Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.


As its name suggests, ransomware is a type of malware that blocks a user’s access to company files until a ransom is paid.

Read more ›
Cybersecurity remediation

Cybersecurity remediation refers to your organization’s ability to quickly and effectively address cyberattacks after they’ve occurred. Whether it’s remedying a data breach, malware attack, or security lapse, cybersecurity remediation seeks to detect and neutralize attacks before they inflict more harm. This is important to ensure that cyberattacks don’t cause further damage to your IT infrastructure after they occur. Successful cybersecurity remediation relies on continuous visibility of your systems, networks, and devices, as well as the proper upkeep of software and hardware to ensure they’re equipped with the latest security patches.

Remote access Trojan (RAT)

A remote access Trojan, or RAT, is a type of malware that enables a cybercriminal to fully take control of a user’s device remotely in order to carry out a variety of malicious actions. Typically downloaded as seemingly innocuous files or programs, RATs have become increasingly difficult to detect and remove from a user’s device. Once an RAT attack has been carried out, the cybercriminal can access sensitive data, make payments, delete files, and more.

Sandbox security

Sandbox security is a form of cybersecurity that uses an isolated environment (sandbox) to analyze a potential threat for malicious behavior. The sandbox, which mimics an actual operating environment, safely executes the suspicious code without risk to the true network. Unlike signature- or reputation-based solutions, sandbox security protects against unknown threats, not only those with a recognized fingerprint or blacklisted IP address. Despite this additional layer of protection, sandbox security presents limitations. For instance, phishing emails may deliver sophisticated, environmentally aware malware, which can detect sandboxes, go dormant when analyzed, and execute malicious code upon reaching the target environment.

Secure email gateway (SEG)

A secure email gateway (SEG) is an email security solution designed to block malicious emails from entering an organization’s email server. SEGs inspect incoming and outgoing email using a gateway that sits outside the organization’s internal server. SEGs use reputation and signature-based scanning to filter potentially malicious emails. Because the majority of cyberthreats are unknown to reputation or signature-based detection methods, SEGs are limited in their ability to detect threats, and provide no protection for insider attacks.

Security awareness training

Security awareness training educates employees on how to prevent and mitigate cyberattacks.

Read more ›
Security Information and Event Management (SIEM)

Security Information and Event Management, also known as SIEM, is a collection of technologies and services designed to improve the security of an organization’s IT infrastructure. Using SIEM tools, organizations can better track, manage, and analyze security threats while ensuring compliance across their systems and networks. Common functionalities of SIEM tools include:

  • Log collection of all activities within an infrastructure
  • Real-time analysis of security events
  • Incident management
  • Centralized dashboard for security monitoring

With the right combination of SIEM tools, organizations can consolidate large amounts of security-related information and analyze it quickly and efficiently. This in turn enables them to proactively monitor security threats and neutralize them before any harm is done.

Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is used to authenticate email senders and weed out individuals attempting to send emails on behalf of your domain. SPF is an effective email-authentication method that enables an organization to only permit authorized mail servers to send emails. This ensures individuals receiving emails can be confident that the content is from a trustworthy source.


Sendmail is a server application that enables organizations to send email using the simple mail transfer protocol (SMTP). Sendmail facilitates the transfer of outgoing email messages from the sender to the recipient, including authenticating messages and also queuing them in the event the recipient is not available immediately. Sendmail is often combined with other email applications that enable email users to receive messages, since sendmail can’t perform this function.

Shadow IT

Shadow IT is the use of information technology systems, devices, software, applications, and services without approval of the IT department. Shadow IT has become increasingly common and problematic for organizations in recent years, with cloud computing making it easier for users to engage in this practice. Shadow IT presents significant cybersecurity risks, including compromised devices, data breaches, regulatory violations, and more.

Ready to choose Vade for M365?