Below is the complete, final list of 200 cybersecurity glossary terms with clear, concise definitions, written for your Cybersecurity Glossary Page on CybersecurityThreatAI.com. Definitions are brief, readable, and suitable for SEO-optimized glossary pages.

A

1. Access Control – Methods for regulating who can view or use system resources.
2. Access Management – Processes for granting, tracking, and revoking user access.
3. Account Takeover (ATO) – Unauthorized use of a legitimate user account.
4. Adware – Software that displays unwanted advertisements.
5. Advanced Encryption Standard (AES) – Widely used symmetric encryption algorithm.
6. Advanced Persistent Threat (APT) – A stealthy, long-term cyberattack by skilled adversaries.
7. Air-Gapped Network – A network physically isolated from other networks.
8. Anomaly Detection – Identifying unusual patterns that may indicate threats.
9. Anti-Malware – Tools that detect and remove malicious software.
10. Anti-Phishing – Techniques to block or detect phishing attempts.
11. Anti-Spam – Tools to filter unwanted or harmful email.
12. Anti-Virus (AV) – Software that identifies and removes known malware.
13. Application Security – Measures to protect software from threats.
14. Application Whitelisting – Allowing only approved software to run.
15. Asset Inventory – List of all systems, devices, and data requiring protection.
16. Asset Tokenization – Replacing sensitive data with non-sensitive tokens.
17. Attack Surface – All possible points where an attacker may enter a system.
18. Attack Vector – The specific method used to breach a system.
19. Authentication – Verifying the identity of users or systems.
20. Authorization – Determining what authenticated users are allowed to access.

B

21. Backdoor – A hidden entry point that bypasses security controls.
22. Backup – A duplicate copy of data for restoration purposes.
23. Behavioral Analytics – Monitoring user patterns to detect suspicious activity.
24. Biometric Authentication – Identity verification using biological traits.
25. Bitcoin Mixing (Tumbling) – Obfuscation of cryptocurrency transaction trails.
26. Black Hat Hacker – Malicious hacker seeking unauthorized access for exploitation.
27. Blacklist – A list of prohibited applications, IPs, or domains.
28. Bluetooth Attack – Exploitation of Bluetooth vulnerabilities.
29. Bot – Automated script that performs predefined tasks.
30. Botnet – Network of compromised computers controlled by attackers.
31. Brute-Force Attack – Password cracking using exhaustive trial attempts.
32. Bug – Software error that can cause security issues.
33. Business Email Compromise (BEC) – Fraud using impersonated or hacked business email.
34. Bypass Attack – Circumvention of security controls.
35. BYOD (Bring Your Own Device) – Employee-owned devices used for corporate access.

C

36. Cache Poisoning – Corruption of cached data to redirect users to harmful sites.
37. CAPTCHA – Test used to differentiate humans from automated bots.
38. Certificate Authority (CA) – Entity that issues digital certificates.
39. Chain of Custody – Documentation of digital evidence handling.
40. Challenge-Response Authentication – Verification method using dynamic prompts.
41. Cipher – Algorithm used for encryption and decryption.
42. Cloud Security – Protection of cloud-based systems and data.
43. Command and Control (C2) – Systems used by attackers to manage infected devices.
44. Compliance – Adherence to security regulations and standards.
45. Compromise – Breach of confidentiality, integrity, or availability.
46. Compromised Credentials – Stolen or leaked login information.
47. Content Filtering – Blocking harmful or inappropriate content.
48. Credential Harvesting – Theft of user login data.
49. Critical Infrastructure – Essential systems such as power, telecom, and water networks.
50. Cross-Site Request Forgery (CSRF) – Attack tricking users into unwanted actions.
51. Cross-Site Scripting (XSS) – Injection of malicious scripts into trusted websites.
52. Cryptanalysis – Breaking or bypassing encryption.
53. Cryptojacking – Unauthorized use of systems for cryptocurrency mining.
54. Cryptomining Malware – Malware designed to mine cryptocurrency covertly.
55. Cyber Espionage – State or corporate spying using digital means.
56. Cyber Hygiene – Routine practices that maintain security health.
57. Cyber Kill Chain – Framework outlining stages of cyberattacks.
58. Cyber Resilience – Ability to resist, recover, and adapt to cyber incidents.
59. Cyber Risk – Potential for harm from digital threats.
60. Cyber Threat Intelligence (CTI) – Information on emerging or known cyber threats.

D

61. Data Breach – Unauthorized access to sensitive information.
62. Data Exfiltration – Unauthorized removal or transfer of data.
63. Data Integrity – Assurance that data remains accurate and unaltered.
64. Data Loss Prevention (DLP) – Tools to prevent unauthorized data leakage.
65. DDoS (Distributed Denial of Service) – Overloading systems to disrupt services.
66. Decryption – Converting encrypted data back to readable form.
67. Deepfake – AI-generated synthetic media used for deception.
68. Defense in Depth – Multiple layers of security controls.
69. Denial of Service (DoS) – Attack that disrupts availability of a service.
70. DevSecOps – Integrating security into the software development lifecycle.
71. Digital Forensics – Investigation of cyber incidents using digital evidence.
72. Digital Identity – Online representation of an individual or entity.
73. Directory Traversal – Attack accessing restricted file directories.
74. Disaster Recovery (DR) – Plans to restore operations after outages.
75. DNS Filtering – Blocking access to malicious domains.
76. DNS Hijacking – Redirecting users by manipulating DNS settings.
77. DNS Spoofing – Forging DNS data to mislead users.
78. Drive-by Download – Automatically downloading malware without user consent.
79. Dual-Factor Authentication (2FA) – Authentication using two verification methods.
80. Dumpster Diving – Retrieving sensitive information from discarded materials.

E

81. Eavesdropping Attack – Intercepting communications secretly.
82. Edge Security – Protection of devices at the edge of a network.
83. Email Spoofing – Faking the sender address in emails.
84. Encryption – Securing data by converting it into unreadable form.
85. Endpoint Detection and Response (EDR) – Tools for detecting threats on endpoints.
86. Endpoint Security – Protecting laptops, mobiles, and IoT devices from threats.
87. Ethical Hacking – Authorized hacking to identify vulnerabilities.
88. Exploit – Code used to take advantage of vulnerabilities.
89. Exploit Kit – Tools that automate the exploitation of vulnerabilities.
90. Exposure – Condition where a system is open to attack.

F

91. Failover – Switching to backup systems during failures.
92. False Positive – Benign activity incorrectly flagged as malicious.
93. False Negative – Threat not detected by security tools.
94. Firewall – Hardware or software filtering unauthorized traffic.
95. Firmware Attack – Exploitation targeting firmware-level code.
96. Footprinting – Gathering information about a target before an attack.
97. Forensic Imaging – Creating a bit-by-bit copy of digital evidence.
98. Forward Secrecy – Encryption ensuring past sessions cannot be decrypted.
99. Fraud Detection – Identifying suspicious or unauthorized transactions.
100. Fuzzing – Testing software by feeding unexpected or random input.

G–H

101. Gateway Security – Protecting traffic that flows through network gateways.
102. Geolocation Spoofing – Faking device location information.
103. Governance – Frameworks guiding cybersecurity management.
104. Hacker – Individual skilled in exploiting systems.
105. Hacking Back – Retaliatory cyber actions against attackers.
106. Hardening – Securing systems by reducing vulnerabilities.
107. Hash Function – Algorithm generating fixed-length output from data.
108. Honeypot – Decoy system used to attract and study attackers.
109. Human Firewall – Educated employees serving as a defence layer.
110. Hybrid Attack – Password attack using multiple techniques.

---

I

111. Identity Access Management (IAM) – Framework for managing digital identities.
112. Identity Theft – Unauthorized use of personal identity information.
113. Incident – Event that may compromise security.
114. Incident Response Plan – Documentation for handling cyber incidents.
115. Industrial Control System (ICS) – Systems managing industrial operations.
116. Information Security (InfoSec) – Protecting data confidentiality, integrity, and availability.
117. Injection Attack – Malicious data inserted into program input fields.
118. Insider Threat – Threat caused by individuals within an organization.
119. Intellectual Property Theft (IP Theft) – Stealing proprietary information.
120. Internet of Things (IoT) Security – Protecting connected smart devices.

J–L

121. Jamming Attack – Disrupting wireless signals intentionally.
122. Keylogger – Malware that records keystrokes.
123. Kill Switch – Mechanism to shut down operations instantly during attacks.
124. Lateral Movement – Attackers moving across a network after initial compromise.
125. Least Privilege – Granting only the minimum required access.
126. Load Balancer – Distributes network traffic to prevent overload.
127. Log Management – Collecting and analyzing system logs.
128. Logic Bomb – Malicious code triggered by specific conditions.
129. Lua Malware – Malware written in the Lua scripting language.
130. Lua Sandbox Escape – Exploiting Lua environments to execute malicious code.

M

131. Malware – Any malicious software designed to damage or exploit systems.
132. Man-in-the-Middle (MITM) – Intercepting communication between two entities.
133. Memory Leak Exploit – Attack leveraging software memory errors.
134. Mobile Device Management (MDM) – Tools securing mobile devices.
135. Multi-Factor Authentication (MFA) – Authentication requiring multiple evidence types.
136. Malvertising – Delivering malware through online ads.
137. Macro Virus – Virus embedded in document macros.
138. Master Boot Record (MBR) Attack – Malware targeting boot sectors.
139. Microsegmentation – Dividing networks to limit lateral movement.
140. Misconfiguration – Improper configuration leading to vulnerabilities.

N

141. Network Access Control (NAC) – Restricting device access to networks.
142. Network Forensics – Investigating network traffic for evidence.
143. Network Segmentation – Dividing networks to isolate sensitive areas.
144. NIST Framework – Security standards published by the U.S. NIST.
145. Nonce – Random value used once in cryptographic operations.
146. NPAPI Vulnerability – Legacy plugin security weaknesses.
147. NTLM Attack – Exploiting weaknesses in Windows NTLM authentication.
148. NTP Amplification – DDoS attack exploiting NTP servers.
149. Nmap Scan – Network scanning to identify open ports and services.
150. Null Session Attack – Unauthorized anonymous connection to Windows systems.

O

151. OAuth Attack – Abuse of OAuth tokens to gain unauthorized access.
152. Obfuscation – Making code hard to understand to evade detection.
153. Offboarding Security – Revoking access when employees leave.
154. Open Redirect – Vulnerability redirecting users to malicious sites.
155. Open Source Intelligence (OSINT) – Gathering intelligence from public sources.
156. Operational Security (OPSEC) – Protecting sensitive operational information.
157. Out-of-Band Authentication – Verification via separate channels.
158. Overprivileged Account – User with excessive permissions.
159. OWASP Top 10 – Common web application security risks.
160. Object File Malware – Malware embedded in compiled object files.

P

161. Packet Sniffing – Monitoring network traffic for analysis.
162. Patch Management – Updating systems to fix vulnerabilities.
163. Password Spraying – Trying common passwords across many accounts.
164. Penetration Testing (Pentesting) – Authorized hacking to find weaknesses.
165. Pharming – Redirecting traffic to malicious websites via DNS manipulation.
166. Phishing – Fraudulent attempts to steal information via email or messages.
167. Pivoting – Moving deeper into networks after establishing access.
168. Privilege Escalation – Gaining higher access than intended.
169. Proxy Server – System that forwards or filters requests.
170. Public Key Infrastructure (PKI) – Framework for managing cryptographic keys.

R

171. Ransomware – Malware encrypting data for ransom payment.
172. Red Team – Ethical hackers simulating real-world attacks.
173. Remote Code Execution (RCE) – Running malicious code remotely.
174. Replay Attack – Reusing captured data packets to impersonate legitimate actions.
175. Risk Assessment – Identifying potential security risks.
176. Rootkit – Malware hiding deep within system processes.
177. Router Hijacking – Taking control of routers to manipulate traffic.
178. Rowhammer Attack – Hardware exploit manipulating memory cells.
179. Runtime Protection – Security during application execution.
180. Rainbow Table Attack – Cracking hashed passwords using lookup tables.

S

181. Sandboxing – Isolating programs to prevent widespread damage.
182. SCADA Security – Protecting industrial control systems.
183. Secure Boot – Ensuring only trusted software loads at startup.
184. Security Operations Center (SOC) – Team monitoring cyber threats.
185. Session Hijacking – Taking over a user session without authorization.
186. Shadow IT – Unauthorized systems deployed without approval.
187. Signature-Based Detection – Identifying threats via known patterns.
188. SIM Swap Attack – Hijacking a phone number via carrier manipulation.
189. Smishing – SMS-based phishing attack.
190. Social Engineering – Manipulating people to gain confidential information.

T–Z

191. Threat Hunting – Proactively searching for hidden threats.
192. Tokenization – Replacing sensitive data with random tokens.
193. Traffic Analysis – Monitoring traffic to reveal patterns or attacks.
194. Trojans – Malware disguised as legitimate software.
195. UEBA (User and Entity Behavior Analytics) – Detecting anomalies in user activity.
196. Virtual Private Network (VPN) – Encrypted tunnel for secure communication.
197. Virus – Self-replicating malicious program attached to files.
198. Vulnerability Assessment – Identifying weaknesses in systems.
199. Whaling Attack – Targeted phishing at executives.
200. Zero-Day Exploit – Vulnerability exploited before a patch exists.

---