Glossary

The concept of an abstraction layer simplifies interactions with complex systems by hiding intricate details behind a straightforward interface. By separating the internal workings of a...

What is access control? Access control is a foundational security technique that determines who or what can view, modify, or use resources within a computing environment....

What is Active Directory? Active Directory (AD) is a Microsoft directory service that plays a central role in managing users, computers, and other resources within a...

What is Administration and Governance? With digital transformation, cloud migration, and new threats discovered every day, strong cybersecurity measures require more than technical controls. A structured...

What is air-gapped security? Air-gapped security is a long-standing cybersecurity approach where critical systems are isolated from unsecured networks, including the internet. Historically, this method has...

What is an attack surface? An organization’s attack surface represents the total sum of vulnerabilities and entry points that attackers could exploit to access systems or...

What defines who we are in the digital space? The answer is attributes—those important data points that describe us and inform how systems interact with us....

What is audit and reporting in cybersecurity? A cybersecurity audit is a structured evaluation of an organization’s security framework, assessing policies, controls, and technologies to ensure...

What is authorization? Authorization provides the rules and mechanisms that ensure only approved users, systems, or devices can access specific resources or perform certain actions. It...

What is CAEP? Continuous Access Evaluation Profile (CAEP) is a security protocol (or standard) currently in development. Its purpose is to address the challenges of traditional...

If your company deals with mergers, acquisitions, or government contracts, you’ve probably heard about CFIUS. But what exactly is it, and why does it matter for...

What is Customer Identity and Access Management (CIAM) Customer identity and access management (CIAM) is the practice of securely managing customer identities and controlling their access...

The way we work has fundamentally changed. Applications, data, and users are no longer confined to the traditional office perimeter or on-premise applications. They’re spread across...

The concept of cyber resilience is about an organization’s ability to prepare for, respond to, and recover from cyber attacks or other disruptions affecting its digital...

What is cybersecurity compliance? Cybersecurity compliance refers to an organization’s adherence to established laws, regulations, standards, and guidelines that are created to protect sensitive data and...

What is cybersecurity insurance? Cybersecurity insurance, also known as cyber liability insurance, is a type of policy that helps protect businesses from the financial impact of...

What is DDIL? DDIL stands for Denied, Disrupted, Intermittent, and Limited, a term used to describe situations where internet access is unreliable, unpredictable, or completely unavailable....

Identity is the foundation of that security today. Yet managing digital identity across multiple systems and domains is complex, especially as users interact with an increasing...

Identity and Access Management (IAM) is a framework that helps organizations achieve two critical objectives: manage digital identities and control access to resources. It ensures that...

What is Identity Authentication? Identity Authentication in cybersecurity refers to verifying the identity of a user, device, or system, ensuring that access to resources is granted...

What is identity continuity? Identity continuity, also known as identity resilience or IAM resilience, is the ability to maintain uninterrupted and secure access to digital resources...

The modern enterprise is a complex web of applications, data, and users, often spread across on-premises systems, multiple clouds, and various devices. Managing identities and access...

What is identity orchestration? Identity orchestration is the process of integrating and automating identity-related tasks across multiple systems and applications. It’s akin to conducting an orchestra,...

What is an identity provider (IDP)? An identity provider (IDP) is a trusted system that manages and verifies user identities. Think of it as a digital...

What is identity security? Identity security is about securely managing digital identities throughout their lifecycle. Key components of identity security include protecting user credentials, managing access...

In today’s digital world, identity is everything. From logging into apps to enforcing Zero Trust policies, managing who can access what—and when—is at the core of...

What is a legacy IDP? Legacy identity systems refer to older, traditional, and outdated identity and access management (IAM) infrastructures.  Organizations have used them for decades...

To help organizations manage and mitigate cybersecurity risks, the National Institute of Standards and Technology (NIST) developed the Cybersecurity Framework (CSF), a valuable and flexible set...

What is privileged account management (PAM)? Privileged Access Management (PAM) is a set of cybersecurity strategies and technologies designed to control, monitor, and protect privileged accounts...

Public Key Infrastructure (PKI) is a critical framework that ensures secure digital communication through encryption and authentication. Below are common questions about PKI, along with detailed answers to enhance your understanding.​

What is the Principle of Least Privilege (PoLP)?  The Principle of Least Privilege (POLP) asserts that any user, system, or application should have only the minimum...

What is role-based access control (RBAC) RBAC is a method of regulating user access to computer or network resources based on the roles of individual users...

In today’s digital world, managing multiple logins across various platforms can be both cumbersome and a security risk. Organizations are constantly looking for ways to enhance...

What is single sign-on (SSO)? Single Sign-On (SSO) is an authentication method designed to make logging in easier and more secure. By allowing users to log...

What is the definition of workforce identity? Workforce identity refers to the way an organization manages and secures the digital identities of its employees, contractors, and...

What is the definition of Zero Trust? Zero Trust Security is a cybersecurity framework based on the concept of “never trust, always verify.” It assumes that...