securion.ai
    General 11 min read

    The Essential Security Glossary: 30 Terms Every Team Should Know

    A jargon-free reference for the cybersecurity terms that come up most often — from CVE to zero trust — written so non-specialists can read along in a meeting.

    The Essential Security Glossary: 30 Terms Every Team Should Know

    Foundations

    • CIA Triad — Confidentiality, Integrity, Availability. The three properties every security control aims to preserve.
    • Threat — A potential cause of unwanted impact (e.g. a ransomware gang).
    • Vulnerability — A weakness that a threat could exploit (e.g. an unpatched server).
    • Risk — The combination of likelihood × impact, given the threats and vulnerabilities you have.
    • Control — A safeguard that reduces risk (e.g. MFA, firewall, encryption).

    Attacks & Adversary Behavior

    • Phishing — Tricking a user into clicking, opening, or revealing something via deceptive email or message.
    • Ransomware — Malware that encrypts data and demands payment for the decryption key.
    • Lateral movement — Pivoting from one compromised system to others inside the network.
    • Privilege escalation — Gaining higher access than originally granted (user → admin).
    • C2 (command and control) — The infrastructure attackers use to send instructions to compromised hosts.
    • IOC (indicator of compromise) — A forensic artifact (hash, IP, domain) suggesting a system is compromised.
    • TTP — Tactics, Techniques, and Procedures — the patterns of behavior an adversary uses.

    Vulnerabilities & Exploits

    • CVE — Common Vulnerabilities and Exposures: a public registry of known software vulnerabilities, each with a unique ID like CVE-2026-12345.
    • CVSS — A 0–10 score reflecting a vulnerability's severity.
    • Zero-day — A vulnerability that's actively exploited before a patch is available.
    • Exploit — Code or technique that takes advantage of a vulnerability.
    • Patch — A fix issued by the vendor that closes the vulnerability.

    Defenses & Architecture

    • MFA — Multi-factor authentication: requiring a second factor (phone, key) beyond a password.
    • SSO — Single sign-on: one identity provider handles authentication for many apps.
    • Zero Trust — A model where no user or device is trusted by default; every access is verified.
    • Least privilege — Giving each user/service only the access strictly required.
    • EDR / XDR — Endpoint (or extended) detection & response: agents that watch for malicious behavior on endpoints.
    • SIEM — Security Information and Event Management: a platform that ingests logs and runs detection rules.
    • SOC — Security Operations Center: the team that watches alerts 24×7.
    • WAF — Web Application Firewall: filters HTTP requests to block common web attacks.

    Compliance & Emerging

    • SOC 2 — A widely used audit framework focusing on security, availability, confidentiality, processing integrity, and privacy.
    • ISO 27001 — An international ISMS standard.
    • PCI DSS — Payment card data protection standard.
    • GDPR / DPDP — EU and Indian data-protection laws.
    • SBOM — Software Bill of Materials: an inventory of components in a software product.
    • Prompt injection — An attack where untrusted input manipulates an LLM into doing something it shouldn't.
    • Shadow IT — Unsanctioned tools or services employees use without IT approval.