hamburger

Breach and Attack Simulation Glossary

Vulnerability – A flaw in a system that can leave itself open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.

Exploit – An attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.

Advanced Persistent Threat (APT) – A stealth computer threat, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.

APT Simulation – A simulation of an APT attack.

Breach and Attack Simulation (BAS) –  A system for simulating cyber attacks in order to test an organization’s cyber defenses. It enables them to assess security effectiveness by simulating hacker breach methods to ensure security controls are working as expected.

Blue Team – A group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation.

Red Team – An independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. Often, the team will be responsible for finding a security flaw in a defense system that can be used for a cyber attack. The consensus today is that red teams can greatly enhance an organization’s cyber defenses.

Penetration Testing – The process of analyzing an organization’s system defenses, and finding weak points that can be used in a cyber attack.

Attack Vector – A weak point in a system (usually a software system), with a flaw in its implementation or configuration, that can enable an attacker to compromise the system, and possibly effect other systems as well.

Attack Vector Coverage – The process of maximizing defenses against various attack vectors.

Business Assets – Valuable knowledge or data that an organization has. A leak, caused by an attack on the organization, can impact the functionality and future of the business. Those assets usually the ones that are best protected.

Threat Remediation – The process of reversing, stopping, or closing the gap for exiting threats.

Endpoint Security – Endpoint security refers to securing endpoints, or end-user devices like desktops, laptops, and mobile devices. Endpoints serve as points of access to an enterprise network and create points of entry that can be exploited by malicious actors.

Data Exfiltration – Unauthorized transfer of sensitive information from a target’s network to a location which a threat actor controls.

Vulnerability – A flaw in a system that can leave itself open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.

Exploit – An attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.

Advanced Persistent Threat (APT) – A stealth computer threat, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.

APT Simulation – A simulation of an APT attack.

Breach and Attack Simulation (BAS) –  A system for simulating cyber attacks in order to test an organization’s cyber defenses. It enables them to assess security effectiveness by simulating hacker breach methods to ensure security controls are working as expected.

Blue Team – A group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation.

Red Team – An independent group that challenges an organization to improve its effectiveness by assuming an adversarial role or point of view. Often, the team will be responsible for finding a security flaw in a defense system that can be used for a cyber attack. The consensus today is that red teams can greatly enhance an organization’s cyber defenses.

Penetration Testing – The process of analyzing an organization’s system defenses, and finding weak points that can be used in a cyber attack.

Attack Vector – A weak point in a system (usually a software system), with a flaw in its implementation or configuration, that can enable an attacker to compromise the system, and possibly effect other systems as well.

Attack Vector Coverage – The process of maximizing defenses against various attack vectors.

Business Assets – Valuable knowledge or data that an organization has. A leak, caused by an attack on the organization, can impact the functionality and future of the business. Those assets usually the ones that are best protected.

Threat Remediation – The process of reversing, stopping, or closing the gap for exiting threats.

Endpoint Security – Endpoint security refers to securing endpoints, or end-user devices like desktops, laptops, and mobile devices. Endpoints serve as points of access to an enterprise network and create points of entry that can be exploited by malicious actors.

Data Exfiltration – Unauthorized transfer of sensitive information from a target’s network to a location which a threat actor controls.