Cyber Report Glossary

Answers to some of the more technical terms that feature on our reports
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
No results could be found for that search term. Please search for another glossary term.
Website security

X-XXS protection header

X-XSS protection header is a feature that stops pages from loading when they detect Cross Site Scripting attacks.

X-Frame Options

The X-Frame-Options HTTP response header can be used to indicate whether a browser should be allowed to display a page inside another page’s iframe or not. Clickjacking attacks are also explained in this glossary

SSL (Secure Sockets Layer)

The standard security technology for establishing an encrypted link between a web server and a browser.

Insecure cookies

A secure cookie is only sent to the server with an encrypted request over the HTTPS protocol. Even with the Secure flag set, sensitive information should never be stored in cookies.

HttpOnly cookies

HttpOnly is a flag added to cookies that informs the browser that this cookie should only be accessed by the server. Any try to access the cookie from client-side script is strictly forbidden. An attacker may try to steal our authentication token stored in a cookie, and then access the website with our account. With HttpOnly cookies, this is not possible. This makes XSS attacks (a term also covered in this glossary) harder to perform.

HTTPS (Hypertext Transfer Protocol Secure)

It is an internet communication protocol that protects the integrity and confidentiality of data between the user's computer and the website. Data sent using HTTPS is secured via the Transport Layer Security protocol (TLS), which provides three key layers of protection: Encryption, Data Integrity and Authentication.The well known other internet communication protocol is referred to as HTTP (standing for Hypertext Transfer protocol) and is less secure than HTTPS as it can be potentially interecepted or manipulated by third parties.

HSTS (HTTP Strict Transport Security)

It is a method used by websites to declare that they should only be accessed using a secure connection (known as HTTPS - a term also covered in this glossary). If a website declares an HSTS policy, the browser must refuse all HTTP connections, which is less secure and can be potentially interecepted and manipulated by third party. Implementing HSTS gives an extra layer of security to your site.

Content Security Policy (CSP)

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.

DNS (Domain Name System) provider

The phonebook of the internet - humans access information online through domain names such as bbc.co.uk. A Domain Name System (DNS) translates domain names to IP addresses so that web browsers can read it and load internet resources.A DNS provider provides domain name system resolution services and operates the servers and necessary infrastructure for the DNS system to work.

DDOS

In a Distributed Denial of Service (DDoS) attack, an attacker uses many controlled computers (bots) to simultaneously flood your website with requests in order to make it inoperable.

Clickjacking

Clickjacking happens when a user is tricked into clicking something that seemingly takes them to one place but actually routes them to a fake site. This could lead to the user accidentally doing something that compromises security.

Man In The Middle Attacks

When a user accesses your website, data is transmitted between the user and your website's servers. A Man In the Middle Attack happens when communication between the user and the website is intercepted by hackers if they are on the same network (e.g. public WiFis). As a result, sensitive data such as card details could be compromised.

SameSite flag - Strict or Lax

The SameSite cookie attribute is used by browsers to identify how first and third-party cookies should be handled. On your website, you have two options when establishing a SameSite cookie value: Lax and Strict. As the name implies, the “Strict” value is a more aggressive form of cross-site request forgery prevention. The “Lax” value in SameSite is a more relaxed form of cross-site request protection.

Secure Flag

The cookie Secure Flag is a cyber security feature that ensures cookies will only get sent through encrypted channels, rather than less secure routes.

Cross Site Scripting (XXS)

Cross Site Scripting attacks (XSS attacks) allow hackers to inject code into your web page and perform actions such as redirecting your site or stealing passwords.

Domain impersonation

Hackers might create websites that look like yours and use a similar looking domain to trick visitors into believing it is your legitimate website. These fake websites could be used to steal payments details or even install malware on devices.

Hackers may also use similar looking domains to try and impersonate your organisation's email address for phishing purposes. It a client or an employee received an email from a domain looking similar to your organisations, it is possible they might believe it is a legitimate email.

Device security

Antivirus

Antivirus programs are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more.

Firewall

Firewalls create a barrier between your IT network and other, external networks. They prevent unwanted connections being created to, and from, your computers. You could use either a personal firewall on your internet connected laptop or a dedicated boundary firewall, which places a protective buffer around your entire network.

Encryption

Encryption converts data into an encoded format that can only be decoded with an encryption key (such as a password). For encrypted devices, for example, before saving data on its drive, the device will encrypt it so it cannot be read by people without the key.

Email security

DMARC (Domain-based Message Authentication)

DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It ties SPF and DKIM together with a consistent set of policies. It instructs email servers that receive messages from your domain how to handle mail that fails SPF and DKIM authentication checks.

SPF (Sender Policy Framework)

A validation protocol that allows email recipients to check that incoming messages are from a source authorised by the sending domain’s administrators. It stops cyber attackers from spoofing, or impersonating, email addresses that belong to other organisations or people.

DKIM (Domain Keys Identified Mail)

DKIM stands for Domain Keys Identified Mail. It is a signature based email authentication method, in which the DKIM-signature allows senders to associate a domain name with an email message, consequently vouching for its authenticity. DKIM ensures that email messages are received with exactly the content that the sender intended.

Spoofing (also known as e-mail impersonation)

Spoofing occurs when cyber criminals are able to make an email appear to be coming from a certain email address (impersonation).

Email impersonation (also known as Spoofing)

Email impersonation occurs when cyber criminals are able to make an email appear to be coming from a certain email address (impersonation)

Account security

2 Factor Authentification (2FA)

Two-factor authentication (2FA) is a security system that requires two distinct forms of identification in order to access something. For example, being able to log-in to your emails by typing in your password as well as entering a code that is sent to your phone via text.

2FA may also be called "Multi Factor Authentication" or "Dual Factor Authentication"

Backups

Backups

Backups are a safety net for when data is lost, or integrity has been compromised. There are a lot of ways of losing data, from stolen devices and hardware damage to ransomware attacks and hacked accounts.

Any data that is critical to your organisation such as documents, files or customer data should be backed up on a regular basis to a separate device or system. This could be a physical device such as an encrypted USB stick or a cloud storage solution such as Google Drive or Dropbox.

Scoring

CVSS (Common Vulnerability Scoring System)

CVSS provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Two common uses of CVSS are prioritization of vulnerability remediation activities and in calculating the severity of vulnerabilities discovered on one's systems. The National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities.