Understanding security terminology is the first step to protecting yourself online. This glossary covers encryption, authentication, threats, and defense concepts in plain language.
A
AES (Advanced Encryption Standard)
A symmetric encryption algorithm used worldwide to protect sensitive data. AES-256 uses a 256-bit key and is considered unbreakable with current technology.
Example: Most VPNs use AES-256-GCM to encrypt your internet traffic.
API (Application Programming Interface)
A set of rules that allows different software applications to communicate with each other. APIs can be security risks if not properly secured.
Example: A weather app uses an API to fetch data from a weather service.
APT (Advanced Persistent Threat)
A sophisticated, long-term cyberattack where an intruder gains access to a network and remains undetected for an extended period. Often state-sponsored.
Example: APT29 (Cozy Bear) is attributed to Russian intelligence services.
Attack Surface
The total number of points where an unauthorized user can try to enter or extract data from a system. Reducing attack surface is a key security goal.
Example: Disabling unused services reduces your attack surface.
Authentication
The process of verifying the identity of a user, device, or system. Common methods include passwords, biometrics, and security tokens.
Example: Entering your password and a code from your authenticator app.
B
Backdoor
A hidden method of bypassing normal authentication or encryption in a system. Can be intentionally built in or created by malware.
Example: A developer leaving a secret admin account in software.
Biometrics
Authentication using unique physical characteristics like fingerprints, facial recognition, or iris scans.
Example: Unlocking your phone with Face ID or Touch ID.
Botnet
A network of compromised computers (bots) controlled by an attacker, often used for DDoS attacks, spam, or cryptocurrency mining.
Example: The Mirai botnet infected IoT devices to launch massive DDoS attacks.
Brute Force Attack
An attack method that tries every possible combination of passwords or encryption keys until the correct one is found.
Example: Trying all combinations from "aaa" to "zzz" to crack a password.
Bug Bounty
A program where organizations pay security researchers for discovering and responsibly disclosing vulnerabilities.
Example: Google pays up to $31,337 for critical Chrome vulnerabilities.
C
CAPTCHA
A test to determine whether a user is human or a bot. Stands for "Completely Automated Public Turing test to tell Computers and Humans Apart."
Example: Clicking all images containing traffic lights.
Certificate Authority (CA)
A trusted organization that issues digital certificates to verify the identity of websites and enable HTTPS encryption.
Example: Let's Encrypt, DigiCert, and Comodo are popular CAs.
CIA Triad
The three core principles of information security: Confidentiality (data is private), Integrity (data is accurate), and Availability (data is accessible).
Example: Encryption ensures confidentiality; checksums ensure integrity.
CISO (Chief Information Security Officer)
The executive responsible for an organization's information and data security strategy.
Example: The CISO reports to the CEO on security posture and risks.
Credential Stuffing
An attack using stolen username/password pairs from one breach to access accounts on other services where users reused credentials.
Example: Using LinkedIn breach credentials to access Netflix accounts.
Cryptography
The practice of securing information by transforming it into an unreadable format that can only be decoded with the correct key.
Example: HTTPS uses cryptography to secure web traffic.
CVE (Common Vulnerabilities and Exposures)
A standardized identifier for publicly known security vulnerabilities. Format: CVE-YEAR-NUMBER.
Example: CVE-2021-44228 is the Log4Shell vulnerability.
D
Dark Web
Part of the internet only accessible through special software like Tor. Contains both legitimate privacy-focused sites and illegal marketplaces.
Example: .onion sites are only accessible via the Tor network.
Data Breach
An incident where sensitive, protected, or confidential data is accessed or disclosed without authorization.
Example: The Equifax breach exposed 147 million people's personal data.
DDoS (Distributed Denial of Service)
An attack that overwhelms a target with traffic from multiple sources, making it unavailable to legitimate users.
Example: A botnet sending millions of requests to crash a website.
DNS (Domain Name System)
The internet's phone book that translates human-readable domain names (google.com) into IP addresses (142.250.80.46).
Example: When you type a URL, DNS resolves it to an IP address.
DNS Leak
When DNS queries bypass a VPN tunnel and go directly to your ISP, revealing the websites you visit despite VPN protection.
Example: Test for DNS leaks with our free tool.
E
E2EE (End-to-End Encryption)
Encryption where only the communicating users can read the messages. Even the service provider cannot access the content.
Example: Signal and WhatsApp use E2EE for messages.
Encryption
The process of converting data into a coded format that can only be read by someone with the decryption key.
Example: AES-256 encryption protects your VPN traffic.
Endpoint
Any device that connects to a network: computers, smartphones, tablets, IoT devices. Each endpoint is a potential entry point for attackers.
Example: An employee's laptop is an endpoint on the corporate network.
Exploit
Code or technique that takes advantage of a vulnerability to compromise a system or gain unauthorized access.
Example: EternalBlue was an exploit used in the WannaCry ransomware.
F
FIDO2 / WebAuthn
A passwordless authentication standard using hardware security keys or biometrics. Resistant to phishing attacks.
Example: Using a YubiKey to log into your Google account.
Firewall
A security system that monitors and controls incoming and outgoing network traffic based on predetermined rules.
Example: Blocking all incoming connections except on port 443 (HTTPS).
Fingerprinting (Browser)
A tracking technique that identifies users based on unique browser and device characteristics without cookies.
Example: Combining screen resolution, fonts, and plugins to create a unique ID.
Five Eyes (5-Eyes)
An intelligence alliance between USA, UK, Canada, Australia, and New Zealand that shares surveillance data.
Example: VPNs based outside 5-Eyes may offer better privacy.
G
GDPR (General Data Protection Regulation)
European Union regulation on data protection and privacy. Gives individuals control over their personal data.
Example: The right to request deletion of your personal data.
Geo-blocking
Restricting access to content based on the user's geographic location, typically determined by IP address.
Example: Netflix showing different content libraries by country.
H
Hash / Hashing
A one-way function that converts data into a fixed-size string. Used for password storage and data integrity verification.
Example: SHA-256 always produces a 64-character output regardless of input size.
HTTPS (Hypertext Transfer Protocol Secure)
The secure version of HTTP that encrypts data between your browser and websites using TLS/SSL.
Example: The padlock icon in your browser indicates HTTPS.
Honeypot
A decoy system designed to attract attackers and study their methods, or to distract them from real targets.
Example: A fake database server that logs all access attempts.
I
IDS/IPS (Intrusion Detection/Prevention System)
Security systems that monitor network traffic for suspicious activity. IDS alerts; IPS actively blocks threats.
Example: Snort is a popular open-source IDS/IPS.
IP Address
A unique numerical identifier assigned to every device on a network. IPv4 (e.g., 192.168.1.1) or IPv6 format.
Example: Check your IP address with our free tool.
IP Leak
When your real IP address is exposed despite using a VPN, often through WebRTC or IPv6 traffic.
Example: WebRTC in browsers can reveal your real IP even with VPN.
ISP (Internet Service Provider)
The company that provides your internet connection. ISPs can see and log all your unencrypted internet activity.
Example: Comcast, AT&T, and Verizon are major US ISPs.
J
Jailbreaking
Removing software restrictions on iOS devices to allow installation of unauthorized apps. Can introduce security risks.
Example: Jailbreaking an iPhone to install apps not in the App Store.
K
Keylogger
Malware that records every keystroke on a device, capturing passwords, messages, and other sensitive information.
Example: A keylogger capturing your banking login credentials.
Kill Switch
A VPN feature that blocks all internet traffic if the VPN connection drops, preventing IP address exposure.
Example: Your internet stops working if VPN disconnects unexpectedly.
L
Lateral Movement
Techniques attackers use to move through a network after initial access, searching for valuable targets.
Example: Using stolen credentials to access other systems on the network.
Least Privilege
Security principle where users are given only the minimum access rights needed to perform their job functions.
Example: A marketing employee shouldn't have access to financial systems.
M
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to systems. Includes viruses, worms, trojans, ransomware.
Example: WannaCry ransomware infected 200,000+ computers worldwide.
Man-in-the-Middle (MITM) Attack
An attack where the attacker secretly intercepts and potentially alters communication between two parties.
Example: Intercepting unencrypted traffic on public Wi-Fi.
MFA (Multi-Factor Authentication)
Authentication requiring two or more verification factors: something you know (password), have (phone), or are (biometric).
Example: Password + authenticator app code.
Metadata
Data about data. In communications, metadata includes who contacted whom, when, and for how long-but not the content.
Example: Email metadata shows sender, recipient, and timestamp.
N
No-Logs Policy
A VPN provider's commitment to not store any data that could identify users or their online activity.
Example: A no-logs VPN can't hand over data it doesn't have.
NIST (National Institute of Standards and Technology)
US agency that develops cybersecurity standards and guidelines used worldwide.
Example: NIST 800-53 is a widely-used security control framework.
O
Obfuscation
Disguising VPN traffic to look like regular HTTPS traffic, helping bypass censorship and deep packet inspection.
Example: Using obfuscated servers to access VPN in China.
OpenVPN
An open-source VPN protocol known for strong security and flexibility. Industry standard for over 20 years.
Example: Compare OpenVPN with other protocols.
OSINT (Open Source Intelligence)
Intelligence gathered from publicly available sources: social media, websites, public records, news.
Example: Researching a company using LinkedIn and news articles.
P
Patch
A software update that fixes security vulnerabilities or bugs. Timely patching is critical for security.
Example: Microsoft's Patch Tuesday releases monthly security updates.
Penetration Testing (Pen Test)
Authorized simulated attacks on a system to identify vulnerabilities before malicious hackers do.
Example: Hiring ethical hackers to test your company's defenses.
PFS (Perfect Forward Secrecy)
A property ensuring that session keys cannot be compromised even if the server's private key is compromised later.
Example: Each VPN session uses unique encryption keys.
Phishing
Social engineering attack using fraudulent emails, messages, or websites to trick users into revealing sensitive information.
Example: A fake bank email asking you to "verify" your account.
Proxy Server
An intermediary server that forwards requests between clients and servers. Unlike VPNs, most proxies don't encrypt traffic.
Example: Compare VPN vs Proxy vs Tor.
R
Ransomware
Malware that encrypts victim's files and demands payment (ransom) for the decryption key.
Example: Colonial Pipeline paid $4.4 million in ransomware attack.
Red Team
Security professionals who simulate real-world attacks to test an organization's defenses. Opposite of Blue Team (defenders).
Example: Red team attempts to breach security; blue team tries to stop them.
Rootkit
Malware designed to gain administrator-level access while hiding its presence from detection tools.
Example: A rootkit modifying the operating system to hide malicious processes.
RSA
An asymmetric encryption algorithm using public/private key pairs. Named after creators Rivest, Shamir, Adleman.
Example: RSA-4096 is used for secure key exchange in VPNs.
S
SIEM (Security Information and Event Management)
Software that aggregates and analyzes security logs from across an organization to detect threats.
Example: Splunk, Microsoft Sentinel, and IBM QRadar are popular SIEMs.
Social Engineering
Manipulating people into divulging confidential information or performing actions that compromise security.
Example: Calling IT support pretending to be an employee who forgot their password.
SOC (Security Operations Center)
A centralized team that monitors, detects, and responds to security incidents 24/7.
Example: SOC analysts investigate alerts from security tools.
Spear Phishing
Targeted phishing attacks customized for specific individuals or organizations using personal information.
Example: An email appearing to be from your CEO asking for a wire transfer.
Split Tunneling
A VPN feature that routes some traffic through the VPN while other traffic goes directly to the internet.
Example: Routing work apps through VPN while streaming Netflix directly.
SQL Injection
An attack that inserts malicious SQL code into application queries to access or manipulate databases.
Example: Entering ' OR '1'='1 in a login form to bypass authentication.
SSL/TLS (Secure Sockets Layer / Transport Layer Security)
Cryptographic protocols that provide secure communication over networks. TLS is the modern successor to SSL.
Example: HTTPS websites use TLS to encrypt traffic.
T
Threat Actor
Any individual or group that poses a threat to cybersecurity: hackers, nation-states, insiders, hacktivists.
Example: APT groups are sophisticated threat actors often backed by governments.
TOR (The Onion Router)
A network that anonymizes internet traffic by routing it through multiple volunteer-operated relays with layered encryption.
Example: Compare Tor with VPN and Proxy.
TOTP (Time-based One-Time Password)
An algorithm that generates temporary passwords that change every 30 seconds, used in authenticator apps.
Example: Google Authenticator generates TOTP codes.
Trojan
Malware disguised as legitimate software that creates backdoors or performs malicious actions once installed.
Example: A "free game" that installs a keylogger.
Two-Factor Authentication (2FA)
Authentication requiring exactly two verification factors. A subset of MFA (multi-factor authentication).
Example: Password + SMS code (though SMS 2FA is not recommended).
U
UDP (User Datagram Protocol)
A connectionless network protocol that's faster but less reliable than TCP. Preferred for VPNs and streaming.
Example: WireGuard uses UDP for faster VPN connections.
V
VPN (Virtual Private Network)
A service that encrypts your internet connection and routes it through a secure server, hiding your IP address and protecting your data.
Example: Learn more about VPNs in our complete guide.
Vulnerability
A weakness in a system that can be exploited by attackers to gain unauthorized access or cause damage.
Example: An unpatched software bug that allows remote code execution.
W
WebRTC
Browser technology for real-time communication (video calls, etc.) that can leak your real IP address even when using a VPN.
Example: Test for WebRTC leaks with our free tool.
Whaling
Phishing attacks specifically targeting high-profile individuals like executives (the "big fish").
Example: A fake email to the CFO requesting an urgent wire transfer.
WireGuard
A modern VPN protocol known for speed, simplicity, and strong security. Uses state-of-the-art cryptography.
Example: Compare WireGuard with OpenVPN.
Worm
Self-replicating malware that spreads across networks without user interaction, unlike viruses which require a host file.
Example: The Morris Worm (1988) was one of the first internet worms.
X
XSS (Cross-Site Scripting)
A vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
Example: Injecting JavaScript that steals session cookies.
Z
Zero-Day
A vulnerability unknown to the software vendor, giving them "zero days" to fix it before exploitation. Highly valuable to attackers.
Example: Zero-day exploits can sell for millions on the black market.
Zero Trust
A security model that requires verification for every user and device, regardless of location. "Never trust, always verify."
ZTNA (Zero Trust Network Access)
A security framework providing secure remote access based on defined access control policies, replacing traditional VPNs in some cases.
Example: Granting access to specific apps rather than entire networks.