Glossário de cibersegurança

Os 100 termos mais relevantes para desenvolvimento profissional em cibersegurança. Mostramos aqui os já traduzidos. Para o catálogo completo (600+ termos), visite a versão em inglês.

Penetration Testing Red Team Exploit Payload Lateral Movement Privilege Escalation Social Engineering Phishing Spear Phishing Vishing Smishing Pretexting Watering Hole Attack Drive-by Download Zero-Day Buffer Overflow SQL Injection Cross-Site Scripting Cross-Site Request Forgery Remote Code Execution Command Injection Directory Traversal Man-in-the-Middle Session Hijacking Credential Stuffing Brute Force Attack Rainbow Table Pass-the-Hash Kerberoasting Living off the Land Fileless Malware Rootkit Backdoor Trojan Ransomware Worm Botnet Command and Control Exfiltration Pivoting SIEM SOAR EDR XDR MDR SOC NOC IDS IPS Firewall Next-Generation Firewall Web Application Firewall Data Loss Prevention Network Detection and Response Threat Hunting Incident Response Digital Forensics Malware Analysis Reverse Engineering Sandboxing Honeypot Canary Token Deception Technology Threat Intelligence Indicators of Compromise Indicators of Attack Tactics, Techniques, and Procedures MITRE ATT&CK Kill Chain Log Management Network Traffic Analysis Vulnerability Scanning CIA Triad Governance Risk and Compliance Risk Assessment Risk Management Risk Appetite Risk Tolerance Compliance Audit Internal Audit Control Framework NIST 800-53 ISO 27001 ISO 27002 SOC 2 SOC 1 PCI DSS HIPAA GDPR CCPA CMMC FedRAMP FISMA DISA STIG CIS Controls CIS Benchmarks COBIT ITIL Security Policy Acceptable Use Policy

As definições são explicações originais escritas para fins de desenvolvimento profissional. Para definições técnicas autoritativas, consulte NIST, ISO ou o órgão de normalização correspondente.