- Netenrich /
- Cybersecurity Glossary
Software-defined monitoring oversees the traffic in a virtualized network. Software-defined monitoring applications can be integrated with other applications. They also have the capacity to respond to current information about application behavior and requirements, status, network performance, and security. Effective SDN monitoring involves not only the software aspect of SDN, but the physical as well. It offers a centralized mechanism that provides infrastructure, network, and application monitoring. It also allows management capabilities across on-premises, hosted, and public cloud environments.
Spear phishing is an electronic communication or email specifically targeted towards individuals, businesses, or organizations. Spear phishing is often used as a carefully planned strategy to steal sensitive data with malicious intent. Criminals can also use this approach to install malware on the victim's device. A potential victim receives an email from a trustworthy source (made to look trustworthy by attackers). If trapped by the criminal’s email, the victim lands on a spurious website that is full of harmful malware. The success rate for criminals with spear phishing is more because they use clever tactics to invoke urgency and emotions to get their attention. The criminals use social engineering techniques and an individually designed approach to target victims.
A malware that penetrates your computing device and steals sensitive information. Following that, it transfers your data to advertisers, data firms, or external users. By launching a spyware attack, threat actors can monitor your internet activity, track your login and password information, and get their hands on your sensitive information.
Enterprises need to create a stable IT environment capable of assimilating frequent and rapid changes across hybrid infrastructure. These changes include capacity upgrades, new technology introductions, new features, and capabilities. The goal is to gain a predictable, steady-state mode of operations regardless of changes being introduced into the IT environment. Historically, we found that the more change a company introduced, the more volatile the IT environment became, and the more its teams behaved reactively.
Swivel-chair interfaces refer to IT operations teams switching between multiple screens, tools, and windows on their laptops or mobile devices, leading to lower productivity. The origin of the term is based on work environments from decades ago, where it was common to glide around the workspace to alternate between devices such as telephones, file storage, copiers, and desks.
Threat hunting is a cyber defense activity that’s fully focused on identifying threats early on. Detecting new campaigns through continuous threat hunting can save your company a lot of time and money. Modern cybersecurity can no longer afford to be reactive, slow, and alert-driven. You need to be proactive and fast. Threat hunting allows you to pick up information about potential threats before-the-fact.
Threat intel is a collective term for all the information about threats and threat actors that help mitigate harmful events in cyberspace. It includes information gathered from open-source intelligence, social media intelligence, human intelligence, technical intelligence, or intelligence from the deep and dark web. The biggest advantage of threat intel is that it allows SOC teams to practice proactive cybersecurity.
Unified communications (UC) integrates (or unifies) multiple communication systems all on a common TCP/IP network technology. It can include video-based team conference meetings, 1-on-1 calls or chats, team collaboration rooms, recording meetings, sharing documents, communicating on a range of devices (fixed and mobile), etc. A unified communications solution offers a range of applications which enable better enterprise communication (both internally and externally) and let employees engage with each other in one unified system - making your staff more productive, compared to the one-dimensional, analog phone system.
A virtual network operations center is a central location with the sole purpose of reducing noise, identifying and prioritizing incidents, minimizing escalations, and ensuring uptime. With a remote working model, IT managers can virtually analyze alerts, metrics, logs, and traces with the aim of identifying and resolving the root cause of incidents before they become outages. A virtual NOC can help teams collaborate during the incident management process, diagnose and address issues through a single view, instead of multiple screens—each dedicated to different monitoring tools.
A parasitic malware that attaches itself to a host file or the MBR (Master Boot Record). It replicates itself inside the victim's computer by modifying other programs and inserting its own code. A virus can cause billions of dollars worth of economic damage to businesses. It is designed to jump from one system to another, making it a nuisance for modern computer systems.
Vulnerability Assessment (VA) is a systematic review of weaknesses in an organization’s information security systems. Organizations rely on effective vulnerability assessment programs, and with the right tools, they assess the risks and implement solutions to mitigate security breaches. These assessments are conducted regularly, but they become important when changes have been made such as installation of new equipment, adding new services, cloud migration, the opening of new ports, and so on. The vulnerability scanning process mainly consists of 4 steps – testing, analysis, assessment, and remediation. The assessments help organizations with information about the weaknesses in their environment, fresh insights into the risks, and recommendations on the best ways to mitigate those risks.
Vulnerability intelligence is a critical component of the risk assessment framework. It involves consolidating vital vulnerability information from a variety of external and internal sources and then providing a contextualized assessment of organizational risk. For each vulnerability, vendors examine historical data, criticality ratings, potential fixes, etc.
Vulnerability management involves proactively identifying and fixing potential weaknesses in an enterprise’s network security. The aim is to apply these fixes before a hacker can use them to cause a cybersecurity breach. Vulnerability management should take a comprehensive approach to the development of resilient network security best practices and processes designed to detect, analyze and address flaws in software or hardware that could serve as attack vectors. Vulnerability management might differ from one organization to the other depending the specific risks they face and resources available to tackle them.