Information Security Glossary

Glossary Term



Digital forensics and incident response (DFIR) is the process of finding malicious hackers who have gotten into your system, finding out what they have done, and containing the threats they pose.

Data classification

Data classification means categorizing your data by sensitivity and the impact to your business if it is stolen or destroyed. Classifying data makes it much simpler to protect your most sensitive data from bad actors.


Ransomware is a tool malicious hackers use to extort valuable assets from people or organizations. Typically, ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious hackers commonly use ransomware to lock valuable systems and data that organizations need to operate their systems and business. After these scammers gain control of an organization’s valuable assets, they demand a ransom be paid to unlock the hostage files.


Service Organization Control 2 (SOC2) is a voluntary set of compliance requirements for technology service providers that shows your product has the necessary IT standards in place to secure customer data. SOC2 compliance is determined by an outside audit.


Software as a service (SaaS) is a way for users to connect to a service, such as email, over the internet instead of installing software on their own devices. The service is run and managed by the SaaS provider at their data center.


Sandboxing is the practice of using an isolated environment, or “sandbox”, to safely run untested code to watch for suspicious behavior without putting your network at risk.

Cloud perimeter security (CASB)

A cloud access security broker (CASB) is a hub for authentication and encryption between users and cloud service providers. CASBs can be either cloud-hosted or on-premises and enforce policies such as device profiling, logging, single sign-on, and malware detection.

Browser isolation

Browser isolation is a technique used to separate browsing activity from endpoint hardware by loading the webpage onto a remote browser and only displaying the pixels of the page to the end user. The webpage functions the same for the user, but any malicious code on the website is kept away from the endpoint.

Advanced persistent threat

Advanced persistent threat (APT) is typically a state-sponsored group that seeks to gain unauthorized access to government or large enterprise networks and remain undetected for a long time, with the intention of stealing data.

Nation state actors

A nation-state actor is a government-sponsored group that targets public and private sector networks to steal or change valuable data.