Endpoint Detection and Response

Security Operations Centre

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Intrusion Detection System

A system that monitors network traffic or system activities for malicious activity or policy violations.

Next-Generation Firewall

An advanced firewall that goes beyond traditional packet filtering to include application awareness and intrusion prevention.

Security Orchestration Automation and Response

Technology that automates security operations by orchestrating tools and processes for incident response.

Incident Response Plan

A documented set of procedures for detecting, responding to, and recovering from cybersecurity incidents.

Digital Forensics

The process of collecting, preserving, and analysing electronic evidence for investigating security incidents.

Honeypot

A decoy system designed to attract attackers and study their methods while protecting real systems.

Extended Detection and Response

A unified security platform that integrates data from endpoints, networks, cloud workloads, and email to provide holistic threat detection, investigation, and automated response.

Security Orchestration, Automation and Response

A technology stack that integrates security tools and automates incident response workflows, enabling faster triage, investigation, and remediation of security alerts.

Threat Hunting

The proactive search for cyber threats within an organisation's environment that have evaded automated detection, using hypotheses, threat intelligence, and advanced analytics.

A web security vulnerability allowing attackers to inject malicious scripts into web pages viewed by other users.

Technology that aggregates and analyses security data from across an organisation to detect threats.

The process of identifying, quantifying, and prioritising security vulnerabilities in systems and applications.

The secure storage, distribution, rotation, and auditing of sensitive credentials such as API keys, tokens, passwords, and certificates used by applications and services.

A structured set of guidelines and best practices for meeting regulatory requirements and industry standards.

An authentication method requiring two or more verification factors to gain access to a resource.

A group of security professionals who simulate real-world attacks to test an organisation's defensive capabilities.

The continuous discovery, inventory, classification, and monitoring of all external-facing digital assets to identify and reduce an organisation's exposure to cyber threats.