Word Notes
A fun and informative cybersecurity audio glossary from N2K.
- Update frequency
- every 7 days
- Average duration
- 6 minutes
- Episodes
- 272
- Years Active
- 2020 - 2025
adversary group naming (noun)
A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.
Learn more about your ad choices. Visit megaphone.fm/adchoic…
00:10:17 |
Tue 08 Mar 2022
BSIMM (noun)
A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.
CyberWire Glossary link: https://thec…
00:06:09 |
Tue 01 Mar 2022
OWASP vulnerable and outdated components (noun)
Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discove…
00:08:04 |
Tue 22 Feb 2022
OWASP software and data integrity failures (noun)
Code and data repositories that don't protect against unauthorized changes.
Learn more about your ad choices. Visit megaphone.fm/adchoices
00:08:27 |
Tue 08 Feb 2022
OWASP server-side request forgery (noun)
An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.
Learn more about your ad choices. Visit megaphone.fm/adchoices
00:07:38 |
Tue 01 Feb 2022
OWASP security logging and monitoring failures (noun)
The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.
Learn more about your ad choices. Visit megaphone.fm/adchoices
00:06:04 |
Tue 25 Jan 2022
OWASP identification and authentication failures (noun)
Ineffectual confirmation of a user's identity or authentication in session management.
CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure
Audio…
00:05:58 |
Tue 18 Jan 2022
Log4j vulnerability (noun)
An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.
CyberWire Glossary link: https://thecyberwire.com/glossary…
00:09:16 |
Tue 11 Jan 2022
OWASP broken access control (noun)
Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.
Learn more about your ad choices. V…
00:07:30 |
Tue 04 Jan 2022
Encore: zero trust (noun)
A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the…
00:08:32 |
Tue 28 Dec 2021
OWASP security misconfiguration (noun)
The state of a web application when it's vulnerable to attack due to an insecure configuration.
CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-security-misconfiguration
Audio refer…
00:07:03 |
Tue 21 Dec 2021
OWASP insecure design (noun)
A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.
CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design…
00:08:19 |
Tue 14 Dec 2021
OWASP injection (noun)
A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality.
CyberWire Glossary link: https://thecyberwire.co…
00:06:32 |
Tue 07 Dec 2021
OWASP cryptographic failures (noun)
Code that fails to protect sensitive information.
CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure
Audio reference link: Vandana Verma. “OWASP Spotlight - Proje…
00:06:35 |
Tue 30 Nov 2021
account takeover prevention (noun)
The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim.
CyberWire Glossary link: https://t…
00:06:23 |
Tue 23 Nov 2021
threat hunting (noun)
The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats.
CyberWire Glossary link: …
00:07:01 |
Tue 16 Nov 2021
vulnerability management (noun)
The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.
CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerab…
00:08:16 |
Tue 09 Nov 2021
software bill of materials (SBOM) (noun)
A formal record containing the details and supply chain relationships of various components used in building software.
Learn more about your ad choices. Visit megaphone.fm/adchoices
00:06:59 |
Tue 02 Nov 2021
zero trust (noun)
A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the…
00:09:02 |
Tue 26 Oct 2021
OT security (noun)
Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.
Learn more about your ad choices. Visit megaphone.fm/adchoices
00:08:13 |
Tue 19 Oct 2021
Disclaimer: The podcast and artwork embedded on this page are the property of N2K Networks, Inc.. This content is not affiliated with or endorsed by eachpod.com.