Welcome to the Glossary! Whether you're already familiar with some of these terms or you're just becoming acquainted, our top-level glossary is a great resource for learning all of the relevant goods. Scroll through the full list below, search by term, or select by individual letter.

active content

Code hidden in documents, such as macros, which can be weaponized.

adaptive data loss prevention (A-DLP)

Solutions that automatically apply the optimal security treatment based on data’s content, context, and required regulation policies. This includes real-time redaction, encryption, blocking, or deleting. Fortra’s Digital Guardian and Clearswift product lines deliver adaptive data loss prevention solutions.

advanced encryption standard (AES)

A popular encryption standard approved by the U.S. National Institute of Standards and Technology (NIST).

advanced persistent threat (APT)

A cybercrime category directed at business and political targets. APTs require a high degree of stealth over a prolonged duration of operation to be successful.

agile development

A development approach that delivers software in increments by following the principles of the Manifesto for Agile Software Development.

antivirus (AV)

A program that searches, detects, prevents, and removes software viruses from a computer or server.

application programming interface (API)

A set of functions and procedures allowing the creation of applications that access the features or data of an operating system, application, or other service.

application service provider

A company that offers individuals or enterprises access to applications and related services over the internet.

artificial intelligence (AI)

A branch of computer science dealing with the simulation of intelligent behavior in computers; also the capability of a machine to imitate intelligent human behavior.

ASC X12 (X12)

A form of EDI data that is supported by the ASC X12 standard. It is used by organizations worldwide to exchange sensitive data with other businesses.

automated infrastructure management system (AIMS)

Hardware and software systems that monitor, map, and document connectivity across an entire network.

brand indicators for message identification (BIMI)

A standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded inboxes, with built-in protections against brand spoofing.

business email compromise (BEC)

A type of targeted phishing attack where the sender tricks email recipients into believing someone they know and trust (usually an executive) is asking them to carry out a specific financial task. Fortra’s Agari product line delivers BEC solutions. 

Business Intelligence (BI)

Real-time data that enables executives and users to make informed business decisions while easing the burden on IT. Fortra’s Sequel product line delivers business intelligence solutions. 

business process automation (BPA)

The automation of complex business processes and functions beyond conventional data manipulation and record-keeping activities, usually through advanced technologies. Fortra’s Automate and Robot product lines deliver BPA solutions. 

California Consumer Privacy Act of 2018 (CCPA)

A law that gives California consumers more control over the personal information businesses collect about them.

capacity management

Capacity management's goal is to ensure that information technology resources are sufficient to meet upcoming business requirements cost-effectively. Fortra’s Vityl product line delivers capacity management solutions.

cloud access security broker (CASB)

A layer of security policy enforcement between enterprise users and cloud service providers. CASBs provide security for devices and applications. Fortra doesn’t offer a CASB but some of our products are used with them. 

cloud computing

This refers to applications and services offered over the internet. They are essentially data centers, collectively referred to as “the cloud.” Cloud computing uses a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.

cloud workload protection platform (CWPP)

Provides the capabilities needed to secure workloads deployed in private, public, or hybrid clouds. CWPP solutions are designed to secure the application and any associated cloud resource.


Using two or more computer systems that work together. Typically, this refers to multiple servers that are linked together to handle varying workloads or to provide continued operation in case one fails.

command and control (C2)

Used in context of red teaming security.

Common Vulnerabilities and Exposures (CVE)

A list of publicly known security vulnerabilities and exposures.

computer incident response team (CIRT)

This group is responsible for responding to security breaches, viruses and other potentially catastrophic incidents in enterprises that face significant security risks.

computer misuse detection system (CMDS)

A real-time audit reduction and analysis system that detects and deters computer misuse.

confidentiality, integrity, availability (CIA)

At the core of information security is data assurance, also known as the CIA triad or the three pillars of data security - the balanced protection of confidentiality, integrity, and availability of data without hampering organizational productivity.

Configuration Management Database (CMDB)

A file that contains all relevant information about the hardware and software components used in an organization's IT services and the relationships between those components.

content management system (CMS)

Software used to manage the creation and modification of digital content.

content security policy (CSP)

A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context.

continuous integration & continuous delivery (CI/CD)

Redhat definition - CI/CD is a method to frequently deliver apps to customers by introducing automation into the stage of app development

controlled unclassified information (CUI)

A term that applies to U.S. federal agencies that routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release.

credential theft

When a cybercriminal steals usernames and passwords with the intent of accessing sensitive information for financial gain.

critical infrastructure protection (CIP)

A concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or nation.

customer relationship management (CRM)

The software system used to manage customer orders (e.g., Microsoft Dynamics 365 or Salesforce).


An attempt by hackers to damage or destroy a computer network or system, typically for financial gain.


The combination of people, policies, processes, and technologies employed by an enterprise to protect its cyber assets.