Cybersecurity Glossary

299+ cybersecurity terms defined in plain language for career professionals. Each definition explains what the term means, why it matters for your cybersecurity career, and which roles use it daily.

Offensive SecurityDefensive SecurityGRC & ComplianceCloud SecurityIdentity & AccessFrameworks & StandardsCertificationsSales & GTMNetworking & InfrastructureCryptographyApplication Security

A

Acceptable Use PolicyAUPGRC & Compliance Access ReviewIdentity & Access Active DirectoryADIdentity & Access AESAESCryptography Annual Contract ValueACVSales & GTM Annual Recurring RevenueARRSales & GTM API SecurityCloud Security ARPARPNetworking & Infrastructure Asymmetric EncryptionCryptography Attribute-Based Access ControlABACIdentity & Access

B

BackdoorOffensive Security BANTBANTSales & GTM BGPBGPNetworking & Infrastructure Biometric AuthenticationIdentity & Access BotnetOffensive Security Brute Force AttackOffensive Security Buffer OverflowOffensive Security Bug BountyApplication Security Business Continuity PlanBCPGRC & Compliance Business Impact AnalysisBIAGRC & Compliance

C

Canary TokenDefensive Security CCPACCPAGRC & Compliance CCSPCCSPCertifications CDNCDNNetworking & Infrastructure CEHCEHCertifications Certificate AuthorityCACryptography Certificate ManagementCloud Security Certificate-Based AuthenticationCBAIdentity & Access ChampionSales & GTM Channel SalesSales & GTM CI/CD Pipeline SecurityCloud Security CIS BenchmarksGRC & Compliance CIS ControlsGRC & Compliance CIS Critical Security ControlsFrameworks & Standards CISACISACertifications CISMCISMCertifications CISSPCISSPCertifications Cloud Access Security BrokerCASBCloud Security Cloud ComplianceCloud Security Cloud ForensicsCloud Security Cloud MisconfigurationCloud Security Cloud Security Posture ManagementCSPMCloud Security Cloud Workload Protection PlatformCWPPCloud Security Cloud-Native Application Protection PlatformCNAPPCloud Security CMMCCMMCGRC & Compliance COBITCOBITGRC & Compliance Code ReviewApplication Security Command and ControlC2Offensive Security Command InjectionOffensive Security Common Vulnerabilities and ExposuresCVEFrameworks & Standards Common Vulnerability Scoring SystemCVSSFrameworks & Standards Common Weakness EnumerationCWEFrameworks & Standards Competitive DisplacementSales & GTM Compliance AuditGRC & Compliance CompTIA CASP+Certifications CompTIA CySA+Certifications CompTIA Network+Certifications CompTIA PenTest+Certifications CompTIA Security+Certifications Container SecurityCloud Security Content Security PolicyCSPApplication Security Control FrameworkGRC & Compliance CORSCORSApplication Security Credential StuffingOffensive Security CRISCCRISCCertifications Cross-Site Request ForgeryCSRFOffensive Security Cross-Site ScriptingXSSOffensive Security Customer Acquisition CostCACSales & GTM CVE AssignmentCVEApplication Security Cyber Kill ChainFrameworks & Standards

E

Economic BuyerSales & GTM EDRDefensive Security Elliptic Curve CryptographyECCCryptography EncryptionCryptography End-to-End EncryptionE2EECryptography Entitlement ManagementIdentity & Access ExfiltrationOffensive Security ExploitOffensive Security

F

FedRAMPFedRAMPGRC & Compliance FIDO2FIDO2Identity & Access Fileless MalwareOffensive Security FirewallDefensive Security FISMAFISMAGRC & Compliance

G

GCIHGCIHCertifications GDPRGDPRGRC & Compliance GIACGIACCertifications Governance Risk and ComplianceGRCGRC & Compliance GPENGPENCertifications GSECGSECCertifications GWAPTGWAPTCertifications

H

HashingCryptography HIPAAHIPAAGRC & Compliance Homomorphic EncryptionCryptography HoneypotDefensive Security HTTP/HTTPSHTTP/HTTPSNetworking & Infrastructure Hybrid Cloud SecurityCloud Security

I

IASTIASTApplication Security Identity and Access ManagementIAMIdentity & Access Identity FederationCloud Security Identity GovernanceIdentity & Access Identity Lifecycle ManagementIdentity & Access Identity Threat DetectionIdentity & Access IDSDefensive Security Incident ResponseDefensive Security Incident Response PlanIRPGRC & Compliance Independent Software VendorISVSales & GTM Indicators of AttackIOADefensive Security Indicators of CompromiseIOCDefensive Security Infrastructure as Code SecurityIaC SecurityCloud Security Input ValidationApplication Security Internal AuditGRC & Compliance IPSDefensive Security ISO 27001GRC & Compliance ISO 27002GRC & Compliance ITILITILGRC & Compliance

J

Just-in-Time AccessJITIdentity & Access

K

KerberoastingOffensive Security Key ExchangeCryptography Key ManagementCloud Security Kill ChainDefensive Security Kubernetes SecurityCloud Security

L

Land and ExpandSales & GTM Lateral MovementOffensive Security LDAPLDAPIdentity & Access Least PrivilegeIdentity & Access Lifetime ValueLTVSales & GTM Living off the LandLotLOffensive Security Load BalancerNetworking & Infrastructure Log ManagementDefensive Security

M

Malware AnalysisDefensive Security Man-in-the-MiddleMitMOffensive Security Managed Security Service ProviderMSSPSales & GTM MD5MD5Cryptography MDRDefensive Security MEDDICMEDDICSales & GTM MicrosegmentationCloud Security MITRE ATT&CKDefensive Security MITRE ATT&CK FrameworkFrameworks & Standards Monthly Recurring RevenueMRRSales & GTM Multi-Cloud SecurityCloud Security Multi-Factor AuthenticationMFAIdentity & Access

N

National Vulnerability DatabaseNVDFrameworks & Standards Net Revenue RetentionNRRSales & GTM NetFlowNetworking & Infrastructure Network Access ControlNACNetworking & Infrastructure Network Detection and ResponseNDRDefensive Security Network SegmentationNetworking & Infrastructure Network Traffic AnalysisDefensive Security Next-Generation FirewallNGFWDefensive Security NICE Cybersecurity Workforce FrameworkFrameworks & Standards NIST 800-53GRC & Compliance NIST Cybersecurity FrameworkNIST CSFGRC & Compliance NIST Cybersecurity FrameworkNIST CSFFrameworks & Standards NOCDefensive Security

O

OAuthIdentity & Access On-Target EarningsOTESales & GTM OpenID ConnectOIDCIdentity & Access OpenIOCFrameworks & Standards Original Equipment ManufacturerOEMSales & GTM OSCEOSCECertifications OSCPOSCPCertifications OSWEOSWECertifications Output EncodingApplication Security OWASP Top 10Frameworks & Standards

Q

Quantum-Resistant CryptographyCryptography Quota AttainmentSales & GTM

R

Rainbow TableOffensive Security RansomwareOffensive Security RASPRASPApplication Security Red TeamOffensive Security Remote Code ExecutionRCEOffensive Security Request for InformationRFISales & GTM Request for ProposalRFPSales & GTM Responsible DisclosureApplication Security Reverse EngineeringDefensive Security Reverse ProxyNetworking & Infrastructure Risk AppetiteGRC & Compliance Risk AssessmentGRC & Compliance Risk ManagementGRC & Compliance Risk ToleranceGRC & Compliance Role-Based Access ControlRBACIdentity & Access RootkitOffensive Security RoutingNetworking & Infrastructure RSARSACryptography

S

SAMLSAMLIdentity & Access SandboxingDefensive Security SASTSASTApplication Security SBOMSBOMApplication Security SCASCAApplication Security Secrets ManagementCloud Security Secure Access Service EdgeSASECloud Security Secure CodingApplication Security Security PolicyGRC & Compliance Security RequirementsApplication Security Security TestingApplication Security Separation of DutiesIdentity & Access Serverless SecurityCloud Security Service MeshCloud Security Session HijackingOffensive Security Session ManagementIdentity & Access sFlowNetworking & Infrastructure SHA-256SHA-256Cryptography Shared Responsibility ModelCloud Security Shift Left SecurityCloud Security SIEMDefensive Security Sigma RulesFrameworks & Standards Single Sign-OnSSOIdentity & Access SmishingOffensive Security SNMPSNMPNetworking & Infrastructure Snort RulesFrameworks & Standards SOARDefensive Security SOCDefensive Security SOC 1GRC & Compliance SOC 2GRC & Compliance Social EngineeringOffensive Security Software-Defined PerimeterSDPCloud Security Spear PhishingOffensive Security SQL InjectionOffensive Security SSCPSSCPCertifications STIXSTIXFrameworks & Standards STRIDESTRIDEFrameworks & Standards SubnetNetworking & Infrastructure Supply Chain SecurityGRC & Compliance SwitchingNetworking & Infrastructure Symmetric EncryptionCryptography System IntegratorSISales & GTM

T

Tactics, Techniques, and ProceduresTTPDefensive Security TAXIITAXIIFrameworks & Standards TCP/IPTCP/IPNetworking & Infrastructure Technical WinSales & GTM Third-Party RiskGRC & Compliance Threat HuntingDefensive Security Threat IntelligenceDefensive Security Threat ModelingApplication Security TLS HandshakeCryptography TLS/SSLTLS/SSLNetworking & Infrastructure Total Contract ValueTCVSales & GTM TrojanOffensive Security

V

Value-Added ResellerVARSales & GTM Vendor Risk ManagementVRMGRC & Compliance VishingOffensive Security VLANVLANNetworking & Infrastructure VPNVPNNetworking & Infrastructure Vulnerability ScanningDefensive Security

W

Watering Hole AttackOffensive Security Web Application FirewallWAFDefensive Security WiresharkNetworking & Infrastructure Workload IdentityCloud Security WormOffensive Security

X

XDRDefensive Security

Y

YARA RulesFrameworks & Standards

Z

Zero TrustCloud Security Zero Trust Network AccessZTNACloud Security Zero-DayOffensive Security

#

802.1XNetworking & Infrastructure

Frequently Asked Questions

What is a cybersecurity glossary?

A cybersecurity glossary is a reference collection of terms, acronyms, and concepts used across the security field. DecipherU's glossary covers 299+ terms with plain-language definitions and explains how each term connects to specific cybersecurity career paths.

Why do cybersecurity professionals need to know these terms?

Job interviews, certifications, and daily work all require fluency in security terminology. Knowing these terms helps you communicate with teams, understand job descriptions, pass certification exams, and perform your role effectively.

How many cybersecurity terms should I know for entry-level roles?

Entry-level roles like SOC Analyst typically require familiarity with 50 to 100 core terms covering defensive security, networking fundamentals, common attack types, and basic compliance concepts. CompTIA Security+ covers many of these foundational terms.

Definitions are original explanations written for career development purposes. For authoritative technical definitions, refer to NIST, ISO, or the relevant standards body.

Last verified: April 2026Report an inaccuracy

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options