single pane of glass (SPOG)

Single pane of glass is a term used throughout the IT and management fields relating to a management tool that unifies data or interfaces across several different sources and presents them in a single view.

software as a service (SaaS)

A software distribution model in which software is licensed on a subscription basis and is centrally hosted. It is a form of cloud computing that gives users access to software that runs on a shared resource online.

spear phishing

A cybercrime that uses emails to carry out targeted attacks against individuals and businesses.

static application security testing (SAST)

Static application security testing is used to secure software by reviewing the source code of the software to identify sources of vulnerabilities.

supervisory control and data acquisition (SCADA)

A system used in manufacturing for acquiring measurements of process variables and machine states, and for performing regulatory or machine control across a process area or work cell.

threat intelligence (TI)

The analysis of data using tools and techniques to generate meaningful information about existing or emerging threats targeting the organization that helps mitigate risks.

threat vulnerability management (TVM)

The cyclical practice of identifying, assessing, classifying, remediating, and mitigating security weaknesses together with fully understanding root cause analysis to address potential flaws in policy, process and, standards – such as configuration standards.

transport layer security (TLS)

A cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions.

unified threat management (UTM)

An approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function.

vishing, voice phishing

The use of manipulative, phone-based tactics to get victims to reveal private information that can be used for digital theft.

vulnerability assessment (VA)

A rapid automated review of network devices, servers and systems to identify key vulnerabilities and configuration issues that an attacker may be able to take advantage of.

vulnerability assessment and penetration test (VAPT)

A security testing to identify security vulnerabilities in an application, network, endpoint, and cloud. Vulnerability Assessment scans the digital assets and notifies organizations about pre-existing flaws. Penetration test exploits the vulnerabilities in the system & determines the security gaps.

Vulnerability Management (VM)

The process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them.

web application firewall (WAF)

A specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities.

workload automation (WLA)

Solutions designed to maintain service levels across a diverse mix of platforms and applications with unified job scheduling and workload automation. Products from Fortra’s JAMS and Automate product lines provide WLA solutions.

zero trust

A security concept centered on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead must verify anything and everything trying to connect to systems before granting access.

zero-day attack, zero-day exploit

An attack that exploits a previously unknown hardware, firmware, or software vulnerability.