Attack Surface - An attack surface is the sum of all potential entry points where unauthorised users can access and extract data from a system, network, or application. This includes all entry points that could be exploited by attackers, such as software vulnerabilities, open network ports, human errors, and more.

Brute Force Attacks - A brute force attack is a cyberattack in which an attacker attempts to gain unauthorised access by systematically guessing login credentials, encryption keys, or passwords until the correct combination is found. It is a high-volume, trial-and-error method that relies on automation and persistence rather than exploiting software vulnerabilities.

Cryptojacking - Cryptojacking is the unauthorised use of victims’ devices or servers to mine cryptocurrency for illicit profits. Attackers who engage in this form of malicious cryptomining aim to remain hidden in their victims’ computer systems or network for as long as possible to maximise the profits gained from cryptomining.  

Cyber Threat Intelligence -  also known as threat intel, refers to information derived from the collection and analysis of data about cybersecurity threats to an organisation’s digital infrastructure. CTI helps organisations understand threats and the Tactics, Techniques, and Procedures (TTPs) used by threat actors relevant to them.  

Cybersecurity Incidents - Cybersecurity incidents are events that pose a threat to the confidentiality and accessibility of an organisation’s data or assets. They often result from failed or inadequate cybersecurity measures and have the potential to disrupt business operations. 

Data Breach - Data breach refers to any cybersecurity incident where sensitive or confidential data belonging to individuals or organisations is accessed by unauthorised personnel. These data include Personally Identifiable Information (PII), private credentials, intellectual property, and other classified information. It is important to note that not all cybersecurity incidents or cyberattacks constitute data breaches, as in the case of Denial-of-Service (DoS) attacks. 

Deepfake - A deepfake is a synthetic media, usually a video or audio file, created using artificial intelligence (AI). By analysing large datasets, AI learns how a person moves, speaks, or emotes, then generates realistic fake content by superimposing their face or creating a synthetic voice. This makes it appear as though a person is doing or saying something they never did.

Digital Forensics - Digital forensics, a branch of forensics science, deals with the acquisition and analysis of digital evidence. The digital evidence gathered is crucial in investigating cybersecurity incidents or other criminal activities, contributing to legal procedures and incident response efforts.

Distributed Denial-of-Service (DDoS) - A DDoS attack is a cyberattack where attackers disrupt normal operations by overwhelming servers, systems or networks. They accomplish this by using up the limited bandwidth and processing power of these Information Technology (IT) infrastructures, preventing them from responding to legitimate users’ connection requests and data packets.

Incident Response - Incident response, in the realm of cybersecurity, refers to the approach taken by organisations to manage and address cybersecurity incidents. It encompasses a series of procedures, strategies and technologies aimed at efficiently responding to incidents, mitigating adverse effects and restoring operations to their normal state.  

Intrusion Detection System - An Intrusion Detection System (IDS) is a cybersecurity tool designed to monitor a network or a system for suspicious activity or policy violations. It works by analysing network traffic or system logs to detect signs of potential threats, such as unauthorised access, malware, or cyberattacks. When an IDS detects suspicious activity, it typically generates an alert for security administrators to investigate, allowing them to respond before significant damage is done. 

Malware - Malware, short for malicious software, includes any software intentionally designed to cause harm to a computer, server, or network. Malware can come in many variants, but they share similar objectives: financial gains, disruption and destruction of targeted entities, and political motivations. 

Man-in-the-Middle Attacks - A Man-in-the-Middle (MitM) attack is a cyberattack where a hacker secretly intercepts and manipulates communication between two unsuspecting parties. The attacker can eavesdrop on conversations, steal sensitive data, or even alter messages without the victims realising it.

NIST Cybersecurity Framework - The NIST Cybersecurity Framework (NIST CSF) is a set of guidelines and best practices developed by the National Institute of Standards and Technology (NIST) to help organisations manage and reduce cybersecurity risk. The NIST CSF provides a flexible and cost-effective approach to improving cybersecurity posture and is applicable to organisations of all sizes and sectors.

Phishing - Phishing is a type of social engineering attack where emails, messages, or social media are used to manipulate individuals into compromising their data security. Threat actors often impersonate trusted entities to deceive victims into clicking malicious links or revealing sensitive credentials and personal information.

Purple Teaming - Purple Teaming is a cybersecurity exercise that combines the strengths of both "Red Teams" (offensive security) and "Blue Teams" (defensive security) to improve an organisation's security posture. It fosters communication and cooperation between attackers (Red Teams) and defenders (Blue Teams), enabling better detection, response, and mitigation of potential threats.

Ransomware - Ransomware is a type of malicious software (malware) that blocks a victim’s access to data or a computer system, usually by encrypting it, until the victim pays a ransom fee to the attacker. Attackers often promise to restore the data if the ransom is paid, but these days, victims cannot be sure about this assurance, as the risk of data being destroyed or leaked remains

Red Teaming - Red Teaming is a cybersecurity exercise that involves a group of experts (known as the "Red Team") who simulate real-world cyberattacks on an organisation’s systems, networks, and personnel. Unlike traditional vulnerability assessments or penetration tests, which focus on identifying specific weaknesses, Red Teaming takes a broader approach by mimicking the tactics, techniques, and procedures (TTPs) of potential attackers.

SOC 2 Certification - SOC 2 (System and Organisation Controls 2) compliance refers to a certification framework established by the American Institute of Certified Public Accountants (AICPA). It focuses on five key "Trust Service Criteria" that businesses, particularly those handling sensitive data, need to meet to safeguard their systems.

Social Engineering Attacks - Social engineering attacks exploit human psychology to manipulate individuals into revealing sensitive information, granting unauthorised access, or, performing actions that compromise security. The primary goal of social engineering is to deceive individuals into compromising security measures by exploiting human tendencies such as curiosity, fear, or trust. 

Threat Actor - A threat actor is an individual or group responsible for malicious activities in the realm of cybersecurity. These actors exploit vulnerabilities in systems, networks, or software to compromise information and disrupt operations. They may target organisations or individuals with the intent to steal, alter, or destroy data.

VAPT - VAPT stands for Vulnerability Assessment and Penetration Testing. It is a comprehensive security testing methodology that helps organisations identify, assess, and mitigate security vulnerabilities in their IT infrastructure, applications, and networks. VAPT is a combination of two distinct but complementary security practices: Vulnerability Assessment (VA) and Penetration Testing (PT).