Glossary Cybersecurity and networking, clearly explained

From Zero Trust to SDN: this glossary explains the terms that keep coming up in security and networking projects. Every entry describes what a term means, how the technology works and what matters in practice.

C

CDN (Content Delivery Network)

A content delivery network serves web content via edge servers distributed around the world and thereby noticeably shortens load times. This article explains how caching and anycast work, what protective effect a CDN offers and where its limits lie.

Read term →

CI/CD Security

CI/CD pipelines build and deliver software automatically, which makes them a target in their own right: whoever controls the pipeline controls the software. This article shows how to secure secrets, dependencies and artefacts, and why segmenting the build environment is part of it.

Read term →

Cloud Detection and Response (CDR)

Cloud Detection and Response (CDR) detects ongoing attacks in cloud environments on the basis of telemetry from the control plane, identities and data flows. This article explains how it works and its typical scenarios, distinguishes CDR from EDR and shows how detection and containment work together.

Read term →

Cloud Migration

Cloud migration refers to the planned relocation of applications and data into cloud environments. This article explains the 6R strategies, examines network and security aspects such as private connectivity and shows when lift-and-shift is worthwhile and when modernisation is the better choice.

Read term →

Cloud Security

Cloud security covers all measures that protect data, applications and infrastructure in cloud environments against attacks and misconfigurations. This article explains the shared responsibility model, shows the key protection layers and describes how companies can use the cloud securely and in line with regulations.

Read term →

Cloud Workload Protection (CWPP)

Cloud Workload Protection Platforms (CWPP) protect virtual machines, containers and serverless functions across their entire lifecycle. This article explains how they work and where they are used, shows the difference from CSPM and describes why visibility and segmentation form the core of effective workload protection.

Read term →

Common Criteria

Common Criteria is the international standard for evaluating and certifying the security properties of IT products. This article explains protection profiles and the evaluation assurance levels EAL1 through EAL7, describes the role of the BSI and shows how this product standard differs from ISO 27001.

Read term →

Container Orchestration

Container orchestration automates the distribution, scaling and self-healing of containerized applications across many servers. This article explains the core functions, the role of Kubernetes as the de facto standard, typical use cases and the distinction between the orchestrator and the container runtime.

Read term →

Container Security

Container security protects applications from the image build through the registry to runtime. This article explains scanning, signatures, minimal privileges and isolation, shows typical use cases and compares the security model of containers with that of virtual machines.

Read term →

CVE and CVSS

CVE uniquely names known vulnerabilities, while CVSS rates their severity on a scale from 0 to 10. This article explains how the two systems work together, which metrics lie behind the score and why the CVSS value alone does not yet determine patch priority.

Read term →

Cyber Resilience

Cyber resilience describes a company's ability to remain operational under attack and to recover quickly after disruptions. The approach combines prevention with containment and recovery, and thereby places the question of how operations survive an incident at the center.

Read term →

Cyberattack

A cyberattack is a targeted attempt to gain unauthorized access to IT systems and cause damage there. Most attacks follow a recurring sequence that defenders can interrupt at several points if they know it.

Read term →

Cybersecurity

Cybersecurity refers to all technical and organizational measures to protect IT systems and data against attacks and misuse. At its center are the protection goals of confidentiality, integrity and availability, implemented through disciplines ranging from network security to identity protection.

Read term →

Cybersecurity Compliance

Cybersecurity compliance refers to the demonstrable adherence to legal and contractual security requirements, from the GDPR through NIS2 and DORA to ISO 27001. This article classifies the most important frameworks, describes evidence and audits and explains why compliance and actual security are two different goals.

Read term →

M

Malware

Malware is the umbrella term for software that deliberately causes harm: from data theft to the encryption of entire systems. The main types differ in their distribution path and goal, with direct consequences for the appropriate defense strategy.

Read term →

Microsegmentation

Microsegmentation divides networks into the smallest zones and controls the data traffic between individual workloads, independently of IP addresses and VLANs. The approach stops lateral movement by attackers and is regarded as a core building block of every Zero Trust architecture.

Read term →

MPLS

MPLS forwards data packets based on labels over fixed paths and was for years the standard for connecting company sites. This article explains how the technology works and its strengths, shows its limits in the cloud era, and clarifies when SD-WAN is the better choice.

Read term →

Multi-Factor Authentication (MFA)

Multi-factor authentication combines at least two independent proofs from knowledge, possession, and biometrics, and thereby renders stolen passwords largely worthless. This article explains methods from TOTP to passkeys, their phishing resistance, and how they differ from 2FA.

Read term →

Mythos (Claude Mythos)

Mythos is Anthropic's most powerful AI model, with autonomous offensive security capabilities that mark a turning point: vulnerability discovery, exploit development, and attack chains run at large scale for the first time without human involvement. The term therefore stands in for a new threat landscape.

Read term →

P

PCI DSS

PCI DSS is the credit card industry's security standard for all companies that store, process, or transmit cardholder data. This article explains the core requirements, shows how network segmentation considerably reduces the audit scope, and distinguishes the standard from the GDPR.

Read term →

Peering and Interconnection

Peering refers to the direct exchange of data traffic between two networks without a detour via transit providers. This article explains the difference between public peering at internet exchanges and private interconnects and shows why direct paths lower latency and costs and increase control over the data path.

Read term →

Penetration Testing

A penetration test is a commissioned, controlled attack on one's own IT that uncovers exploitable vulnerabilities before real attackers find them. This article explains the goals, test types, and process, clarifies the legal basis, and distinguishes the pentest from the automated vulnerability scan.

Read term →

Personal Data (PII)

Personal data is all information that can be assigned to an identified or identifiable person. This article explains the GDPR definition, the special categories, suitable technical and organizational protective measures, and the difference between PII and pseudonymized data.

Read term →

Phishing

Phishing is the attempt to obtain credentials, money, or confidential information via forged messages. This article shows how such attacks proceed, which variants exist from spear phishing to business email compromise, and with which measures companies effectively limit the damage.

Read term →

Post-Quantum Cryptography (PQC)

Post-quantum cryptography covers encryption and signature methods that withstand attacks from quantum computers as well. Because data intercepted today can be decrypted later, migration does not begin with the first quantum computer but now.

Read term →

S

SASE/SSE

SASE/SSE shifts network and security functions into a shared cloud platform that serves users and sites at the nearest access point. Building blocks such as ZTNA, Secure Web Gateway, CASB and Firewall as a Service replace the central appliance in the data center.

Read term →

Security Breach

A security breach occurs when protective measures have actually been broken through and unauthorized parties have gained access to systems or data. The term is narrower than that of an incident and triggers concrete obligations, from the GDPR report within 72 hours to informing those affected.

Read term →

Security Operations Center (SOC)

A security operations center continuously monitors the IT environment, assesses alerts and responds to incidents before anomalies turn into larger damage. This article explains tasks, roles and tools as well as the decision between an internal and a managed SOC.

Read term →

Security Policy

A security policy defines in a binding way how a company handles information, systems and access. It ranges from the management directive to the technical segmentation rule and takes effect only when both levels fit together and are enforced.

Read term →

Shift-Left Security

Shift-left security moves security checks to the start of software development: vulnerabilities are found while the code is written instead of shortly before release. This article explains tools such as SAST and SCA and describes why security at runtime nevertheless remains indispensable.

Read term →

SIEM

A SIEM collects log data from across the entire IT, links individual events into patterns and alerts on signs of attacks. This article explains how it works, the maintenance effort behind good detection rules, and the distinction from SOAR and XDR.

Read term →

Social Engineering

Social engineering attacks people instead of technology: attackers gain trust, create pressure and get employees to release access or payments. This article shows the most important manipulation techniques, explains why they work, and describes protective measures built from processes and technology.

Read term →

Software-Defined Networking (SDN)

Software-Defined Networking (SDN) separates the control of a network from the hardware that transports the data packets. Administrators define the behavior of the entire network centrally in software instead of configuring each device individually, which makes the network faster to adapt and more consistent.

Read term →

Supply Chain Attack

In a supply chain attack, attackers compromise a supplier, a software update, or a component and use it to reach the systems of their actual targets. This article explains attack paths through software and service provider supply chains, the role of SBOMs, and the supply chain obligations arising from NIS-2.

Read term →

V

Virtual Desktop Infrastructure (VDI)

Virtual Desktop Infrastructure (VDI) provides workplace desktops centrally in the data center, and users access them from almost any end device without the data leaving the central environment. This article explains how a VDI environment is built, along with its security advantages and limits, and draws the distinction from Desktop as a Service.

Read term →

Visibility

Visibility refers to the continuously up-to-date view of the assets, communication relationships, and data flows of your own IT. Every effective security measure depends on this foundation: anyone who does not know which systems talk to one another can neither segment nor detect attacks.

Read term →

VLAN

VLANs divide a physical network into logically separated segments at Layer 2, for example for guests, telephony, or production. This article explains tagging according to IEEE 802.1Q, typical use cases, and the limits of the technology when it comes to real security zones at the workload level.

Read term →

VPN

A VPN builds an encrypted tunnel through public networks and thereby connects sites or individual devices to the company network. This article explains how it works, its forms of use, and the limits of the model when employees access distributed applications from anywhere.

Read term →

Vulnerability Management

Vulnerability management detects security gaps in IT systems and ensures they are fixed before attackers exploit them. This article shows how the cycle of scanning, prioritizing and patching works, what role reachability and context play in the assessment, and where the difference to a penetration test lies.

Read term →

A term missing, or want to put a topic into practice in your own network? Talk to KAEMI.