Account Takeover Fraud (ATO)

Unauthorized access to an online account usually obtained through compromised credentials.

active content

Code hidden in documents, such as macros, which can be weaponized.

adaptive data loss prevention (A-DLP)

Solutions that automatically apply the optimal security treatment based on data’s content, context, and required regulation policies. This includes real-time redaction, encryption, blocking, or deleting. Fortra’s Digital Guardian and Clearswift product lines deliver adaptive data loss prevention solutions.

advanced persistent threat (APT)

A cybercrime category directed at business and political targets. APTs require a high degree of stealth over a prolonged duration of operation to be successful.

antivirus (AV)

A program that searches, detects, prevents, and removes software viruses from a computer or server.

artificial intelligence (AI)

A branch of computer science dealing with the simulation of intelligent behavior in computers; also the capability of a machine to imitate intelligent human behavior.

Brand Abuse

Unauthorized use of an organization’s brand to delude customers with counterfeiting, social media spoofing, look-alike domain registrations, and other trademark infringements.

brand indicators for message identification (BIMI)

A standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded inboxes, with built-in protections against brand spoofing.

brand protection

Technology that actively monitors and defends a company's reputation, digital assets, and revenue against threats like fraud, counterfeiting, and misuse across the internet, dark web, and digital platforms.

Browser-Blocking

A method of threat mitigation designed to block access to a website determined to be a security threat to web browsers and site visitors.

business email compromise (BEC)

A type of targeted phishing attack where the sender tricks email recipients into believing someone they know and trust (usually an executive) is asking them to carry out a specific financial task. Fortra’s Agari product line delivers BEC solutions. 

Business Intelligence (BI)

Real-time data that enables executives and users to make informed business decisions while easing the burden on IT. Fortra’s Sequel product line delivers business intelligence solutions. 

business process automation (BPA)

The automation of complex business processes and functions beyond conventional data manipulation and record-keeping activities, usually through advanced technologies. Fortra’s Automate and Robot product lines deliver BPA solutions. 

California Consumer Privacy Act of 2018 (CCPA)

A law that gives California consumers more control over the personal information businesses collect about them.

capacity management

Capacity management's goal is to ensure that information technology resources are sufficient to meet upcoming business requirements cost-effectively. Fortra’s Vityl product line delivers capacity management solutions.

cloud access security broker (CASB)

A layer of security policy enforcement between enterprise users and cloud service providers. CASBs provide security for devices and applications. Fortra doesn’t offer a CASB but some of our products are used with them. 

cloud computing

This refers to applications and services offered over the internet. They are essentially data centers, collectively referred to as “the cloud.” Cloud computing uses a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.

command and control (C2)

Used in context of red teaming security.

Common Vulnerabilities and Exposures (CVE)

A list of publicly known security vulnerabilities and exposures.

Compromised Credentials / Leaked Credentials

Credentials obtained by someone other than the owner. These compromised credentials could be usernames, passwords, and any other authentic credentials exposed from a cybersecurity breach and sold on the dark web for nefarious purposes.

confidentiality, integrity, availability (CIA)

At the core of information security is data assurance, also known as the CIA triad or the three pillars of data security - the balanced protection of confidentiality, integrity, and availability of data without hampering organizational productivity.

Configuration Management Database (CMDB)

A file that contains all relevant information about the hardware and software components used in an organization's IT services and the relationships between those components.

content management system (CMS)

Software used to manage the creation and modification of digital content.

content security policy (CSP)

A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context.

continuous integration & continuous delivery (CI/CD)

Redhat definition - CI/CD is a method to frequently deliver apps to customers by introducing automation into the stage of app development

controlled unclassified information (CUI)

A term that applies to U.S. federal agencies that routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release.

Counterfeit Fraud

Imitating legitimate brands to steal or deceive customers into giving them money.

Credential Theft

Illegally obtaining usernames and passwords to get access to networks, systems, or other online accounts.

Crimeware

A subgroup of malware designed to carry out or facilitate illegal online activity, including account access, theft, fraud, social engineering, and more.

critical infrastructure protection (CIP)

A concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or nation.

cyber kill chain

Coined by Lockheed Martin, the cyber kill chain is a model that separates the steps of a typical cyber intrusion into seven distinct stages, which enables security professionals to identify, block, and mitigate attacks more effectively.

cyberattack

An attempt by hackers to damage or destroy a computer network or system, typically for financial gain.

cybersecurity

The combination of people, policies, processes, and technologies employed by an enterprise to protect its cyber assets.

Cybersecurity Maturity Model Certification (CMMC)

The U.S. Department of Defense’s unified standard for implementing cybersecurity across the defense industrial base (DIB), which includes over 300,000 companies in the supply chain.

Cybersquatting

Also known as domain squatting, cybersquatting is the intentional and malicious registration and use of domain names that are identical or similar to brands, company names, personal names, services, and trademarks with the intent to profit.

cyberthreat protection (CTP)

In general, the solutions that defend systems and networks from cyberattack.