Secure Software Development
Expert-defined terms from the Postgraduate Certificate in Cybersecurity course at Stanmore School of Business. Free to read, free to share, paired with a globally recognised certification pathway.
Access Control #
Access control refers to the process of granting or denying access to a computer system, network, or physical space. It involves the use of security measures such as authentication, authorization, and accounting to ensure that only authorized individuals can access sensitive information or resources. Related terms include authentication, authorization, and identity management.
Accountability #
Accountability refers to the ability to track and record the actions of individuals or systems on a network or computer system. It involves the use of auditing and logging mechanisms to ensure that all actions are recorded and can be traced back to the individual or system responsible.
Advanced Persistent Threat (APT) #
An APT is a type of malicious threat that uses stealthy and sophisticated methods to evade detection and gain unauthorized access to a computer system or network. APTs are often used by nation-state actors or other advanced threat actors to steal sensitive information or disrupt critical infrastructure.
Application Security #
Application security refers to the process of designing and implementing secure software applications that are resistant to attacks and vulnerabilities. It involves the use of security testing, code reviews, and penetration testing to identify and remediate security vulnerabilities.
Authentication #
Authentication refers to the process of verifying the identity of an individual or system. It involves the use of credentials such as usernames, passwords, and biometric data to ensure that only authorized individuals can access a computer system or network.
Authorization #
Authorization refers to the process of granting or denying access to a computer system or network based on the identity of the individual or system. It involves the use of access control lists, group policies, and role-based access control to ensure that only authorized individuals can access sensitive information or resources.
Backdoor #
A backdoor is a type of malicious software that allows an attacker to gain unauthorized access to a computer system or network. Backdoors are often installed on a system without the knowledge or consent of the system owner, and can be used to steal sensitive information or disrupt critical infrastructure.
Botnet #
A botnet is a type of malicious software that allows an attacker to control a network of compromised computer systems. Botnets are often used to conduct distributed denial-of-service attacks, spread malware, and steal sensitive information.
Buffer Overflow #
A buffer overflow is a type of vulnerability that occurs when a software application receives more data than it is designed to handle. Buffer overflows can be used by attackers to execute arbitrary code on a system, allowing them to gain unauthorized access or disrupt critical infrastructure.
Certificate Authority (CA) #
A CA is an organization that issues digital certificates to individuals or systems. CAs are responsible for verifying the identity of individuals or systems and issuing certificates that can be used to establish trust and authentication.
Cloud Computing #
Cloud computing refers to the use of remote computing resources, such as servers, storage, and applications, over the internet. Cloud computing provides a range of benefits, including scalability, flexibility, and cost savings, but also introduces new security risks and challenges.
Computer Emergency Response Team (CERT) #
A CERT is a team of security experts who respond to computer security incidents, such as malware outbreaks or denial-of-service attacks. CERTs are responsible for providing incident response, security advice, and training to individuals and organizations.
Confidentiality #
Confidentiality refers to the ability to protect sensitive information from unauthorized access or disclosure. Confidentiality is one of the three main principles of information security, along with integrity and availability.
Cryptanalysis #
Cryptanalysis refers to the process of analyzing and breaking encryption algorithms and protocols. Cryptanalysis is used by security experts to identify vulnerabilities in encryption systems and develop new, more secure encryption methods.
Cryptography #
Cryptography refers to the practice of using mathematical algorithms and protocols to protect sensitive information from unauthorized access or disclosure. Cryptography involves the use of encryption, decryption, and hashing to secure data in transit and at rest.
Cybersecurity #
Cybersecurity refers to the practice of protecting computer systems, networks, and sensitive information from cyber threats, such as malware, phishing, and denial-of-service attacks. Cybersecurity involves the use of security measures, such as firewalls, intrusion detection systems, and encryption, to prevent, detect, and respond to cyber threats.
Data Loss Prevention (DLP) #
DLP refers to the process of preventing sensitive information from being lost, stolen, or misused. DLP involves the use of security measures, such as encryption, access control, and monitoring, to protect sensitive information and prevent data breaches.
Denial of Service (DoS) #
A DoS attack is a type of malicious attack that involves overwhelming a computer system or network with traffic in order to make it unavailable to legitimate users. DoS attacks can be used to disrupt critical infrastructure, steal sensitive information, or extort money from organizations.
Digital Forensics #
Digital forensics refers to the process of analyzing and examining digital evidence, such as computer logs, network traffic, and disk images, in order to investigate cyber crimes and security incidents. Digital forensics involves the use of specialized tools and techniques to collect, analyze, and present digital evidence in a court of law.
Digital Rights Management (DRM) #
DRM refers to the process of protecting digital content, such as music, movies, and software, from unauthorized copying, distribution, or use. DRM involves the use of technological measures, such as encryption and access control, to restrict access to digital content and prevent piracy.
Disaster Recovery #
Disaster recovery refers to the process of restoring computer systems, networks, and sensitive information after a disaster or security incident. Disaster recovery involves the use of backup and recovery procedures, such as data backups, system backups, and disaster recovery plans, to minimize downtime and ensure business continuity.
Encryption #
Encryption refers to the process of converting plaintext data into ciphertext data that can only be read by authorized individuals or systems. Encryption involves the use of algorithms and protocols to protect sensitive information from unauthorized access or disclosure.
Firewall #
A firewall is a type of security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Firewalls are used to prevent unauthorized access to computer systems and networks, and to protect against malware and other types of cyber threats.
Identity Management #
Identity management refers to the process of managing and authenticating the identity of individuals or systems. Identity management involves the use of credentials, such as usernames, passwords, and biometric data, to verify the identity of individuals or systems and grant access to computer systems and networks.
Incident Response #
Incident response refers to the process of responding to and managing security incidents, such as malware outbreaks or denial-of-service attacks. Incident response involves the use of incident response plans, security procedures, and communication protocols to minimize downtime and ensure business continuity.
Intrusion Detection System (IDS) #
An IDS is a type of security system that monitors network traffic for signs of unauthorized access or malicious activity. IDS systems use algorithms and protocols to identify and alert on potential security threats, and can be used to prevent intrusions and protect against cyber threats.
Malware #
Malware refers to any type of malicious software, including viruses, worms, trojans, and spyware. Malware is designed to harm or exploit computer systems and networks, and can be used to steal sensitive information, disrupt critical infrastructure, or extort money from organizations.
Network Security #
Network security refers to the practice of protecting computer networks from cyber threats, such as malware, phishing, and denial-of-service attacks. Network security involves the use of security measures, such as firewalls, intrusion detection systems, and encryption, to prevent, detect, and respond to cyber threats.
Penetration Testing #
Penetration testing refers to the process of simulating a cyber attack on a computer system or network in order to test its security and identify vulnerabilities. Penetration testing involves the use of tools and techniques to simulate a real-world attack, and can be used to improve the security posture of an organization.
Phishing #
Phishing refers to a type of social engineering attack that involves tricking individuals into revealing sensitive information, such as passwords or credit card numbers. Phishing attacks often involve the use of email or other forms of communication to trick individuals into divulging sensitive information.
Public Key Infrastructure (PKI) #
PKI refers to the process of managing and authenticating public and private keys used for encryption and decryption. PKI involves the use of certificates and certificate authorities to establish trust and authentication between individuals and systems.
Risk Management #
Risk management refers to the process of identifying, assessing, and mitigating risks to computer systems, networks, and sensitive information. Risk management involves the use of risk assessments, security procedures, and mitigation strategies to minimize the likelihood and impact of security incidents.
Secure Coding #
Secure coding refers to the practice of writing secure software code that is resistant to attacks and vulnerabilities. Secure coding involves the use of security best practices, such as input validation and error handling, to prevent common web application vulnerabilities.
Secure Sockets Layer/Transport Layer Security (SSL/TLS) #
SSL/TLS refers to a type of encryption protocol used to secure communications between a web browser and a web server. SSL/TLS involves the use of certificates and keys to establish trust and authentication between the browser and server.
Security Information and Event Management (SIEM) #
SIEM refers to the process of monitoring and analyzing security event logs and other security data to identify and respond to security incidents. SIEM involves the use of security information and event management systems to collect, analyze, and present security data in a meaningful way.
Security Orchestration, Automation, and Response (SOAR) #
SOAR refers to the process of automating and orchestrating security incident response processes, such as incident detection, incident response, and incident remediation. SOAR involves the use of security orchestration, automation, and response systems to improve the efficiency and effectiveness of security incident response.
Social Engineering #
Social engineering refers to a type of attack that involves tricking individuals into revealing sensitive information or performing certain actions. Social engineering attacks often involve the use of psychological manipulation and deception to trick individuals into divulging sensitive information.
Threat Intelligence #
Threat intelligence refers to the process of gathering, analyzing, and disseminating information about cyber threats, such as malware, phishing, and denial-of-service attacks. Threat intelligence involves the use of security information and event management systems to collect, analyze, and present threat data in a meaningful way.
Virtual Private Network (VPN) #
A VPN is a type of security system that creates a secure, encrypted connection between a computer or network and a remote server or network. VPNs are used to protect sensitive information and prevent unauthorized access to computer systems and networks.
Vulnerability Management #
Vulnerability management refers to the process of identifying, assessing, and mitigating vulnerabilities in computer systems, networks, and software applications. Vulnerability management involves the use of vulnerability scans, penetration testing, and patch management to minimize the likelihood and impact of security incidents.
Web Application Firewall (WAF) #
A WAF is a type of security system that monitors and controls incoming and outgoing web traffic based on predetermined security rules. WAFs are used to prevent unauthorized access to web applications and protect against common web application vulnerabilities, such as SQL injection and cross-site scripting.
Zero #
Day Exploit: A zero-day exploit is a type of malicious attack that takes advantage of a previously unknown vulnerability in a software application or system. Zero-day exploits are often used by advanced threat actors to gain unauthorized access to computer systems and networks, and can be used to steal sensitive information or disrupt critical infrastructure.
Zone of Trust #
A zone of trust refers to a network or system that is considered to be trusted and secure. Zones of trust are often used to segment networks and systems into different levels of trust, and to control access to sensitive information and resources based on the level of trust.