Authenticated encryption with associated data (AEAD)
Symmetric encryption algorithms that simultaneously support and apply confidentiality and
... [Show More] authentication.
Blue/green
Blue/green may be used where the organization has a mirror of the production environment and logic that can switch users to the new environment once confidence of functionality is reached.
Container
Small form factor-independent executable package of software that is installed and maintained upon a host operating system and includes everything that is needed to run an application, which includes system tools, libraries, settings, and code.
Continuous integration/continuous delivery (CI/CD)
Integrated set of practices and tools used to merge developer code, build and test software, and develop deploy-ready packaging.
Domain Keys Identified Mail (DKIM)
An asymmetric cryptographic key system that creates organizational nonrepudiation of messaging. Emails are received through proof-of-origin processing to detect spoofing and other fraudulent behavior.
DNS shadowing
Threat where the attacker gets access to the domain registrant's account and creates subdomains from the parent domain of the victim to draw unsuspecting visitors to bogus sites.
Domain-based Message Authentication, Reporting and Conformance (DMARC)
A scalable system for providing policy configuration for message validation, disposition, and reporting that mail-sending organizations can use for email lifecycle management.
Forward secrecy
Also known as perfect forward secrecy, forward secrecy is the cryptographic protection for encrypted data based upon the discovery or compromise of a private key in an asymmetric pair. The session key that was used in a previous session will not be available for decryption.
Immutable VM
New servers are based on a validated and version-controlled image. When a new system is required, the old is destroyed after the new is deployed.
Information security continuous monitoring (ISCM)
NIST 800-137 defines Information security continuous monitoring (ISCM) as "maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions."
Security Content Automation Protocol (SCAP)
SCAP is a multipurpose framework of specifications that supports automated configuration, vulnerability and patch checking, technical control compliance activities, and security measurement. Goals for the development of SCAP include standardizing system security management, promoting interoperability of security products, and fostering the use of standard expressions of security content.
Security Operations Management System (SOMS)
ISO/IEC 18788-2015, Management systems for private security operations - Requirements with guidance for use, is designed for organizations conducting or contracting security operations. The document provides a business and risk management framework for effective conduct of security operations.
Sender Policy Framework (SPF)
Email authentication that defines a process to validate an email message that has been sent from an authorized mail server in order to detect forgery and to prevent spam. The owner of a domain can identify exactly which mail servers they are able to send from with SPF protocols.
Simple Network Management Protocol (SNMP)
SNMP is an internet-standard protocol for collecting and organizing information about managed devices on IP networks. It can be used to determine the "health" of networking devices including routers, switches, servers, workstations, printers, and modem racks. [Show Less]