Bahrain, Saudi Arabia
Need help? Call us!
Glossary
Last updated August 19, 2024
A
ACL (Access Control List)
A list of permissions used to control network traffic.
Admin (Administrator) rights
The highest level of privileges a user has in the operating system (OS) of an organization; usually allowed to perform most or all functions.
Allowlisting
Historically referred to as whitelisting, Allowlisting is a ThreatLocker endpoint security module that blocks all applications from operating unless explicitly permitted.Learn more about Allowlisting
B
Back Up
Short for “Data Back Up,” a Back Up is a method of saving your devices’ data in a different online or offsite location.
C
Cloud-based
Systems, applications, and operations that are cloud-based are hosted or conducted via the internet.
D
Data Theft
The act of unauthorized, illegal transfer of confidential data, normally personal data like health records, financial data, and personal identifiable data.
E
EDR (Endpoint Detection and Response)
EDRs monitor and record activities and workloads taking place on a device. Using various techniques, EDRs will work to detect any suspicious activity and respond accordingly. EDR enables IT administrators to view suspicious activity in near real-time across an organization's endpoints. Focusing on behavioral patterns and unusual activity, EDRs will work to block threats and protect devices.
F
Firewall
A security program or software that filters your network traffic and prevents outsiders, including malicious threat actors, from entering your organization.
G
Golden Ticket Attack
A golden ticket attack is an attack that targets Windows Active Directory access control. Threat actors bypass normal authentication by taking advantage of a Kerberos weakness. Attackers must have access to the system before a Golden Ticket Attack can be performed.
H
Hacker
Generally, someone who uses technical skills to overcome technical problems. In cybersecurity, a hacker is referred to as a threat actor with malicious intent to access an individual’s or organization’s data unauthorized.
I
Incident Response
A strategy developed for organizations to respond to cyber threats and attacks in their network.
J
Just-in-time
Another way of saying on demand, something is enabled exactly when needed and disabled when no longer needed.
K
Kerberos
An authentication protocol used to verify the identity of a host or user.
L
LAN (Local Area Network)
A LAN is a group of electronic devices that are in the same physical location and are connected via a network.
M
Macros
A single programming instruction that expands into a set of instructions to automate actions in your device, tools, or software in order to provide a certain output per user input. Macros are commonly found in office applications like Word and Excel.
N
Network Control
An endpoint firewall that enables you to have total control over all network traffic, using dynamic ACLs, all managed from a central location.
O
Observability
The ability to understand the inner workings of a system by observing only its external manifestations
P
PAM (Privileged Access Management)
The ability to manage users’ admin rights within your organization on a timed basis to mitigate risk by giving users the minimum access needed.
Q
R
RaaS (Ransomware as a Service)
Business model in which a ransomware organization will develop and launch ransomware in exchange for payment by the party that wishes to target an organization.
S
Spear Phishing
Spear Phishing is a targeted Phishing attempt where a threat actor researches a specific person (usually someone with higher-level admin access to data and programs) and uses what they have learned to create a tailored phishing attempt specifically for that user.
T
Two-Factor Authentication (2FA)
Identity and access management method that requires 2 unique forms of identification to successfully authenticate. Common authentication factors include something you know (password or passcode), something you have (hardware token or cell phone for SMS or OTC), and something you are (fingerprint, face ID). Combine 2 unique factors to create a more secure login such as a password and OTC or face ID and a passcode.
U
Unified Audit
A unified audit combines multiple logs into a single location. The ThreatLocker® Unified Audit is the central location within the ThreatLocker® portal to view all logged application, storage, and network activity for your organization.
V
Virtual Desktop Infrastructure (VDI)
VDIs are virtual desktops that are centrally hosted and managed. End users can log into the VDI from any location via a secure connection to further protect business data while permitting access to their work data. Physical hardware need not be supplied to employees, and businesses can easily maintain the security of the VDIs using the virtualization platform. The ThreatLocker® Testing Environment uses a VDI where admins can test untrusted applications without risking their critical business production environment.
W
Weaponization
Weaponization is the act of using something that by itself is not harmful in a malicious manner to inflict harm, I.e., using a Word document to embed a macro that attempts to contact a command and control center on the internet.
X
Y
Z
Zero-Day Vulnerabilities
A zero-day attack occurs when the developers are unaware of a vulnerability within a software, device, or network that becomes exploited by threat actors. The vulnerability, in this case, is known as a zero-day vulnerability. These "zero-day" vulnerabilities get their name from developers having zero days to implement responses and solutions for the exploited vulnerability.
Zero Trust
Zero Trust is a cybersecurity philosophy in which nothing (no users, no devices, etc.) is trusted by default, and everything is verified. Instead, all users, applications, network connections will be blocked by default until verified and expressly permitted. Once permitted, users, applications and network connections will only be allowed what is needed to carry out business, and nothing more.
Leading transformative technology solutions and services company.
About VirtuThinko
Solutions
Office Information
Office 410, Building 1848, Rd 5133 Block 351 Alburhama, Bahrain
(+973) 7799 0006
Opening Hours
Sunday - Thursday: 8am - 4pm
