Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

Sandbox security

Sandbox security is a form of cybersecurity that uses an isolated environment (sandbox) to analyze a potential threat for malicious behavior. The sandbox, which mimics an actual operating environment, safely executes the suspicious code without risk to the true network. Unlike signature- or reputation-based solutions, sandbox security protects against unknown threats, not only those with a recognized fingerprint or blacklisted IP address. Despite this additional layer of protection, sandbox security presents limitations. For instance, phishing emails may deliver sophisticated, environmentally aware malware, which can detect sandboxes, go dormant when analyzed, and execute malicious code upon reaching the target environment.

Secure email gateway (SEG)

A secure email gateway (SEG) is an email security solution designed to block malicious emails from entering an organization’s email server. SEGs inspect incoming and outgoing email using a gateway that sits outside the organization’s internal server. SEGs use reputation and signature-based scanning to filter potentially malicious emails. Because the majority of cyberthreats are unknown to reputation or signature-based detection methods, SEGs are limited in their ability to detect threats, and provide no protection for insider attacks.

Security awareness training

Security awareness training educates employees on how to prevent and mitigate cyberattacks.

Read more ›
Security Information and Event Management (SIEM)

Security Information and Event Management, also known as SIEM, is a collection of technologies and services designed to improve the security of an organization’s IT infrastructure. Using SIEM tools, organizations can better track, manage, and analyze security threats while ensuring compliance across their systems and networks. Common functionalities of SIEM tools include:

  • Log collection of all activities within an infrastructure
  • Real-time analysis of security events
  • Incident management
  • Centralized dashboard for security monitoring

With the right combination of SIEM tools, organizations can consolidate large amounts of security-related information and analyze it quickly and efficiently. This in turn enables them to proactively monitor security threats and neutralize them before any harm is done.

Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is used to authenticate email senders and weed out individuals attempting to send emails on behalf of your domain. SPF is an effective email-authentication method that enables an organization to only permit authorized mail servers to send emails. This ensures individuals receiving emails can be confident that the content is from a trustworthy source.


Sendmail is a server application that enables organizations to send email using the simple mail transfer protocol (SMTP). Sendmail facilitates the transfer of outgoing email messages from the sender to the recipient, including authenticating messages and also queuing them in the event the recipient is not available immediately. Sendmail is often combined with other email applications that enable email users to receive messages, since sendmail can’t perform this function.

Shadow IT

Shadow IT is the use of information technology systems, devices, software, applications, and services without approval of the IT department. Shadow IT has become increasingly common and problematic for organizations in recent years, with cloud computing making it easier for users to engage in this practice. Shadow IT presents significant cybersecurity risks, including compromised devices, data breaches, regulatory violations, and more.

Simple mail transfer protocol (SMTP)

Simple mail transfer protocol (SMTP) enables the transmission of emails from one server to another, allowing emails to be sent and received. SMTP is the preferred protocol used by most major email clients—Google, Yahoo, Apple Mail, etc.—and is seen as the networking standard. SMTP does not have any native security features so it’s susceptible to attacks if not paired with the right email security tools.


Smishing is a form of phishing that uses text messaging to launch a malicious attack. Hackers impersonate a brand and send victims a text message to induce them to tap a malicious link or divulge personal information such as social security numbers or credit card information. The rise of smishing follows the growth of smartphones and popularity of texting as a form of communication. Defense against smishing attacks starts with user awareness training.

Social media threats

Social media threats are attacks carried out by cybercriminals in order to compromise an individual’s personal information. Given the widespread use and popularity of social media in today’s world, these platforms are effective vehicles for social engineering attacks. Cybercriminals will often impersonate a well-established brand or person to trick individuals into handing over sensitive data. This can lay the foundation for a larger phishing, social engineering, or malicious attack. For organizations, it’s important to educate employees on the prevalence of social media threats to ensure their online activities don’t pose a cybersecurity risk to themselves or the company.

Ready to choose Vade for M365?