Digital Forensics

Security Operations Centre

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Intrusion Detection System

A system that monitors network traffic or system activities for malicious activity or policy violations.

Next-Generation Firewall

An advanced firewall that goes beyond traditional packet filtering to include application awareness and intrusion prevention.

Endpoint Detection and Response

Security technology that monitors endpoint devices to detect, investigate, and respond to cyber threats.

Security Orchestration Automation and Response

Technology that automates security operations by orchestrating tools and processes for incident response.

Incident Response Plan

A documented set of procedures for detecting, responding to, and recovering from cybersecurity incidents.

Honeypot

A decoy system designed to attract attackers and study their methods while protecting real systems.

Extended Detection and Response

A unified security platform that integrates data from endpoints, networks, cloud workloads, and email to provide holistic threat detection, investigation, and automated response.

Security Orchestration, Automation and Response

A technology stack that integrates security tools and automates incident response workflows, enabling faster triage, investigation, and remediation of security alerts.

Threat Hunting

The proactive search for cyber threats within an organisation's environment that have evaded automated detection, using hypotheses, threat intelligence, and advanced analytics.

A set of voluntary guidelines for managing and reducing cybersecurity risk developed by the US National Institute of Standards.

An isolated testing environment that mimics production settings for safely running untrusted programs or code.

Security technology embedded within applications that detects and blocks attacks in real time by monitoring application behaviour and request patterns during execution.

A structured approach for identifying, quantifying, and addressing security threats to a system or application.

The total number of points where an unauthorised user can try to enter or extract data from a system.

The secure storage, distribution, rotation, and auditing of sensitive credentials such as API keys, tokens, passwords, and certificates used by applications and services.

A social engineering attack that uses fraudulent communications to trick recipients into revealing sensitive information.

A group of security professionals who simulate real-world attacks to test an organisation's defensive capabilities.