|
Data Leakage Protection
Data loss prevention (DLP) software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while ''in use'' (endpoint actions), ''in motion'' (network traffic), and ''at rest'' (data storage). The terms "data loss" and "data leak" are related and are often used interchangeably.Asaf Shabtai, Yuval Elovici, Lior Rokach,A Survey of Data Leakage Detection and Prevention Solutions Springer-Verlag New York Incorporated, 2012 Data loss incidents turn into data leak incidents in cases where media containing sensitive information are lost and subsequently acquired by an unauthorized party. However, a data leak is possible without losing the data on the originating side. Other terms associated with data leakage prevention are information leak detection and prevention (ILDP), information leak prevention (ILP), content monitoring and filtering (CMF), information protection and control (IPC) and extrusion preventi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Breach
A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives, from financial gain to political activism, political repression, and espionage. There are several technical root causes of data breaches, including accidental or intentional disclosure of information by insiders, loss or theft of unencrypted devices, hacking into a system by exploiting software vulnerabilities, and social engineering attacks such as phishing where insiders are tricked into disclosing information. Although prevention efforts by the company holding the data can reduce the risk of data breach, it cannot bring it to zero. The first reported breach was in 2002 and the number occurring each year has grown since then. A large number of data breaches are never detected. If a breach is made known to the company holding the data, post-breach efforts commonly include containing the breach, investigating its scope ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
User Activity Monitoring
In the field of information security, user activity monitoring (UAM) or user activity analysis (UAA) is the monitoring and recording of user actions. UAM captures user actions, including the use of applications, windows opened, system commands executed, checkboxes clicked, text entered/edited, URLs visited and nearly every other on-screen event to protect data by ensuring that employees and contractors are staying within their assigned tasks, and posing no risk to the organization. User activity monitoring software can deliver video-like playback of user activity and process the videos into user activity logs that keep step-by-step records of user actions that can be searched and analyzed to investigate any out-of-scope activities. Background The need for UAM rose due to the increase in security incidents that directly or indirectly involve user credentials, exposing company information or sensitive files. In 2014, there were 761 data breaches in the United States, resulting in ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cloud-native Computing
Cloud native computing is an approach in software development that utilizes cloud computing to "build and run scalable applications in modern, dynamic environments such as public cloud, public, private cloud, private, and hybrid cloud, hybrid clouds". These technologies, such as Container (virtualization), containers, microservices, serverless computing, serverless functions, cloud native processors and immutable infrastructure, deployed via declarative programming, declarative code are common elements of this architectural style. Cloud native technologies focus on minimizing users' operational burden. Cloud native techniques "enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil." This independence contributes to the overall resilience of the system, as issues in one area do not necessarily cripple the entire application. Additional ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cloud Computing
Cloud computing is "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand," according to International Organization for Standardization, ISO. Essential characteristics In 2011, the National Institute of Standards and Technology (NIST) identified five "essential characteristics" for cloud systems. Below are the exact definitions according to NIST: * On-demand self-service: "A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider." * Broad network access: "Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations)." * Pooling (resource management), Resource pooling: " The provider' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internet Café
An Internet café, also known as a cybercafé, is a Coffeehouse, café (or a convenience store or a fully dedicated Internet access business) that provides the use of computers with high bandwidth Internet access on the payment of a fee. Usage is generally charged by the minute or part of hour. An Internet café will generally also offer refreshments or other services such as phone repair. Internet cafés are often hosted within a shop or other establishment. They are located worldwide, and many people use them when traveling to access webmail and instant messaging services to keep in touch with family and friends. Apart from travelers, in many developing countries Internet cafés are the primary form of Internet access for citizens as a shared-access model is more affordable than personal ownership of equipment and/or software. Internet cafés are a natural evolution of the traditional café. As Internet access rose many pubs, bars, and cafés added terminals and eventually Wi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Agent
In computer science, a software agent is a computer program that acts for a user or another program in a relationship of agency. The term ''agent'' is derived from the Latin ''agere'' (to do): an agreement to act on one's behalf. Such "action on behalf of" implies the authority to decide which, if any, action is appropriate. Some agents are colloquially known as ''Bot (other), bots'', from ''robot''. They may be embodied, as when execution is paired with a robot body, or as software such as a chatbot executing on a computer, such as a mobile device, e.g. Siri. Software agents may be autonomous or work together with other agents or people. Software agents interacting with people (e.g. chatbots, human-robot interaction environments) may possess human-like qualities such as natural language understanding and speech, personality or embody humanoid form (see Asimo). Related and derived concepts include ''intelligent agents'' (in particular exhibiting some aspects of artificia ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Instant Messaging
Instant messaging (IM) technology is a type of synchronous computer-mediated communication involving the immediate ( real-time) transmission of messages between two or more parties over the Internet or another computer network. Originally involving simple text message exchanges, modern IM applications and services (also called "social messengers", "messaging apps", "chat apps" or "chat clients") tend to also feature the exchange of multimedia, emojis, file transfer, VoIP (voice calling), and video chat capabilities. Instant messaging systems facilitate connections between specified known users (often using a contact list also known as a "buddy list" or "friend list") or in chat rooms, and can be standalone apps or integrated into a wider social media platform, or in a website where it can, for instance, be used for conversational commerce. Originally the term "instant messaging" was distinguished from " text messaging" by being run on a computer network instead of a cellula ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chinese Wall
A Chinese wall or ethical wall is an information barrier protocol within an organization designed to prevent exchange of information or communication that could lead to conflicts of interest. For example, a Chinese wall may be established to separate people who make investments from those who are privy to confidential information that could improperly influence the investment decisions. Firms are generally required by law to safeguard insider information and ensure that improper trading does not occur. Etymology Bryan Garner's ''Dictionary of Modern Legal Usage'' states that the metaphor title "derives ''of course'' from the Great Wall of China",, italics added although an alternative explanation links the idea to the screen walls of Chinese internal architecture. The term was popularized in the United States following the stock market crash of 1929, when the U.S. government legislated information separation between investment bankers and brokerage firms, in order to limit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Masking
Data masking or data obfuscation is the process of modifying sensitive data in such a way that it is of no or little value to unauthorized intruders while still being usable by software or authorized personnel. Data masking can also be referred as anonymization, or tokenization, depending on different context. The main reason to mask data is to protect information that is classified as personally identifiable information, or mission critical data. However, the data must remain usable for the purposes of undertaking valid test cycles. It must also look real and appear consistent. It is more common to have masking applied to data that is represented outside of a corporate production system. In other words, where data is needed for the purpose of application development, building program extensions and conducting various test cycles. It is common practice in enterprise computing to take data from the production systems to fill the data component, required for these non-productio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Threat Actor
In cybersecurity, a threat actor, bad actor or malicious actor is either a person or a group of people that take part in Malice (law), malicious acts in the cyber realm including: computers, devices, systems, or Computer network, networks. Threat actors engage in cyber related offenses to exploit open Vulnerability, vulnerabilities and disrupt operations. Threat actors have different educational backgrounds, skills, and resources. The frequency and classification of cyber attacks changes rapidly. The background of threat actors helps dictate who they target, how they attack, and what information they seek. There are a number of threat actors including: Cybercrime, cyber criminals, Nation state, nation-state actors, Ideology, ideologues, thrill seekers/trolls, insiders, and competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. Background The development of cyberspace has brought both advantages and disadvantages to society. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intrusion Detection System
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. IDS types range in scope from single computers to large networks. The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS. It is also possible to classify IDS by detection approach. The most well-known variants are signature-based detection (recognizing bad patterns, such as exploitatio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Next-generation Firewall
A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a conventional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI) and an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS-encrypted traffic inspection, website filtering, QoS/ bandwidth management, antivirus inspection, third-party identity management integration (e.g. LDAP, RADIUS, Active Directory), and SSL decryption History One of the first mentions of the NGFW term was in a 2004 document by Gartner. Kenneth Tam speculated that the term Unified Threat Management (UTM) was coined by IDC because they did not want to adopt the name of their competitor. Next-generation firewall versus traditional firewall NGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspect ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
