Cybersecurity Glossary

Sandbox security is a form of cybersecurity that uses an isolated environment (sandbox) to analyze a potential threat for malicious behavior. The sandbox, which mimics an actual operating environment, safely executes the suspicious code without risk to the true network. Unlike signature- or reputation-based solutions, sandbox security protects against unknown threats, not only those with a recognized fingerprint or blacklisted IP address. Despite this additional layer of protection, sandbox security presents limitations. For instance, phishing emails may deliver sophisticated, environmentally aware malware, which can detect sandboxes, go dormant when analyzed, and execute malicious code upon reaching the target environment.

Security awareness training educates employees on how to prevent and mitigate cyberattacks.

Security Information and Event Management, also known as SIEM, is a collection of technologies and services designed to improve the security of an organization’s IT infrastructure. Using SIEM tools, organizations can better track, manage, and analyze security threats while ensuring compliance across their systems and networks. Common functionalities of SIEM tools include:

• Log collection of all activities within an infrastructure
• Real-time analysis of security events
• Incident management
• Centralized dashboard for security monitoring

With the right combination of SIEM tools, organizations can consolidate large amounts of security-related information and analyze it quickly and efficiently. This in turn enables them to proactively monitor security threats and neutralize them before any harm is done.

A Sender Policy Framework (SPF) is used to authenticate email senders and weed out individuals attempting to send emails on behalf of your domain. SPF is an effective email-authentication method that enables an organization to only permit authorized mail servers to send emails. This ensures individuals receiving emails can be confident that the content is from a trustworthy source.

Sendmail is a server application that enables organizations to send email using the simple mail transfer protocol (SMTP). Sendmail facilitates the transfer of outgoing email messages from the sender to the recipient, including authenticating messages and also queuing them in the event the recipient is not available immediately. Sendmail is often combined with other email applications that enable email users to receive messages, since sendmail can’t perform this function.

Shadow IT is the use of information technology systems, devices, software, applications, and services without approval of the IT department. Shadow IT has become increasingly common and problematic for organizations in recent years, with cloud computing making it easier for users to engage in this practice. Shadow IT presents significant cybersecurity risks, including compromised devices, data breaches, regulatory violations, and more.

Smishing is a form of phishing that uses text messaging to launch a malicious attack. Hackers impersonate a brand and send victims a text message to induce them to tap a malicious link or divulge personal information such as social security numbers or credit card information. The rise of smishing follows the growth of smartphones and popularity of texting as a form of communication. Defense against smishing attacks starts with user awareness training.

Social media threats are attacks carried out by cybercriminals in order to compromise an individual’s personal information. Given the widespread use and popularity of social media in today’s world, these platforms are effective vehicles for social engineering attacks. Cybercriminals will often impersonate a well-established brand or person to trick individuals into handing over sensitive data. This can lay the foundation for a larger phishing, social engineering, or malicious attack. For organizations, it’s important to educate employees on the prevalence of social media threats to ensure their online activities don’t pose a cybersecurity risk to themselves or the company.

Spam email is unsolicited and often unwanted messages sent via email to an individual. Spam emails are typically sent out to a mass audience via botnets. While often non-malicious, spam emails can contain malware or ransomware that triggers when an individual engages with the email content. However, spam email is usually distributed for email marketing purposes. An anti-spam engine can help organizations automatically detect and block spam emails.