https://upguard-staging.webflow.ioThu, 18 Dec 2025 01:02:30 GMTWebflowhttps://upguard-staging.webflow.io/glossary/business-email-compromisehttps://upguard-staging.webflow.io/glossary/business-email-compromiseBusiness email compromise (BEC) is a type of email scam where cybercriminals scam organizations through social engineering techniques. BEC is also referred to as email account compromise (EAC) or ‘man-in-the-email’ scamming.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/business-continuity-planhttps://upguard-staging.webflow.io/glossary/business-continuity-planA business continuity plan (BCP) outlines a set of preventive and recovery actions to be undertaken in the event of an incident. Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/kerberos-authenticationhttps://upguard-staging.webflow.io/glossary/kerberos-authenticationKerberos is an authentication protocol that uses secret-key cryptography to secure client-server communications.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/indicators-of-attack-ioashttps://upguard-staging.webflow.io/glossary/indicators-of-attack-ioasAn Indicator of Attack is real-time evidence of a cyberattack taking place. IOAs indicate the intentions behind the attack and the likely techniques that will be implemented.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/threat-intelligencehttps://upguard-staging.webflow.io/glossary/threat-intelligenceThreat intelligence is information gathered by information security teams that is used to identify an organization’s cyber threats and mitigate the impact of any cyber attacks. Ongoing challenges across the cybersecurity landscape, like costly data breaches and increasing advanced persistent threats (APTs), are highlighting the importance of threat intelligence.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/data-leakhttps://upguard-staging.webflow.io/glossary/data-leakA data leak is an overlooked exposure of sensitive data usually occurring through a software vulnerability.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/vendor-tieringhttps://upguard-staging.webflow.io/glossary/vendor-tieringVendor tiering is the process of categorizing third-party vendors by the level of security risk they introduce to an ecosystem.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/cyberattackhttps://upguard-staging.webflow.io/glossary/cyberattackA cyber attack is any unauthorized access to an IT network or digital devices for malicious purposes such as data theft, malware injection, or the initiation of additional attacks.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/digital-riskhttps://upguard-staging.webflow.io/glossary/digital-riskDigital risk involves all of the negative consequences resulting from digital transformation. Digital transformation is the process of scaling a business by increasing its dependency on digital solutions.Thu, 10 Jul 2025 08:09:36 GMThttps://upguard-staging.webflow.io/glossary/cybersecurityhttps://upguard-staging.webflow.io/glossary/cybersecurityCybersecurity is the practice of protecting sensitive data and IT networks from unauthorized access and cyber attacks.Wed, 02 Jul 2025 06:44:19 GMThttps://upguard-staging.webflow.io/glossary/phishinghttps://upguard-staging.webflow.io/glossary/phishingPhishing is a type of social engineering attack that aims to steal sensitive data from individuals and organizations. Thu, 26 Jun 2025 07:02:26 GMThttps://upguard-staging.webflow.io/glossary/proxy-serverhttps://upguard-staging.webflow.io/glossary/proxy-serverA proxy server acts as a middle man that forwards data requests from a user to the origin server. Thu, 26 Jun 2025 07:02:26 GMThttps://upguard-staging.webflow.io/glossary/fourth-party-riskhttps://upguard-staging.webflow.io/glossary/fourth-party-riskFourth-party risk is risk brought on by your vendors’ vendors. An organization’s cybersecurity practices can become obsolete if its vendors do not have a robust third-party risk management (TPRM) program in place to manage fourth-party risk.Wed, 24 Apr 2024 09:59:56 GMThttps://upguard-staging.webflow.io/glossary/attack-vectorhttps://upguard-staging.webflow.io/glossary/attack-vectorA cyber attack vector is a method of gaining unauthorized access to a private IT network. Cybercriminals exploit attack vectors to launch cyberattacks and inject malicious payloads.Thu, 13 Oct 2022 05:25:46 GMThttps://upguard-staging.webflow.io/glossary/data-breachhttps://upguard-staging.webflow.io/glossary/data-breachA data breach is a critical security incident in which sensitive data is accessed without authorization or lost. These events are usually initiated by cybercriminals.Mon, 12 Sep 2022 01:54:20 GMThttps://upguard-staging.webflow.io/glossary/metasploithttps://upguard-staging.webflow.io/glossary/metasploitMetasploit is a penetration testing framework, consisting of a number of tools used to test network security and discover system vulnerabilities.Mon, 12 Sep 2022 01:53:55 GMThttps://upguard-staging.webflow.io/glossary/advanced-persistent-threat-apthttps://upguard-staging.webflow.io/glossary/advanced-persistent-threat-aptAn Advanced Persistent Threat (APT) is a stealth cyberattack campaign where a hacker remains undetected inside a network to steal data for extended periods of time.Mon, 12 Sep 2022 01:51:54 GMThttps://upguard-staging.webflow.io/glossary/lightweight-directory-access-protocol-ldaphttps://upguard-staging.webflow.io/glossary/lightweight-directory-access-protocol-ldapMon, 12 Sep 2022 01:50:43 GMThttps://upguard-staging.webflow.io/glossary/compliance-managementhttps://upguard-staging.webflow.io/glossary/compliance-managementCompliance management is the practice of submitting all policies and IT solutions to the cybersecurity regulations that apply to a particular industry.Mon, 12 Sep 2022 01:49:42 GMThttps://upguard-staging.webflow.io/glossary/server-message-blockhttps://upguard-staging.webflow.io/glossary/server-message-blockSMB (Server Message Block) is a Windows communication protocol that allows users to share files, access print services, and browse across a local area network (LAN). The protocol was first released by IBM in 1983 and Microsoft has since released many newer versions (or dialects), including the now-obsolete CIFS (Common Internet File System).Mon, 12 Sep 2022 01:48:47 GMThttps://upguard-staging.webflow.io/glossary/common-internet-file-systemhttps://upguard-staging.webflow.io/glossary/common-internet-file-systemCIFS (Common Internet File System) is a file-sharing protocol which enables local devices to access remote files and print services. The protocol is an unsecured dialect of SMB (Server Message Block), a communication protocol originally developed by IBM, with later versions developed by Microsoft.Mon, 12 Sep 2022 01:48:25 GMThttps://upguard-staging.webflow.io/glossary/social-engineeringhttps://upguard-staging.webflow.io/glossary/social-engineeringSocial engineering is the practice of tricking victims into supplying private information that could facilitate unauthorized access to a network. Mon, 12 Sep 2022 01:48:06 GMThttps://upguard-staging.webflow.io/glossary/essential-eighthttps://upguard-staging.webflow.io/glossary/essential-eightThe Essential Eight is a cyber security posture maturity model by the Australian Cyber Security Center. The framework aims to help Australian businesses achieve the minimum baseline of cyber security recommended by the Australian government to defend against cyber threats.Mon, 12 Sep 2022 01:46:29 GMThttps://upguard-staging.webflow.io/glossary/vendor-risk-management-programhttps://upguard-staging.webflow.io/glossary/vendor-risk-management-programA vendor risk management (VRM) program documents the processes and procedures an organization needs to implement an effective third-party risk management policy.Mon, 12 Sep 2022 01:45:45 GMThttps://upguard-staging.webflow.io/glossary/slacip-acthttps://upguard-staging.webflow.io/glossary/slacip-actThe SLACIP Act builds upon the SOCI ACT to further improve the cybersecurity of Australia's Critical Infrastructures.Mon, 12 Sep 2022 01:45:13 GMThttps://upguard-staging.webflow.io/glossary/spring4shellhttps://upguard-staging.webflow.io/glossary/spring4shellSpring4Shell is a a zero-day vulnerability in the Spring Core Java networkMon, 12 Sep 2022 01:44:54 GMThttps://upguard-staging.webflow.io/glossary/ttp-huntinghttps://upguard-staging.webflow.io/glossary/ttp-huntingTTP hunting is a form of cyber threat hunting that analyzes the Tactics, Techniques, and Procedures (TTP) of cybercriminals.Mon, 12 Sep 2022 01:43:52 GMThttps://upguard-staging.webflow.io/glossary/endpoint-detection-and-responsehttps://upguard-staging.webflow.io/glossary/endpoint-detection-and-responseEndpoint detection and response (EDR), also known as endpoint threat detection, is a type of cybersecurity tool that identifies and mitigates cyber threats.Sun, 23 Jan 2022 23:35:16 GMThttps://upguard-staging.webflow.io/glossary/security-operations-centerhttps://upguard-staging.webflow.io/glossary/security-operations-centerA security operations center (SOC) is a hub staffed by security personnel who continuously monitor an organization’s entire IT infrastructure. A SOC collects security event data from applications, security devices, data centers, cloud resources, and other systems via a Security Information Event Management (SIEM) system.Mon, 06 Dec 2021 22:03:31 GMThttps://upguard-staging.webflow.io/glossary/enumeration-attackhttps://upguard-staging.webflow.io/glossary/enumeration-attackDuring an enumeration attack, hackers verify records stored in a web server using brute-force methods.Mon, 29 Nov 2021 22:32:22 GMThttps://upguard-staging.webflow.io/glossary/data-exfiltrationhttps://upguard-staging.webflow.io/glossary/data-exfiltrationData exfiltration is the malicious transfer of sensitive information from a compromised system to remote cybercriminal servers.Mon, 29 Nov 2021 22:32:22 GMThttps://upguard-staging.webflow.io/glossary/the-california-consumer-privacy-act-ccpahttps://upguard-staging.webflow.io/glossary/the-california-consumer-privacy-act-ccpaThe California Consumer Privacy Act of 2018 (CCPA) gives Californian consumers greater authority over how their personal data is collected and processed in California.Thu, 25 Nov 2021 04:28:54 GMThttps://upguard-staging.webflow.io/glossary/casbhttps://upguard-staging.webflow.io/glossary/casbA CASB (cloud access security broker) is a cloud security tool that enforces security policies between users in an organization and cloud services. CASBs are one of five major security functions in the increasingly popular SASE (Secure Access Service Edge) security model, alongside software-defined wide area network (SD-WAN), firewall-as-a-service (FWaaS), secure web gateway (SWG), zero-trust network access (ZTNA). Fri, 12 Nov 2021 00:03:01 GMThttps://upguard-staging.webflow.io/glossary/sasehttps://upguard-staging.webflow.io/glossary/saseSASE (Security Access Service Edge), pronounced “sassy”, is an emerging cybersecurity concept that converges networking and security functionalities into a cloud-native architecture.Fri, 12 Nov 2021 00:03:01 GMThttps://upguard-staging.webflow.io/glossary/osfi-self-assessmentshttps://upguard-staging.webflow.io/glossary/osfi-self-assessmentsOSFI self-assessments are security self-assessments by the Office of the Superintendent of Financial Institutions (OFSI).Tue, 09 Nov 2021 02:04:17 GMThttps://upguard-staging.webflow.io/glossary/gdprhttps://upguard-staging.webflow.io/glossary/gdprThe General Data Protection Regulation (GDPR) is Europe’s mandatory regulation for protecting the personal data of its citizens.Tue, 09 Nov 2021 02:04:17 GMThttps://upguard-staging.webflow.io/glossary/bill-c-11https://upguard-staging.webflow.io/glossary/bill-c-11Bill C-11 is a proposed cybersecurity law in Canada that mandates stricter customer data collection consent requirements.Mon, 08 Nov 2021 06:39:03 GMThttps://upguard-staging.webflow.io/glossary/payment-services-directive-psd-2https://upguard-staging.webflow.io/glossary/payment-services-directive-psd-2The Payment Services Directive (PSD 2) is a European directive for preventing monopolization in the banking sector.Mon, 08 Nov 2021 06:35:50 GMThttps://upguard-staging.webflow.io/glossary/finrahttps://upguard-staging.webflow.io/glossary/finraFINRA is a U.S. organization that oversees the protection of brokerage customer data from compromise.Mon, 08 Nov 2021 06:33:59 GMThttps://upguard-staging.webflow.io/glossary/the-gramm-leach-bliley-acthttps://upguard-staging.webflow.io/glossary/the-gramm-leach-bliley-actThe Gramm–Leach–Bliley Act (GLBA) is a U.S law that mandates the disclosure of customer data collection practices for organizations selling financial products and/or services.Mon, 08 Nov 2021 06:30:33 GMThttps://upguard-staging.webflow.io/glossary/bank-secrecy-act-bsahttps://upguard-staging.webflow.io/glossary/bank-secrecy-act-bsaThe Bank Secrecy Act (BSA) aims to prevent financial institutions from laundering money.Mon, 08 Nov 2021 06:27:56 GMThttps://upguard-staging.webflow.io/glossary/pci-dsshttps://upguard-staging.webflow.io/glossary/pci-dssThe Payment Card Industry Data Security Standards (PCI DSS) is a set of standards preventing credit card fraud and protecting credit card holders from personal data theft.Mon, 08 Nov 2021 06:25:24 GMThttps://upguard-staging.webflow.io/glossary/sarbanes-oxley-act-soxhttps://upguard-staging.webflow.io/glossary/sarbanes-oxley-act-soxThe Sarbanes-Oxley (SOX) act of 2002 is a regulation that mandates financial practices to prevent fraud.Mon, 08 Nov 2021 06:23:49 GMThttps://upguard-staging.webflow.io/glossary/nisthttps://upguard-staging.webflow.io/glossary/nistThe National Institute of Standards and Technology (NIST) is the United State's equivalent of the International Organization for Standardization (ISO).Mon, 08 Nov 2021 06:22:14 GMThttps://upguard-staging.webflow.io/glossary/iso-iec-27001https://upguard-staging.webflow.io/glossary/iso-iec-27001ISO/IEC 27001 is an international standard for improving the cyber resilience of information systems.Mon, 08 Nov 2021 06:20:47 GMThttps://upguard-staging.webflow.io/glossary/uk-gdprhttps://upguard-staging.webflow.io/glossary/uk-gdprThe UK-GDPR is the United Kingdom’s version of the European GDPR, created after Brexit. Mon, 08 Nov 2021 06:19:09 GMThttps://upguard-staging.webflow.io/glossary/keyloggerhttps://upguard-staging.webflow.io/glossary/keyloggerA keylogger is a program that records every keystroke made by users. They are primarily used by cybercriminals to steal sensitive information like passwords and credit card numbers.Fri, 05 Nov 2021 05:37:51 GMThttps://upguard-staging.webflow.io/glossary/malwarehttps://upguard-staging.webflow.io/glossary/malwareMalware is malicious software designed to compromise computer devices and IT networks.Fri, 05 Nov 2021 05:37:19 GMThttps://upguard-staging.webflow.io/glossary/ransomwarehttps://upguard-staging.webflow.io/glossary/ransomwareRansomware is a type of malware that encrypts computer systems to block user access until a set ransom is paid.Tue, 02 Nov 2021 06:24:15 GMThttps://upguard-staging.webflow.io/glossary/ransomware-action-planhttps://upguard-staging.webflow.io/glossary/ransomware-action-planAustralia’s Ransomware Action Plan outlines the Australian Government’s commitment to responding to the growing threat of ransomware attacks.Thu, 21 Oct 2021 01:45:43 GMThttps://upguard-staging.webflow.io/glossary/cachehttps://upguard-staging.webflow.io/glossary/cacheCaches temporarily store data that hardware or software frequently access. As cached data is stored closer to a device, it enables faster load times and improved user experience.Tue, 19 Oct 2021 04:02:00 GMThttps://upguard-staging.webflow.io/glossary/open-source-intelligencehttps://upguard-staging.webflow.io/glossary/open-source-intelligenceOpen source intelligence (OSINT) is data obtained from publically available sources which is analyzed and processed for intelligence purposes.Tue, 19 Oct 2021 01:24:15 GMThttps://upguard-staging.webflow.io/glossary/intrusion-detection-systemhttps://upguard-staging.webflow.io/glossary/intrusion-detection-systemAn intrusion detection system (IDS) identifies cyber attacks on a network or a host. Such attacks could include botnets, Distributed Denial of Service (DDoS), and ransomware.Sun, 17 Oct 2021 23:49:10 GMThttps://upguard-staging.webflow.io/glossary/web-shellhttps://upguard-staging.webflow.io/glossary/web-shellA web shell attack is the process of injecting an infected script into a web server so that malicious commands can be issued to the compromised server from a web browser.Mon, 27 Sep 2021 01:09:27 GMThttps://upguard-staging.webflow.io/glossary/common-vulnerabilities-exposureshttps://upguard-staging.webflow.io/glossary/common-vulnerabilities-exposuresCommon Vulnerabilities and Exposures (CVEs) is a public catalog of known cybersecurity issues in software solutions.Wed, 22 Sep 2021 08:14:18 GMThttps://upguard-staging.webflow.io/glossary/attack-surfacehttps://upguard-staging.webflow.io/glossary/attack-surfaceAn attack surface is the sum of all possible malicious points of entry on a digital surface.Tue, 14 Sep 2021 06:35:54 GMThttps://upguard-staging.webflow.io/glossary/ddos-attackhttps://upguard-staging.webflow.io/glossary/ddos-attackA Distributed Denial-of-Service (DDoS) attack is an attempt to overwhelm a web server with fake internet traffic with the objective of forcing it offline.Tue, 14 Sep 2021 06:25:05 GMThttps://upguard-staging.webflow.io/glossary/digital-risk-managementhttps://upguard-staging.webflow.io/glossary/digital-risk-managementDigital risk management is the process of mitigating digital risk across all risk categories. Tue, 14 Sep 2021 06:25:05 GMThttps://upguard-staging.webflow.io/glossary/cyber-threathttps://upguard-staging.webflow.io/glossary/cyber-threatA cyber threat is any action or event that could result in an unwanted impact on IT infrastructures.Tue, 14 Sep 2021 06:25:05 GMT