Lakeshore IT's Security Glossary

---

Advanced Persistent Threat (APT)

A sophisticated, long-term cyberattack where an intruder gains unauthorized access to a network and remains undetected for an extended period, often to steal sensitive data or monitor activity.

Access Management

The process of controlling and managing who can access systems, applications, and data within an organization, ensuring only authorized users have the right level of access.

AI Security

The practice of securing artificial intelligence systems and models against threats such as data poisoning, adversarial attacks, and model theft. AI Security ensures the integrity, confidentiality, and reliability of AI-driven processes.

Antivirus

Software designed to detect, prevent, and remove malicious programs (viruses, malware, spyware) from computers and networks.

Attack Vector

The method or pathway used by a cybercriminal to gain unauthorized access to a system or network. Examples include phishing emails, infected USB drives, or unpatched software vulnerabilities.

Authentication

The process of verifying a user’s identity before granting access to a system or resource, typically through passwords, biometrics, or security tokens.

Botnet

A network of compromised computers (bots) controlled remotely by a cybercriminal, often used to launch large-scale attacks like spam campaigns or Distributed Denial of Service (DDoS) attacks.

Business Continuity Plan (BCP)

A documented strategy that outlines how an organization will continue operating during and after a disruption, such as a cyberattack, natural disaster, or system failure.

Cloud Access Security Broker (CASB)

A security tool that acts as a gatekeeper between users and cloud services. CASBs provide visibility, compliance, data security, and threat protection for cloud applications by enforcing security policies.

Customer Identity and Access Management (CIAM)

A solution that manages and secures customer identities, providing features like registration, authentication, and consent management while ensuring a seamless user experience.

Cyberattacks

Deliberate attempts by individuals or groups to breach, damage, or disrupt computer systems, networks, or data for malicious purposes.

Data Loss Prevention (DLP)

A set of tools and processes designed to prevent sensitive data from being lost, misused, or accessed by unauthorized users. DLP solutions monitor and control data transfers across endpoints, networks, and cloud environments.

Decryption

The process of converting encrypted data back into its original readable form using a decryption key or algorithm.

Deepfake Phishing

A cyberattack that uses AI-generated fake audio, video, or images to impersonate trusted individuals and trick victims into revealing sensitive information or performing harmful actions.

Distributed Denial of Service (DDoS) Attack

A cyberattack where multiple compromised systems flood a target (such as a website or server) with traffic, overwhelming its resources and making it unavailable to legitimate users.

DNS Security

Measures and technologies that protect the Domain Name System (DNS) from attacks such as DNS spoofing, cache poisoning, and tunneling, ensuring users reach legitimate websites and preventing data exfiltration.

Encryption

The process of converting data into a coded format to prevent unauthorized access. Encrypted data can only be read by someone who has the correct decryption key.

Endpoint

Any device that connects to a network, such as laptops, desktops, mobile phones, servers, or IoT devices. Endpoints are often entry points for cyber threats.

Endpoint Detection and Response (EDR)

A cybersecurity solution that continuously monitors endpoints for suspicious activity, detects potential threats, and provides tools to investigate and respond to incidents in real time.

Ethical Hacking (White Hat)

The practice of intentionally probing systems and networks for vulnerabilities with permission, to identify and fix security weaknesses before malicious hackers exploit them.

Federated Identity

An authentication model that allows users to access multiple systems or applications using a single set of credentials, often through trusted identity providers.

Firewall

A security system (hardware or software) that monitors and controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between trusted and untrusted networks.

Firewall as a Service (FWaaS)

A cloud-based firewall solution that delivers network security without on-premises hardware. FWaaS provides centralized management, scalability, and protection for distributed environments, including remote users and branch offices.

Identity and Access Management (IAM)

A framework of policies and technologies that ensures the right individuals have appropriate access to technology resources, while preventing unauthorized access.

Identity as a Service (IDaaS)

A cloud-based solution that provides identity and access management capabilities, such as single sign-on (SSO), MFA, and user provisioning, without on-premises infrastructure.

Identity Governance

A framework that ensures compliance and security by managing user identities, roles, and access rights across systems, often including auditing and policy enforcement.

Identity Management

The process of creating, maintaining, and managing digital identities for users, including authentication, authorization, and lifecycle management.

Identity Threat Detection and Response (ITDR)

A security approach focused on detecting and responding to identity-based threats, such as compromised credentials or privilege escalation, to protect user accounts and access.

Identity Theft

The fraudulent acquisition and use of someone’s personal information (such as Social Security number or financial details) to commit crimes like fraud or unauthorized purchases.

Information Security (InfoSec)

The practice of protecting information from unauthorized access, disclosure, alteration, and destruction, ensuring confidentiality, integrity, and availability.

Intrusion Detection System (IDS)

A security tool that monitors network or system activities for malicious actions or policy violations and alerts administrators when suspicious activity is detected.

Malware

Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Examples include viruses, worms, trojans, ransomware, and spyware.

MDM (Mobile Device Management)

A technology that enables organizations to manage, monitor, and secure mobile devices (smartphones, tablets) used by employees, ensuring compliance and protecting sensitive data.

Multi-Factor Authentication (MFA)

A security method requiring two or more verification factors (e.g., password + fingerprint or one-time code) to confirm a user’s identity, reducing the risk of unauthorized access.

Privileged Access Management (PAM)

A security solution that controls and monitors access to critical systems and sensitive data by privileged users, reducing the risk of insider threats and credential misuse.

Passwordless Authentication

A method of verifying identity without traditional passwords, using alternatives like biometrics, magic links, or hardware tokens for enhanced security and convenience.

Password Management

Tools and practices for securely storing, generating, and managing passwords to reduce risks associated with weak or reused credentials.

Penetration Testing

A simulated cyberattack performed by security professionals to identify vulnerabilities in systems, networks, or applications before attackers can exploit them.

Phishing

A cyberattack that uses deceptive emails, messages, or websites to trick individuals into revealing sensitive information such as passwords or financial details.

 Post-Quantum Cryptography (PQC)

A set of cryptographic algorithms designed to withstand attacks from quantum computers, which could break traditional encryption methods. PQC aims to future-proof data security against next-generation computing threats.

Ransomware

A type of malware that encrypts a victim’s data and demands payment (usually in cryptocurrency) for the decryption key.

Rootkit

A collection of software tools that enable unauthorized users to gain control over a computer system while hiding their presence from detection.

Sandboxing

A security technique that isolates files or programs in a controlled environment to analyze their behavior without risking the main system. Commonly used to detect malware before it reaches production systems.

SASE (Secure Access Service Edge)

A cloud-based architecture that combines network security functions (like firewall, CASB, and zero-trust) with WAN capabilities to deliver secure and optimized access to applications and resources from any location.

SD-WAN (Software-Defined Wide Area Network)

A networking technology that uses software-based controllers to manage and optimize WAN traffic across multiple connections (such as MPLS, broadband, LTE), improving performance, security, and cost efficiency.

Security Engineering

The discipline of designing and implementing systems that maintain security principles (confidentiality, integrity, availability) throughout their lifecycle.

Secure Web Gateway (SWG)

A security solution that protects users from web-based threats by filtering and monitoring internet traffic. SWGs enforce company policies, block malicious websites, and prevent data leaks when users access the web.

SIEM (Security Information and Event Management)

A solution that collects, analyzes, and correlates security data from across an organization’s IT infrastructure to detect threats, monitor compliance, and provide real-time alerts.

Social Engineering

A manipulation technique that exploits human psychology to trick individuals into divulging confidential information or performing actions that compromise security.

SOAR (Security Orchestration, Automation, and Response)

A platform that automates and coordinates security operations tasks, such as incident response and threat remediation, to improve efficiency and reduce response times.

Threat Assessment

The process of identifying, analyzing, and evaluating potential security threats to determine their likelihood and impact on an organization. This helps prioritize risk mitigation strategies.

Two-Factor Authentication (2FA) / Multi-Factor Authentication (MFA)

A security method that requires users to provide two or more verification factors to access a system—such as a password plus a one-time code or biometric scan—making unauthorized access much harder.

Virtual Private Network (VPN)

A secure connection that encrypts internet traffic and routes it through a remote server, protecting data from interception and masking the user’s IP address for privacy.

Vulnerability

A weakness or flaw in a system, application, or network that can be exploited by attackers to gain unauthorized access or cause harm.

XDR (Extended Detection and Response)

An advanced security platform that integrates multiple security tools (endpoint, network, email, cloud) to provide unified threat detection, investigation, and response across the entire environment.

Zero-Day

A software vulnerability that is unknown to the vendor and has no patch available. Attackers exploit zero-day flaws before they are discovered and fixed, making them highly dangerous.

Zero Trust Network Access (ZTNA)

A security model that assumes no user or device is trusted by default, even inside the network. ZTNA enforces strict identity verification and grants access only to specific applications, reducing the risk of lateral movement by attackers.