Lakeshore IT's Solutions - Technology Glossary

---

Cloud Glossary

Application Programming Interface (API)

A set of rules and protocols that allow different software applications to communicate and share data, enabling integration between systems and services.

Auto Scaling

A cloud feature that automatically adjusts computing resources (such as servers) based on demand, ensuring performance and cost efficiency.

Backup

The process of creating copies of data to protect against loss or corruption, enabling recovery in case of failure or disaster.

Big Data

Extremely large and complex data sets that require advanced tools and technologies for storage, processing, and analysis to extract meaningful insights.

Cloud Adoption

The process of integrating cloud services into an organization’s IT strategy, including migration, deployment, and optimization of cloud-based resources.

Cloud Billing

The process of tracking and charging for cloud services based on usage. It includes cost allocation, invoicing, and monitoring consumption under models like pay-as-you-go or subscription.

Cloud Bursting

A hybrid cloud strategy where an application runs in a private cloud but “bursts” into a public cloud during peak demand to access additional resources.

Cloud Economics

The financial principles and strategies behind cloud computing, focusing on cost optimization, ROI, and pricing models compared to traditional IT infrastructure.

Cloud Migration

The process of moving applications, data, and workloads from on-premises infrastructure to a cloud environment or between different cloud platforms.

Content Delivery Network (CDN)

A distributed network of servers that delivers web content (such as images, videos, and applications) to users based on their geographic location, improving speed and reliability.

Data Center

A physical facility that houses servers, storage systems, and networking equipment to store, process, and manage data for organizations.

Data ETL (Extract, Transform, Load)

A process used to move data from one system to another by extracting it from the source, transforming it into the desired format, and loading it into a target system or database.

Elasticity

The ability of a cloud system to dynamically scale resources up or down based on workload demands, ensuring optimal performance and cost savings.

Fault Tolerance

The capability of a system to continue operating properly even if one or more components fail, minimizing downtime and service disruption.

Hybrid Cloud

A combination of private and public cloud environments that work together, allowing data and applications to move seamlessly between them for flexibility and optimization.

Load Balancing

A technique that distributes network or application traffic across multiple servers to ensure reliability, performance, and availability.

Microservices

An architectural approach where applications are built as a collection of small, independent services that communicate via APIs, improving scalability and flexibility.

Multi-Tenant

A cloud architecture where multiple customers share the same infrastructure and resources while keeping their data and applications isolated.

Orchestration

The automated coordination and management of complex IT processes, such as deploying applications, managing containers, and integrating services.

Pay-as-You-Go

A cloud pricing model where organizations pay only for the resources they use, offering cost flexibility and eliminating upfront hardware investments.

Private Cloud

A cloud environment dedicated to a single organization, offering greater control, security, and customization compared to public cloud services.

Public Cloud

A cloud service delivered over the internet and shared among multiple organizations. It offers scalability and cost efficiency but with less control over infrastructure.

Quantum Computing

An advanced computing paradigm that uses quantum mechanics principles to process information, enabling exponentially faster calculations for certain tasks compared to classical computers.

Replication

The process of copying and maintaining data across multiple systems or locations to ensure availability, redundancy, and disaster recovery.

Scalability

The ability of a system to handle increasing workloads by adding resources (vertical scaling) or distributing tasks across multiple systems (horizontal scaling).

Service Level Agreement (SLA)

A formal contract between a service provider and a customer that defines performance standards, uptime guarantees, and responsibilities.

Utility Computing

A model where computing resources are provided as a metered service, similar to utilities like electricity—users pay only for what they consume.

Virtual Machine (VM)

A software-based emulation of a physical computer that runs an operating system and applications independently, enabling multiple VMs on a single physical server.

Virtual Private Cloud (VPC)

A secure, isolated section of a public cloud that functions like a private cloud, allowing organizations to run resources in a controlled environment with customizable networking.

Web Services

Standardized software components that enable applications to communicate and exchange data over the internet using protocols like HTTP and XML.

Compute Glossary

Application Migration

The process of moving an application from one environment to another, such as from on-premises infrastructure to the cloud or between different cloud platforms.

Application Modernization

Updating or transforming legacy applications to align with modern technologies, architectures, and practices—often involving cloud adoption, microservices, and containerization.

Big Data Analytics

The process of examining large and complex data sets to uncover patterns, trends, and insights using advanced analytics tools and techniques.

Cloud

A network of remote servers hosted on the internet that store, manage, and process data, enabling on-demand access to computing resources without local infrastructure.

Cloud Bursting

A hybrid cloud strategy where applications run in a private cloud but temporarily use public cloud resources during peak demand to handle additional workloads.

Cloud Computing

The delivery of computing services—including servers, storage, databases, networking, and software—over the internet, offering scalability and cost efficiency.

Container

A lightweight, portable unit that packages an application and its dependencies, ensuring consistent performance across different environments.

Data Governance

A set of policies and processes that ensure data is managed securely, accurately, and in compliance with regulations throughout its lifecycle.

Data Lake

A centralized repository that stores large volumes of raw, unstructured, and structured data for analytics and processing.

Data Migration

The process of transferring data between storage systems, formats, or environments, such as moving from on-premises to cloud storage.

Data Warehouse

A structured repository designed for storing and analyzing large volumes of organized data, typically used for business intelligence and reporting.

Edge Computing

A distributed computing model that processes data closer to its source (at the network edge) rather than in a centralized data center, reducing latency and improving performance.

Multicloud

The use of multiple cloud service providers within a single architecture to optimize performance, cost, and redundancy.

Quantum Computing

An advanced computing paradigm that uses quantum mechanics principles to perform calculations exponentially faster than classical computers for certain tasks.

Qubit

The basic unit of quantum information in quantum computing, capable of representing both 0 and 1 simultaneously through superposition.

Scaling Out

Increasing system capacity by adding more machines or nodes (horizontal scaling) to distribute workloads.

Scaling Up

Increasing system capacity by upgrading existing hardware resources (vertical scaling), such as adding more CPU or memory.

Virtual Desktop Infrastructure (VDI)

A technology that hosts desktop environments on a centralized server, allowing users to access virtual desktops remotely.

Virtual Machine (VM)

A software-based emulation of a physical computer that runs its own operating system and applications independently on shared hardware.

Virtualization

The process of creating virtual versions of physical resources—such as servers, storage, or networks—to improve efficiency and scalability.

Collaboration Glossary

Access Gateway

A network device that connects different types of networks, such as IP-based networks and traditional telephony networks, enabling communication 

between them.

Automatic Call Distribution (ACD)

A telephony system feature that automatically routes incoming calls to the most appropriate agent or department based on predefined rules.

Automated Attendant

An automated system that answers incoming calls and provides callers with a menu of options to route their call without human intervention.

Basic Rate Interface (BRI)

An ISDN service offering two 64 Kbps bearer (B) channels and one 16 Kbps data (D) channel, typically used for voice and data transmission in small-scale setups.

Call Manager (CCM)

A software-based call processing system that manages IP telephony calls, providing features like call routing, signaling, and device registration.

Direct Inward Dialing (DID)

A service that allows external callers to directly reach an internal extension without going through a receptionist or main phone number.

Domain Name System (DNS) Gateway

A system that translates domain names into IP addresses, enabling devices to locate and communicate with each other over IP networks.

IP (Internet Protocol)

A set of rules governing how data packets are addressed and transmitted across networks, forming the foundation of internet communication.

IP Integrated Voice Response (IP IVR)

An IP-based system that interacts with callers through voice and keypad inputs, often used for self-service applications like account inquiries.

IP Phone

A telephone that uses IP technology to transmit voice over a data network instead of traditional circuit-switched networks.

Integrated Services Digital Network (ISDN)

A set of communication standards for transmitting voice, video, and data over traditional telephone networks using digital signaling.

Private Branch Exchange (PBX)

A private telephone network used within an organization that manages internal and external calls, often providing advanced features like call forwarding and voicemail.

Plain Old Telephone Service (POTS)

The traditional analog voice service provided over copper telephone lines.

Primary Rate Interface (PRI)

An ISDN service offering 23 B channels and one D channel in North America (or 30 B channels and one D channel in Europe), used for larger-scale voice and data transmission.

Public Switched Telephone Network (PSTN)

The global network of circuit-switched telephone systems that provides traditional voice communication services.

Quality of Service (QoS)

A set of technologies and policies that prioritize certain types of network traffic (such as voice or video) to ensure performance and reduce latency.

Softphone

A software application that enables voice calls over IP networks using a computer or mobile device instead of a physical phone.

Trunk

A communication line or link that carries multiple voice or data channels between two points, often used to connect PBXs or networks.

Unified Messaging

A system that integrates different message types (voicemail, email, fax) into a single interface for easier access and management.

Voice over IP (VoIP)

A technology that enables voice communication over IP networks instead of traditional telephone lines.

Networking Glossary

5G

The fifth generation of mobile network technology, offering ultra-fast speeds, low latency, and massive device connectivity to support advanced applications like IoT and autonomous systems.

Access Point

A networking device that allows wireless devices to connect to a wired network using Wi-Fi. It acts as a bridge between wireless clients and the local area network (LAN).

Hyperconverged Infrastructure (HCI)

An IT framework that combines compute, storage, and networking into a single, software-driven system, simplifying management and improving scalability.

Internet Backbone

The primary data routes and high-capacity networks that form the core of the internet, connecting major data centers and ISPs globally.

IP Address

A unique numerical identifier assigned to each device connected to a network, enabling communication between devices over the internet or local networks.

IPv6

The latest version of the Internet Protocol, designed to replace IPv4, offering a vastly larger address space and improved security features.

Industry 4.0

The fourth industrial revolution, characterized by the integration of digital technologies such as IoT, AI, and automation into manufacturing and industrial processes.

Intent-Based Networking (IBNS)

A networking approach that uses automation and AI to translate business intent into network configurations, ensuring policies and performance goals are met dynamically.

Micro-Segmentation

A security technique that divides a network into smaller, isolated segments to limit lateral movement of threats and enforce granular security policies.

Software-Defined Networking (SDN)

An architecture that separates the network control plane from the data plane, enabling centralized management and dynamic configuration of network resources.

Network Security

The practice of protecting network infrastructure from unauthorized access, misuse, or attacks through technologies like firewalls, encryption, and intrusion detection.

Identity-Based Networking

A security model that controls network access based on user identity rather than device or IP address, enabling more granular and adaptive access policies.

Network Access Control (NAC)

A security solution that enforces policies to control which devices and users can access a network, ensuring compliance and reducing risk from unauthorized connections.

Network Virtualization

The process of combining hardware and software network resources into a single, virtualized network, enabling more flexible and efficient management of network services.

Power over Ethernet (PoE)

A technology that delivers electrical power and data over the same Ethernet cable, allowing devices like IP cameras and wireless access points to operate without separate power sources.

Routers

Networking devices that forward data packets between computer networks, directing traffic along the most efficient paths to ensure connectivity between devices and the internet.

Software-Defined Wide Area Network (SD-WAN)

A virtualized WAN architecture that uses software to manage and optimize network traffic across multiple connections, improving performance, security, and cost efficiency.

Power and Cooling Glossary

Backup Generator

A secondary power source that provides electricity during outages, ensuring critical systems remain operational.

Black Out

A complete loss of electrical power in a given area or system.

Brown Out

A temporary drop in voltage in an electrical power supply, which can cause equipment malfunction or damage.

Double Conversion UPS

An uninterruptible power supply that converts incoming AC power to DC and then back to AC, providing clean and consistent power regardless of input fluctuations.

Dual Power Feed

A setup where equipment receives power from two independent sources, improving redundancy and reliability.

Form Factor

The physical size, shape, and design of hardware components, such as servers or UPS units.

Intermediate Distribution Frame (IDF)

A smaller network distribution point that connects end-user devices to the main distribution frame (MDF) within a building.

Line Interactive UPS

A UPS that regulates voltage by adjusting power without switching to battery, offering protection against minor power fluctuations.

Liquid Cooling

A cooling method that uses liquid to dissipate heat from IT equipment, providing more efficient thermal management than air cooling.

Main Distribution Frame (MDF)

The primary network distribution point in a building that connects external lines to internal networks.

Managed UPS

An uninterruptible power supply with remote monitoring and management capabilities for proactive maintenance and control.

Modular UPS

A UPS system designed with interchangeable modules for scalability and easy maintenance.

N+1 Redundancy

A design principle where one additional component (such as a power supply) is added beyond what is required for operation, ensuring failover capability.

Power Distribution Unit (PDU)

A device that distributes electrical power to multiple IT equipment within a rack or data center.

Power Line Noise

Electrical interference on power lines that can disrupt or damage sensitive equipment.

Power Over Ethernet (PoE)

Technology that delivers electrical power and data over the same Ethernet cable, commonly used for devices like IP cameras and access points.

Power Swell

A temporary increase in voltage above normal levels, which can damage equipment.

Row-Based Cooling

A cooling strategy where cooling units are placed between rows of racks to provide targeted airflow.

Surge/Spike

A sudden increase in voltage that can damage electronic equipment.

System Downtime

The period during which a system or service is unavailable due to maintenance, failure, or other issues.

Tier I Data Center

Basic infrastructure with single path for power and cooling, offering limited redundancy.

Tier II Data Center

Includes redundant components for power and cooling but still has a single distribution path.

Tier III Data Center

Offers multiple power and cooling paths, allowing maintenance without downtime.

Tier IV Data Center

Highest level of redundancy and fault tolerance, ensuring continuous availability even during failures.

Uninterruptible Power Supply (UPS)

A device that provides backup power during outages and protects against power fluctuations.

UPS Runtime

The amount of time a UPS can supply power to connected equipment during an outage.

Voltage - Volt-Ampere (VA)

A unit used to measure apparent power in an electrical circuit, commonly used to size UPS systems.

 Storage Glossary

All-Flash Storage

A storage system that uses only solid-state drives (SSDs) instead of traditional hard disk drives (HDDs) for faster performance and lower latency.

Array

A collection of storage devices (such as disks) grouped together to function as a single unit for improved performance, capacity, or redundancy.

Asynchronous Replication

A data replication method where changes are copied to the secondary system with a delay, not in real-time.

Backup

A copy of data stored separately to protect against data loss or corruption.

Backup Schedule

A predefined plan that determines when backups occur (e.g., daily, weekly).

Backup Window

The time period allocated for completing backup operations.

 
Bare-Metal Restore

A recovery process that restores a complete system, including the operating system, applications, and data, onto a new or empty hardware.

Block Data

Data stored in fixed-size blocks, commonly used in block-level storage systems.

Business Continuity

A strategy ensuring that critical business functions continue during and after a disaster or disruption.

Cloning

Creating an exact copy of a storage volume or system for backup or testing purposes.

Cloud Storage

A service that stores data on remote servers accessed via the internet.

Compression

Reducing the size of data to save storage space and improve transfer speed.

Cyber Resiliency

The ability of an organization to continuously deliver intended outcomes despite cyberattacks, system failures, or other disruptions. It combines cybersecurity, business continuity, and disaster recovery strategies.

Data Cache

A temporary storage area that holds frequently accessed data for faster retrieval.

Data Protection

Measures and technologies used to safeguard data from loss, corruption, or unauthorized access.

Data Transfer Rate

The speed at which data moves between devices or systems, usually measured in Mbps or Gbps.

Deduplication

A process that eliminates duplicate copies of data to save storage space.

Direct Attached Storage (DAS)

Storage directly connected to a server or computer without a network.

Disaster Recovery

A set of processes and tools to restore systems and data after a catastrophic event.

Disaster Recovery as a Service (DRaaS) 

A cloud-based service that provides backup and recovery of IT infrastructure and data in case of a disaster, enabling rapid restoration without requiring on-premises hardware.

Disaster Recovery Plan

A documented strategy outlining procedures and resources needed to restore IT systems and data after a disaster or major disruption.

Disk Duplexing

A fault-tolerance technique where two disks mirror each other, each with its own controller.

Disk Striping

Splitting data across multiple disks to improve performance.

Disk-to-Disk-to-Tape (D2D2T)

A backup strategy that first copies data to disk and then to tape for long-term storage.

Distributed Storage

A system where data is spread across multiple physical locations for redundancy and scalability.

Encryption (Storage Encryption)

Securing data by converting it into an unreadable format, requiring a key to decrypt.

Failover

The process of automatically switching to a standby system, server, or network when the primary system fails, ensuring continuity of operations.

Fault Tolerance

The ability of a system to continue operating properly even when some components fail.

Full Backup

A backup that copies all data from the source system.

Incremental Backup

A backup that only copies data changed since the last backup.

Just a Bunch of Disks (JBOD)

A storage configuration where disks are not combined into RAID but used individually.

Latency

The delay between a request for data and its delivery.

Load Balancing

Distributing workloads across multiple systems or resources to optimize performance.

Logical Unit Number (LUN)

An identifier for a logical storage device presented to a host in a SAN environment.

Mirrored Servers

Two servers configured to replicate each other for redundancy.

Mirroring

Copying data in real-time from one disk or system to another for redundancy.

Multipathing

Using multiple physical paths between a server and storage to improve performance and fault tolerance.

Network Attached Storage (NAS)

A storage device connected to a network, providing file-level access to multiple clients.

Non-Volatile Memory Express (NVMe)

A high-performance storage protocol designed for SSDs that connects directly via PCIe, offering faster data transfer and lower latency compared to traditional protocols like SATA.

Point-in-Time Copy

A snapshot of data at a specific moment, used for backup or recovery.

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time. It defines how far back in time data can be restored after a failure.

Recovery Time Objective (RTO)

The maximum acceptable duration to restore systems and resume operations after a disruption.

Redundant Array of Independent Disks (RAID)

A storage technology that combines multiple disks for redundancy or performance.

Redundancy

Duplication of critical components or data to ensure availability in case of failure.

Remote Access

The ability to access systems or data from a distant location.

Replication

Copying data from one location to another for backup or disaster recovery.

Restore

The process of recovering data from a backup.

SAN (Storage Area Network)

A high-speed network that provides block-level storage access to servers, commonly used in enterprise environments for centralized storage.

Snapshot

A point-in-time copy of data, often used for backup or quick recovery without duplicating the entire dataset.

Storage Array 

A system that contains multiple storage devices managed as a single entity.

Storage Controller

Hardware or software that manages data flow between storage devices and servers.

Synchronous Replication

A replication method where data is copied to the secondary system in real-time.

Tiered Storage

Organizing data across different storage types based on performance and cost.

Tiering

The process of moving data between storage tiers based on usage patterns.

Tape Library (Virtual Tape Library)

A disk-based system that emulates tape storage for backup purposes.

Volume

A logical storage unit created from physical storage resources.

Virtual Tape Library (VTL)

A disk-based backup system that simulates traditional tape libraries.

Security Glossary

Advanced Persistent Threat (APT)

A sophisticated, long-term cyberattack where an intruder gains unauthorized access to a network and remains undetected for an extended period, often to steal sensitive data or monitor activity.

Access Management

The process of controlling and managing who can access systems, applications, and data within an organization, ensuring only authorized users have the right level of access.

AI Security

The practice of securing artificial intelligence systems and models against threats such as data poisoning, adversarial attacks, and model theft. AI Security ensures the integrity, confidentiality, and reliability of AI-driven processes.

Antivirus

Software designed to detect, prevent, and remove malicious programs (viruses, malware, spyware) from computers and networks.

Attack Vector

The method or pathway used by a cybercriminal to gain unauthorized access to a system or network. Examples include phishing emails, infected USB drives, or unpatched software vulnerabilities.

Authentication

The process of verifying a user’s identity before granting access to a system or resource, typically through passwords, biometrics, or security tokens.

Botnet

A network of compromised computers (bots) controlled remotely by a cybercriminal, often used to launch large-scale attacks like spam campaigns or Distributed Denial of Service (DDoS) attacks.

Business Continuity Plan (BCP)

A documented strategy that outlines how an organization will continue operating during and after a disruption, such as a cyberattack, natural disaster, or system failure.

Cloud Access Security Broker (CASB)

A security tool that acts as a gatekeeper between users and cloud services. CASBs provide visibility, compliance, data security, and threat protection for cloud applications by enforcing security policies.

Customer Identity and Access Management (CIAM)

A solution that manages and secures customer identities, providing features like registration, authentication, and consent management while ensuring a seamless user experience.

Cyberattacks

Deliberate attempts by individuals or groups to breach, damage, or disrupt computer systems, networks, or data for malicious purposes.

Data Loss Prevention (DLP)

A set of tools and processes designed to prevent sensitive data from being lost, misused, or accessed by unauthorized users. DLP solutions monitor and control data transfers across endpoints, networks, and cloud environments.

Decryption

The process of converting encrypted data back into its original readable form using a decryption key or algorithm.

Deepfake Phishing

A cyberattack that uses AI-generated fake audio, video, or images to impersonate trusted individuals and trick victims into revealing sensitive information or performing harmful actions.

Distributed Denial of Service (DDoS) Attack

A cyberattack where multiple compromised systems flood a target (such as a website or server) with traffic, overwhelming its resources and making it unavailable to legitimate users.

DNS Security

Measures and technologies that protect the Domain Name System (DNS) from attacks such as DNS spoofing, cache poisoning, and tunneling, ensuring users reach legitimate websites and preventing data exfiltration.

Encryption

The process of converting data into a coded format to prevent unauthorized access. Encrypted data can only be read by someone who has the correct decryption key.

Endpoint

Any device that connects to a network, such as laptops, desktops, mobile phones, servers, or IoT devices. Endpoints are often entry points for cyber threats.

Endpoint Detection and Response (EDR)

A cybersecurity solution that continuously monitors endpoints for suspicious activity, detects potential threats, and provides tools to investigate and respond to incidents in real time.

Ethical Hacking (White Hat)

The practice of intentionally probing systems and networks for vulnerabilities with permission, to identify and fix security weaknesses before malicious hackers exploit them.

Federated Identity

An authentication model that allows users to access multiple systems or applications using a single set of credentials, often through trusted identity providers.

Firewall

A security system (hardware or software) that monitors and controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between trusted and untrusted networks.

Firewall as a Service (FWaaS)

A cloud-based firewall solution that delivers network security without on-premises hardware. FWaaS provides centralized management, scalability, and protection for distributed environments, including remote users and branch offices.

Identity and Access Management (IAM)

A framework of policies and technologies that ensures the right individuals have appropriate access to technology resources, while preventing unauthorized access.

Identity as a Service (IDaaS)

A cloud-based solution that provides identity and access management capabilities, such as single sign-on (SSO), MFA, and user provisioning, without on-premises infrastructure.

Identity Governance

A framework that ensures compliance and security by managing user identities, roles, and access rights across systems, often including auditing and policy enforcement.

Identity Management

The process of creating, maintaining, and managing digital identities for users, including authentication, authorization, and lifecycle management.

Identity Threat Detection and Response (ITDR)

A security approach focused on detecting and responding to identity-based threats, such as compromised credentials or privilege escalation, to protect user accounts and access.

Identity Theft

The fraudulent acquisition and use of someone’s personal information (such as Social Security number or financial details) to commit crimes like fraud or unauthorized purchases.

Information Security (InfoSec)

The practice of protecting information from unauthorized access, disclosure, alteration, and destruction, ensuring confidentiality, integrity, and availability.

Intrusion Detection System (IDS)

A security tool that monitors network or system activities for malicious actions or policy violations and alerts administrators when suspicious activity is detected.

Malware

Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Examples include viruses, worms, trojans, ransomware, and spyware.

MDM (Mobile Device Management)

A technology that enables organizations to manage, monitor, and secure mobile devices (smartphones, tablets) used by employees, ensuring compliance and protecting sensitive data.

Multi-Factor Authentication (MFA)

A security method requiring two or more verification factors (e.g., password + fingerprint or one-time code) to confirm a user’s identity, reducing the risk of unauthorized access.

Privileged Access Management (PAM)

A security solution that controls and monitors access to critical systems and sensitive data by privileged users, reducing the risk of insider threats and credential misuse.

Passwordless Authentication

A method of verifying identity without traditional passwords, using alternatives like biometrics, magic links, or hardware tokens for enhanced security and convenience.

Password Management

Tools and practices for securely storing, generating, and managing passwords to reduce risks associated with weak or reused credentials.

Penetration Testing

A simulated cyberattack performed by security professionals to identify vulnerabilities in systems, networks, or applications before attackers can exploit them.

Phishing

A cyberattack that uses deceptive emails, messages, or websites to trick individuals into revealing sensitive information such as passwords or financial details.

Post-Quantum Cryptography (PQC)

A set of cryptographic algorithms designed to withstand attacks from quantum computers, which could break traditional encryption methods. PQC aims to future-proof data security against next-generation computing threats.

Ransomware

A type of malware that encrypts a victim’s data and demands payment (usually in cryptocurrency) for the decryption key.

Rootkit

A collection of software tools that enable unauthorized users to gain control over a computer system while hiding their presence from detection.

Sandboxing

A security technique that isolates files or programs in a controlled environment to analyze their behavior without risking the main system. Commonly used to detect malware before it reaches production systems.

SASE (Secure Access Service Edge)

A cloud-based architecture that combines network security functions (like firewall, CASB, and zero-trust) with WAN capabilities to deliver secure and optimized access to applications and resources from any location.

SD-WAN (Software-Defined Wide Area Network)

A networking technology that uses software-based controllers to manage and optimize WAN traffic across multiple connections (such as MPLS, broadband, LTE), improving performance, security, and cost efficiency.

Security Engineering

The discipline of designing and implementing systems that maintain security principles (confidentiality, integrity, availability) throughout their lifecycle.

Secure Web Gateway (SWG)

A security solution that protects users from web-based threats by filtering and monitoring internet traffic. SWGs enforce company policies, block malicious websites, and prevent data leaks when users access the web.

SIEM (Security Information and Event Management)

A solution that collects, analyzes, and correlates security data from across an organization’s IT infrastructure to detect threats, monitor compliance, and provide real-time alerts.

Social Engineering

A manipulation technique that exploits human psychology to trick individuals into divulging confidential information or performing actions that compromise security.

SOAR (Security Orchestration, Automation, and Response)

A platform that automates and coordinates security operations tasks, such as incident response and threat remediation, to improve efficiency and reduce response times.

Threat Assessment

The process of identifying, analyzing, and evaluating potential security threats to determine their likelihood and impact on an organization. This helps prioritize risk mitigation strategies.

Two-Factor Authentication (2FA) / Multi-Factor Authentication (MFA)

A security method that requires users to provide two or more verification factors to access a system—such as a password plus a one-time code or biometric scan—making unauthorized access much harder.

Virtual Private Network (VPN)

A secure connection that encrypts internet traffic and routes it through a remote server, protecting data from interception and masking the user’s IP address for privacy.

Vulnerability

A weakness or flaw in a system, application, or network that can be exploited by attackers to gain unauthorized access or cause harm.

XDR (Extended Detection and Response)

An advanced security platform that integrates multiple security tools (endpoint, network, email, cloud) to provide unified threat detection, investigation, and response across the entire environment.

Zero-Day

A software vulnerability that is unknown to the vendor and has no patch available. Attackers exploit zero-day flaws before they are discovered and fixed, making them highly dangerous.

Zero Trust Network Access (ZTNA)

A security model that assumes no user or device is trusted by default, even inside the network. ZTNA enforces strict identity verification and grants access only to specific applications, reducing the risk of lateral movement by attackers.