assessments and penetration testing, and incident response plans. They may also need to provide accurate and transparent information about their data security practices to customers and ensure that any claims made about their products or services are truthful and supported by evidence.

File Integrity Monitoring

File integrity monitoring (FIM) is a cybersecurity technique that involves monitoring file systems and comparing the current state of files and directories to a known, secure baseline to identify any unauthorized modifications. It enables organizations to detect unauthorized changes, meet compliance requirements, reduce risk, and improve incident response capabilities.

HIPAA compliance

HIPAA compliance refers to cybersecurity organizations adhering to the regulations and guidelines set forth by HIPAA to protect the privacy and security of protected health information (PHI).

IT Asset Management (ITAM)

IT asset management (ITAM) is the process of managing and optimizing the use of an organization's hardware and software assets to maximize their value and minimize associated risks and costs. ITAM encompasses the entire lifecycle of IT assets, from procurement and deployment to retirement and disposal.

IT Asset Management Platform

An IT asset management platform is a software tool that automates and streamlines the processes to provide a central repository for tracking all IT assets, including hardware, software, and network-connected devices, throughout their lifecycle.

Insider Threats

These threats are posed by anyone with access to sensitive company information- however, these can be unintentional data breaches.


MITRE is a non-profit organization that works in partnership with the U.S. government to research and develop advanced technologies in areas such as cybersecurity, healthcare, defense, and aviation. It is known for developing the MITRE ATT&CK framework which is used to improve cybersecurity posture and defend against advanced persistent threats.

Malware Attacks

Malware is a type of software used to disrupt and infultrate computer systems. It comes in many forms, from viruses to ransomware, and can result in significant data loss.

Managed Detection and Response (MDR)

Managed Detection and Response (MDR) is a cybersecurity service that provides organizations with continuous threat monitoring, detection, and response capabilities. It is designed to help organizations detect and respond to cyber attacks more effectively, and to reduce the impact of security incidents on their business operations.


The National Institute of Standards and Technology (NIST) is responsible for promoting innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve the quality of life. It is known for its work in developing cybersecurity standards and guidelines that are widely used by organizations around the world.

NIST compliance

NIST compliance involves implementing and maintaining a set of security controls and procedures that meet the standards and guidelines set forth by NIST. This includes conducting regular risk assessments, developing security policies and procedures, implementing technical controls, and providing training to employees.

Network Detection and Response (NDR)

Network Detection and Response (NDR) uses behavior analysis and machine learning to find and respond to security threats, like phising or data exfiltration, on the network in real-time.


OWASP stands for the Open Web Application Security Project, a nonprofit organization that is dedicated to improving the security of software applications. OWASP provides a set of resources and tools that help organizations develop secure applications and protect against common security threats.

PCI ASV Compliance

PCI ASV compliance refers to compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) by engaging an Approved Scanning Vendor (ASV) to conduct vulnerability scans of an organization's networks and systems.

Password Attacks

These threats are very common- guessing or stealing passwords that are weak or reused. They can also happen when third-party software gets breached. 

Patch Management

Patch management is the process of identifying, acquiring, testing, and deploying software updates or "patches" to fix vulnerabilities or issues in computer systems, applications, and devices. The purpose of patch management is to ensure that systems are up-to-date with the latest software patches and security updates, reducing the risk of cyber attacks that exploit known vulnerabilities. Failure to keep systems up-to-date with patches can leave them vulnerable to cyber attacks, as attackers can exploit known vulnerabilities to gain unauthorized access to systems, steal sensitive data, or cause disruption to business operations.


One of the most common threats- involving sending fraudulent emails to gain access to information or company networks while posing as a trusted source.

Policy Compliance

Cybersecurity policies and procedures are designed to establish guidelines and best practices for protecting the confidentiality, integrity, and availability of an organization's information assets. They typically cover a wide range of topics, including data classification, access control, network security, incident response, and compliance with applicable laws and regulations.

Regulatory Compliance

Regulatory compliance for cybersecurity organizations refers to the process of ensuring that the organization is adhering to relevant laws, regulations, and industry standards related to information security.

Security Posture

Security posture refers to an organization's overall security readiness and approach to managing and mitigating potential security risks and threats. It encompasses all aspects of an organization's security policies, procedures, and controls, including physical security, network security, data protection, access control, incident response, and compliance with regulatory requirements.

Security Posture Management

Security posture management involves evaluating an organization's existing security controls, identifying gaps and vulnerabilities, and implementing new or improved controls to address them.

Static Application Security Testing (SAST)

Static application security testing (SAST) is a security testing technique that involves analyzing the source code of an application to identify potential vulnerabilities and security issues.

Threat Detection

Threat detection is the process of identifying and responding to potential security threats and attacks that could compromise an organization's systems, data, or operations. It involves using various security tools and techniques to detect, analyze, and respond to security incidents in real-time.

Threat Response

Threat response typically involves a coordinated effort between various teams, including IT security, incident response, legal, and public relations. The goal is to minimize the damage caused by the incident, protect sensitive data and assets, and maintain the organization's reputation and financial stability.

VMDR Platform

A VMDR (Vulnerability Management, Detection, and Response) platform is a cybersecurity solution that helps organizations identify and mitigate vulnerabilities across their IT infrastructure. It integrates vulnerability management, threat detection, and incident response capabilities into a single platform, enabling organizations to manage their security posture more effectively.


A flaw or weakness in a computer system or its security procedures which could be exploited to violate the system security policy.

Vulnerability Detection

Vulnerability detection involves the use of various tools and techniques to scan networks, systems, and applications for known vulnerabilities and to identify potential areas of weakness that could be exploited by attackers.

Vulnerability Management

Vulnerability management is an important aspect of an organization's overall cybersecurity strategy, as it helps to reduce the risk of successful cyber attacks and protect sensitive data from compromise. By regularly conducting vulnerability management activities, organizations can ensure that their systems and applications are secure and up to date with the latest security patches and configurations

Vulnerability Remediation

Vulnerability remediation is the process of addressing and fixing vulnerabilities or weaknesses in a system, network, or application. The remediation process typically involves the following steps: prioritization, planning, implementation, verification, and ongoing monitoring.

Vulnerabiltiy Management, Detection, and Response (VMDR)

VMDR combines scanning, prioritization, and remediation with threat detection to improve security posture and automate processes and improve speed of operations.

Web Application Scanning

Web application scanning is a security testing technique that involves scanning web applications to identify potential vulnerabilities that could be exploited by attackers. It is an important part of web application security and helps organizations proactively identify and address potential security issues before they can be exploited by attackers.

Two people looking over a page of charts and results

MKG Marketing works with you.

Our digital marketing team consists of expert-led service lines overseen by an Account Director who ensures we work in partnership toward your goals.

Join our weekly newsletter

Get industry news, articles, and tips-and-tricks straight from our experts.

We care about the protection of your data. Read our Privacy Policy.