Platform as a Service (PaaS) – Applications are developed and deployed on platforms. This type of cloud service allows the development and deployment of new applications to take place for a lower cost and with faster scalability than setting up the equivalent in a private network. The cost benefits and scalability are achieved through the use of shared infrastructure and preconfigured virtual machines. Where the platform is public (open to the internet) and needs to be secure, additional security is required, when compared to a private platform, to achieve the equivalent perimeter protection. See also cloud.
packet – (in the context of electronic communication) is a bundle of electronic information grouped together for transmission. The bundle usually includes control information to indicate the destination, source and type of content, and the content (user information) itself.
packet-filtering – passing or blocking bundles of electronic information inbound or outbound based on rules. For example, if a known threat uses a particular size, format and type of data package (packet), then a rule can be put in place, on either an advanced firewall or similar device, to block content that matches those parameters from leaving or entering a network. See also packet. Also known as content filtering.
packet sniffing — The act of collecting frames or packets off of a data network communication. This activity allows the evaluation of the header contents as well as the payload of network communications. Packet sniffing requires that the network interface card be placed into promiscuous mode in order to disable the MAC (Media Access Control) address filter which would otherwise discard any network communications not intended for the specific local network interface. (Also known as sniffing or eavesdropping.)
password – a secret string of characters (letters, numbers and other special characters) that can be used to gain entry to a digital device, application or other service.
password salting – see salting.
patch management – a controlled process used to deploy critical, interim updates to software on digital devices. The release of a software ‘patch’ is usually in response to a critical flaw or gap that has been identified.
payload – the part of the data in a transmission that is the usable content rather than the packaging (the cargo). In the context of cybersecurity, this term is often used to refer to the harmful data (malware for example) that is attempted to be pushed into a target digital device, network or system. For example, an attacker exploits a vulnerability to deliver their payload of malware.
payload analysis – the recording, review and study of the primary data content (electronic information) contained in network transmission packets. This can be used to detect any unexpected, unauthorized or unwelcome incoming or outgoing information transactions, for example, – to help detect or prevent malware from entering a network, or to help detect or prevent confidential information from leaving a network. This can also be used as an indicator of compromise.
penetration – (in the context of cybersecurity) intrusion.penetration test (also known as an attack and penetration test or pen. test) – checks and scans on any application, system or website to identify any potential security gaps (vulnerabilities) that could be exploited. Usually these checks emulate the same techniques that could be used by an attacker and are performed in a test area. This is to prevent any inadvertent operational disruption. The checks are typically conducted before any application or site is first used and also on a periodic (repeating) basis, for example, each time the program is updated or every 6 months. Any significant gaps must be addressed (fixed) in a timeframe appropriate to the scale of the risk. See also pivoting.
penetration tester – a person that performs simulated attempts at attack on a target system or application on behalf of the organization that owns or controls it. See also penetration test and pivoting.
periscope up – when people hold a smart device up at head height or higher to capture an event on the device camera.
personally identifiable information (PII) – any combination of information that can directly or indirectly distinguish (identify) who a specific individual is.
persistence – to seek continued existence despite opposition.
persistent (non-reflective) cross-site scripting – a more devastating form of web vulnerability that can impact large numbers of users due to security gaps in the design of some web applications. Unwanted and unexpected code (programs) can be pushed to an application server by an attacker. When a legitimate user accesses the compromised web application, the attackers’ script (mini program or link) can then be run automatically without any further user action. This is generally considered a critical risk category because it can target all users of an application. See also reflective (non-persistent) cross site scripting.
phantom vibration – You thought you felt your smart device vibrate but find out that it did not, or realize that there is no smart device in that area of your body right now.
Phishing – using an electronic communication (for example email or instant messaging) that pretends to come from a legitimate source, in an attempt to get sensitive information (for example a password or credit card number) from the recipient.
physical security – measures designed to deter, prevent, detect or alert unauthorized real world access to a site or material item.
pivoting – a method used by penetration testers and attackers to leverage a point of infiltration as a route for easier access to compromise, infect and/or attack further systems and networks.
PKI (Public Key Infrastructure) — A security framework (i.e. a recipe) for using cryptographic concepts in support of secure communications, storage and job tasks. A PKI solution is a combination of symmetric encryption, asymmetric encryption, hashing and digital certificate-based authentication.
policy – (i) a high level statement of intent, often a short document, providing guidance on the principles an organization follows. For example, a basic security policy document could describe the intention for an enterprise to ensure all locations (physical and electronic) where information they are accountable for, must remain secure from any unauthorized access. A policy does not usually describe the explicit mechanisms or specific instruction that would be used to achieve or enforce the intentions it expresses; this would be described in the procedure. (ii) Alternatively, it can also be used to mean the settings (including security settings) inside a software program or operating system.
polymorphic malware – malicious software that can change its attributes to help avoid detection by anti-malware. This mutation process can be automated so that the function of the software continues but the method of operation, location and other attributes may change. See also metamorphic malware.
port number – used as part of an electronic communication to denote the method of communication being used. This allows the packet to be directed to a program that will know what to do with it.
POS (Point of Sale) intrusions — An attack that gains access to the POS (Point of Sale) devices at a retail outlet enabling an attacker to learn payment card information as well as other customer details. POS intrusions can occur against a traditional brick-and-mortar retail location as well as any online retail websites. (See payment card skimmers.)
preventive control – (see also control) a method of security defense used to stop issues before they can become problematic. For example, multi factor authentication assists in stopping unauthorized access from ever occurring and is therefore considered a preventive control.
privileged account – an electronic user access right that has elevated permissions to allow it to perform system, application, database or other digital landscape management functions. Usually, this form of access requires additional controls and supervision to ensure the elevated privileges are fully accountable and are not mis-used. Most forms of cyber attack seek to gain this form of access as these types of accounts have control over their digital landscape.
privileged account management –the systems and processes used to monitor and control the activities of privileged accounts.
procedure – provides guidance or specific instruction on the process (method) that should be used to achieve an objective. Traditionally provided as a document available to appropriate personnel but increasingly replaced by enforcing steps in computer systems. In a traditional quality model, procedures may reside under a policy as an explicit instruction for how a particular objective of a policy is met.
protocol – (in the context of electronic communication) is a set of established rules used to send information between different electronic locations. They provide a standard that can be used to send or receive information in an expected and understandable format, including information about the source, destination and route. Examples of protocols include, internet protocol (IP), hyper text transfer protocol (HTTP), file transfer protocol (FTP), transmission control protocol (TCP), border gateway protocol (BGP) and dynamic host configuration protocol (DHCP).
public – (in the context of cybersecurity) indicates that the artifact used in any prefix or suffix is openly available and accessible over the internet.
public key cryptography – see asymmetric cryptography.
public key encryption – see asymmetric cryptography.
Public key infrastructure – the set of hardware, applications and processes needed to manage public-key encryption
PUPs –acronym for Potentially Unwanted Program. Describes a type of software that the user may have consented to download but that performs some undesirable or potentially malicious functions. Often this kind of software may be bundled in with other software that the user has consented to download.
Python – is a widely used high-level, general-purpose, interpreted, dynamic programming language. Its design philosophy emphasizes code readability, and its syntax allows programmers to express concepts in fewer lines of code than would be possible in languages such as C++ or Java. The language provides constructs intended to enable clear programs on both a small and large scale.
pwned – domination or humiliation of a rival, originating from video game play but also applied to cyber security attacks.