Resources

A passive attack is a type of cyber attack that does not involve the direct manipulation of an infor...

Buffer overflow is a type of software vulnerability that occurs when a program attempts to write mor...

Vulnerability Management is the process of identifying, assessing, and prioritizing vulnerabilities ...

Network segmentation is the process of dividing a computer network into smaller segments or sub-netw...

A hacker is an individual who uses their technical knowledge to gain unauthorized access to computer...

Zero Day: A zero-day (also known as a zero-hour or zero-minute) vulnerability is a computer security...

Remediation is the process of addressing a problem, issue, or deficiency in order to restore a syste...

Patch management is the process of identifying, downloading, testing, and applying patches to softwa...

Passive scanning is a type of network security scanning technique used to detect potential security ...

An exploit is a piece of software, a command, or a methodology that takes advantage of a vulnerabili...

The Common Vulnerability Scoring System (CVSS) is a standard for measuring and rating the severity o...

Common Vulnerabilities and Exposures (CVE) is a list of publicly known cyber security vulnerabilitie...

Cyber-Risk Quantification is a process of assessing the potential risks associated with a company’s ...

Wardriving is a type of hacking that involves using a vehicle to search for and map wireless network...

An active attack is a type of cyber attack that attempts to alter, delete, or disrupt the availabili...

Attack Surface is the total sum of potential points of attack in a system, network, or application. ...

An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or ...

Security Metrics are measurements used to assess the effectiveness of an organization's security pos...

Threat Modeling Frameworks and Methodologies are a set of concepts, processes, and techniques used t...

Threat Modeling is a structured approach to identifying, analyzing, and responding to potential secu...

Security Testing Requirements refer to the specific criteria that must be met in order to ensure tha...

Vulnerability scanning is a process of identifying, quantifying, and prioritizing (ranking) the vuln...

Information Security Risk Treatment is the process of identifying, assessing, and responding to secu...

Vulnerability is a state of being open to potential harm, either physically, emotionally, or psychol...