Extended Detection and Response

Security Operations Centre

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Intrusion Detection System

A system that monitors network traffic or system activities for malicious activity or policy violations.

Next-Generation Firewall

An advanced firewall that goes beyond traditional packet filtering to include application awareness and intrusion prevention.

Endpoint Detection and Response

Security technology that monitors endpoint devices to detect, investigate, and respond to cyber threats.

Security Orchestration Automation and Response

Technology that automates security operations by orchestrating tools and processes for incident response.

Incident Response Plan

A documented set of procedures for detecting, responding to, and recovering from cybersecurity incidents.

Digital Forensics

The process of collecting, preserving, and analysing electronic evidence for investigating security incidents.

Honeypot

A decoy system designed to attract attackers and study their methods while protecting real systems.

Security Orchestration, Automation and Response

A technology stack that integrates security tools and automates incident response workflows, enabling faster triage, investigation, and remediation of security alerts.

Threat Hunting

The proactive search for cyber threats within an organisation's environment that have evaded automated detection, using hypotheses, threat intelligence, and advanced analytics.

An authentication method requiring two or more verification factors to gain access to a resource.

Security technology embedded within applications that detects and blocks attacks in real time by monitoring application behaviour and request patterns during execution.

Security solutions that deploy decoy assets such as fake servers, credentials, and data to detect, misdirect, and analyse attackers who have breached perimeter defences.

An attack designed to make a machine or network resource unavailable by overwhelming it with traffic.

A set of voluntary guidelines for managing and reducing cybersecurity risk developed by the US National Institute of Standards.

The process of identifying, quantifying, and prioritising security vulnerabilities in systems and applications.

A network security device that monitors and filters incoming and outgoing network traffic based on security rules.

A systematic evaluation of an organisation's information system security by measuring compliance with established criteria.