SaaS (Software-as-a-Service) — A type of cloud computing service where the provider offers the customer the ability to use a provided application. Examples of a SaaS include online e-mail services or online document editing systems. A user of a SaaS solution is only able to use the offered application and make minor configuration tweaks. The SaaS provider is responsible for maintaining the application.
salting – is the process of combining unique information to information that may not be unique before it is subject to a security concealment process called hashing. This is to ensure that (for example) if two users choose the same password, the hash value will still be different because the value represents the combination of the password and the unique user id.
sandboxing – a method used by some anti-malware solutions to temporarily place content in a safe area (usually for a matter of seconds) to observe its behavior before allowing it into the real domain. This is used to help identify malware in addition to traditional signature techniques. Some advanced malware is now written to take account of this technique and have a time delay before exhibiting any rogue behavior, thereby circumventing this defensive technique.
scareware – malicious software that is designed to persuade people into buying an antidote, usually masquerading as a commercial malware removal tool or antivirus package, but in reality provided by the attacker.
script bunny – see script kiddies.
script kiddies – an attacker with little to no coding (programming) or technical skills that makes use of available scripts, codes and packages to gain unauthorized access to digital devices, applications, systems and/or networks. Also known as script bunnies and skiddies.
secure configuration – ensuring that when settings are applied to any item (device or software), appropriate steps are always taken to ensure (i) default accounts are removed or disabled, (ii) shared accounts are not used and (iii) all protective and defensive control in the item use the strongest appropriate setting/s.
secure file transfer protocol (also known as SFTP) – see file transfer protocol (FTP).
secure hyper text transfer protocol (SHTTP) – see hyper text transfer protocol.
security architecture – a model designed to specify the features and controls across a digital landscape that help it to prevent, detect and control any attempts at disruption or unauthorized access. The model will also ensure that all data exchanges are subject to appropriate standards sufficient to ensure that the data controllers chain of custody commitments are maintained.
security event – a term used to describe a minor disruption to the digital landscape that is thought to be unintentional. Examples include a single failed device or a single user forgetting their password. Unusual patterns of security events can be an indicator of a security incident.
Security Incident & Event Management – see SIEM.
security incident – the intentional damage, theft and/or unauthorized access that has direct or indirect impact to any part of an organizations information, systems, devices, services or products.
security incident responder – a person who assists in the initial analysis and response to any known or suspected attempt at damage, interruption or unauthorized access to an organizations information systems or services.
shellshock – is the name given to a family of security bugs, discovered in September 2014. These bugs can be used to attack certain devices that work on the Unix bash shell platform if they have not had appropriate up to date software patch management applied. Vulnerable (unpatched) systems can be compromised to allow the attacker to gain unauthorized access. It was initially assigned the CVE identifier of CVE-2014-6271 but after initial reporting, additional vulnerabilities were identified. Also known as bashdoor.
SIEM – abbreviation for security incident and event management. This is a name given to the process and team that will manage any form of minor or major interruption to an enterprises digital landscape.
single point (of) accountability (SPA or SPOA) – the principle that all critical assets, processes and actions must have clear ownership and traceability to a single person. The rationale is that the absence of a defined, single owner is a frequent cause of process or asset protection failure. Shared ownership is regarded as a significant security gap due to the consistent demonstration of increased probability of flaws persisting where accountability across more than one person is present.
signatures – (in the context of cybersecurity) are the unique attributes, for example, file size, file extension, data usage patterns and method of operation, that identify a specific computer program. Traditional anti-malware and other security software can make use of this information to identify and manage some forms of rogue software.
singularity (the) – the predicted point in time when artificial intelligence exceeds human intelligence.
skiddie – abbreviated form of script kiddie.
social engineering – The act of creating relationships or friendships in order to intentionally acquire intelligence about the security, location or vulnerability of assets.
SPA – see single point of accountability.
SPAM — A form of unwanted or unsolicited messages or communications typically received via e-mail but also occurring through text messaging, social networks or VoIP. Most SPAM is advertising, but some may include malicious code, malicious hyperlinks or malicious attachments.
spear phishing – a more targeted from of phishing. This term describes the use of an electronic communication (for example email or instant messaging) that targets a particular person or group of people (for example employees at a location) and pretends to come from a legitimate source. In this case, the source may also pretend to be someone known and trusted to the recipient, in an attempt to get sensitive information (for example a password or credit card number).
spoofing – concealing the true source of electronic information by impersonation or other means. Often used to bypass internet security filters by pretending the source is from a trusted location.
spyware – a form of malware that covertly gathers and transmits information from the device it is installed on.
SSL – is an acronym for Secure Sockets Layer. This is a method (protocol) for providing encrypted communication between two points in a digital landscape. For example, this could be between a web server (the computer hosting a web service or web site) and a web browser (the program that the recipient uses to view the web page, for example, Internet Explorer). In the URL (the internet address visible to the user), the use of SSL is denoted by an ‘https:’ prefix.
stateful protocol analysis detection – is a method used by intrusion detection systems to identify malicious or unwanted communications. This method analyses packets to determine if the source, destination, size and routing (protocol) is significantly different from its usual format.
static testing – (in the context of cybersecurity) to assess the security standards and potential vulnerabilities.