Cyber security glossary

An A-Z of commonly used words and phrases in cyber security

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z



A cyber criminal. See ‘Threat actors’.

An attempt to subvert or bypass a system's security. Attacks may be passive or active: active attacks attempt to alter or destroy data, whereas passive attacks try to intercept or read data without changing it.

Attack Surface Indicator (ASI)
A simple metric that quantifies how vulnerable your systems are to compromise. The ASI is calculated by dividing the number of high severity vulnerabilities identified in your IT estate by the number of endpoints you have.

Attack vector
The method a cyber criminal uses to gain access to a computer or network.


Business impact
The effect a cyber attack has on a business’ operations, finances, and reputation.


Access to, or disclosure of, information on an IT system without authorisation.

Credential harvesting
The illegal gathering of usernames and passwords by cyber criminals.


Domain Name Server (DNS)
The internet’s phonebook. DNS is a way of translating alphabetical website addresses which are easy to read and remember, into numerical IP addresses which identify the location of the website.

Dwell time
The length of time an attacker is present on an IT system without being detected.


The scrambling of data so it becomes very difficult to unscramble and interpret.

A computer or other user-driven device that communicates with the network it is connected to.

An attack crafted to breach a specific vulnerability in an IT system.


An unsecured, internet-connected computer that is monitored for signs of malicious activity and compromise attempts. The intelligence gathered from this activity is used to protect against future cyber attacks.

A term often used to describe the computer file to which a virus attaches itself. Most viruses run when the computer or user tries to execute the host file.


The action a virus carries out when it enters a computer system or storage device.

Internet of Things (IoT)
A term used to describe all objects with internet connectivity, including smart phones, wearable tech, cars, and household appliances.


A generic term used to describe malicious software such as viruses, trojans, spyware, and malicious active content.

MIME parts
Multipurpose Internet Mail Extension (MIME) parts are all the individual elements that form an email, including character sets, text, and non-text attachments such as images and videos.


A method of cyber attack that uses social engineering techniques via email or instant messaging, in an attempt to fraudulently acquire personal information, such as passwords and credit card details, or divert payments to a criminal’s account.


Malicious software that encrypts the hard drive of the PC it infects. The attacker then demands money in exchange for decryption software to release the PC owner’s data.


A pattern (often a simple string of characters or bytes) expected to be found in every instance of a particular virus. Anti-virus scanners and intrusion detection systems use these signatures to identify and locate specific viruses.

Unsolicited or unwanted electronic messages. Spam includes legitimate adverts, misleading adverts, and phishing messages designed to trick recipients into giving up personal and financial information.

Spoofed website
A site that mimics a real company’s website, to harvest confidential information (passwords, account numbers, card details, etc.) from people who are tricked into visiting it. The fake site looks exactly like the real site, down to the logo, graphics, and detailed information.


Threat actors
Cyber criminals, hackers, and other malicious individuals who use the internet to commit crimes such as identity theft, PC and network hijacking, illegal spamming, phishing, and fraud.

Threat landscape
The range of current cyber threats you could encounter.


Unintentional insider threat 
An employee who unwittingly allows a cyber attacker to achieve their goal, whether it’s a breach of systems or information, or diverting payments to a criminal’s account.


A file capable of attaching to disks or other files and replicating itself repeatedly, typically without a user’s knowledge or permission.

An exploitable weakness or loophole which allows an attacker to compromise a system.


Zero day attack
A brand new attack, never before detected by security teams, for which there is no immediate vendor solution.

Zero day vulnerability
A brand new vulnerability in a piece of software, which a vendor has not produced a security patch for.


Back to top

Our Solutions

Protect your business against cyber attacks

Our range of innovative cyber security solutions cover everything you need to protect and respond against today's threats.

Find out more
Our Approach

Working with you, to solve and overcome your cyber challenges

Our collaborative, customer-focused approach means we help you achieve your goals in the most efficient way.

Find out more
Switch to CORVID

Thinking of changing your current cyber security provider?

If you are considering switching cyber security provider, we are here to make the process as simple as it should be.

Find out more