Cybersecurity Glossary – Learn the Language of Cyber
Welcome to our glossary of cybersecurity terms! This thread is here to help everyone—from total beginners to seasoned pros—understand key cybersecurity concepts. If you ever get stuck on a term in one of our posts, this is your go-to resource.
Pro tip: Suggest new terms in the comments and we’ll add them!
Cybersecurity Terms (A–Z)
| Term | Meaning |
|---|---|
| Access Control | A method that determines who can access or use systems and resources. |
| Adware | Unwanted software that displays ads on your device, often installed without your consent. |
| Advanced Persistent Threat (APT) | A long-term, targeted cyberattack where hackers secretly stay inside a system. |
| Antivirus | Software that detects and removes malicious programs like viruses or worms. |
| Authentication | Proving who you are—like entering a password or scanning a fingerprint. |
| Authorization | Giving approved users permission to access specific files or actions. |
| Backdoor | A hidden way into a system, often installed by hackers or poorly secured apps. |
| Black Hat | A hacker with malicious intent. The opposite of a “white hat” who hacks ethically. |
| Bot | Software that automates tasks, sometimes helpful (like chatbots), sometimes harmful. |
| Botnet | A group of infected devices controlled by hackers to perform attacks. |
| Brute Force Attack | Repeatedly trying all possible password combinations to guess the correct one. |
| Bug | A software error or flaw that causes unexpected behavior. |
| Business Continuity | A plan to keep a business running even during a cyberattack or disaster. |
| Certificate Authority (CA) | A trusted group that issues digital certificates to prove website legitimacy. |
| Cyber Espionage | Stealing sensitive information through cyber means, usually by nation-states. |
| Cybersecurity | Protecting systems, networks, and data from digital threats. |
| Data Breach | When sensitive data is accessed, leaked, or stolen without permission. |
| Data Encryption | Turning data into unreadable code to protect it from unauthorized access. |
| Denial of Service (DoS) | Overloading a website or system so real users can’t access it. |
| Digital Certificate | Proof that a website or file is legitimate and safe to interact with. |
| Digital Signature | A secure, verified way of signing documents electronically. |
| Domain Name System (DNS) | The system that turns website names (like google.com) into IP addresses. |
| Email Header | The behind-the-scenes information in an email showing where it came from. |
| Encryption | Scrambling data so only someone with the right key can read it. |
| Firewall | A security barrier that filters good vs. bad traffic on a network. |
| Hacker | Someone skilled in computer systems—may be ethical (white hat) or malicious (black hat). |
| Hybrid Analysis | A sandbox tool where you can safely test if a file or link is malicious. |
| Identity Theft | When someone uses your personal info to impersonate you or commit fraud. |
| Incident Response (IR) | How a team investigates and recovers from a cyberattack. |
| Intrusion Detection System (IDS) | Monitors network traffic for signs of an attack. |
| Intrusion Prevention System (IPS) | Similar to an IDS, but it can block attacks in real-time. |
| Keylogger | Malicious software that records everything you type—like passwords or messages. |
| Malware | Any software designed to harm or exploit a computer system. |
| Multi-Factor Authentication (MFA) | Using two or more ways to verify your identity (e.g., password + phone). |
| Network Security | Protecting the infrastructure that connects devices to the internet. |
| Password Cracking | Guessing or extracting passwords to break into systems. |
| Patch | A software update that fixes bugs or security issues. |
| Phishing | Fake emails or texts that try to trick you into giving up sensitive info. |
| Prometei Botnet | A malware network that steals data and spreads across systems. |
| Ransomware | Malware that locks your files and demands money to unlock them. |
| Rootkit | Malicious tools that hide deep inside a system and give hackers control. |
| Sandbox | A secure testing space where suspicious files or code can be opened safely. |
| Secure Socket Layer (SSL) | An old protocol for secure website connections—now replaced by TLS. |
| Security Policy | A company’s rules and guidelines for staying secure online. |
| Social Engineering | Tricking people into revealing information or clicking malicious links. |
| Spam | Unwanted emails, often trying to sell you something or trick you. |
| Spyware | Software that secretly collects information from your device. |
| Trojan Horse | Malware that pretends to be something safe—like a fake app or update. |
| TryHackMe | An online platform with labs and challenges to learn cybersecurity. |
| Two-Factor Authentication (2FA) | A login process using two methods to confirm identity (e.g., password + code). |
| Virtual Private Network (VPN) | A tool that encrypts your internet connection and hides your location. |
| Virus | A type of malware that spreads and damages systems or files. |
| Vulnerability | A weakness in a system that attackers can exploit. |
| Whitelist | A list of approved items that are allowed through security filters. |
| Wireshark | A tool for analyzing network traffic to find suspicious activity. |
| Worm | Malware that spreads on its own across networks. |
| Zero Day | A newly discovered flaw that has no fix yet — often targeted by attackers. |
Want to add a term? Drop a comment below with your suggestion and we’ll review it!
Linked from weekly updates: We’ll link to this glossary from our learning threads any time we introduce a new term.