Threat Hunting

Security Operations Centre

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Intrusion Detection System

A system that monitors network traffic or system activities for malicious activity or policy violations.

Next-Generation Firewall

An advanced firewall that goes beyond traditional packet filtering to include application awareness and intrusion prevention.

Endpoint Detection and Response

Security technology that monitors endpoint devices to detect, investigate, and respond to cyber threats.

Security Orchestration Automation and Response

Technology that automates security operations by orchestrating tools and processes for incident response.

Incident Response Plan

A documented set of procedures for detecting, responding to, and recovering from cybersecurity incidents.

Digital Forensics

The process of collecting, preserving, and analysing electronic evidence for investigating security incidents.

Honeypot

A decoy system designed to attract attackers and study their methods while protecting real systems.

Extended Detection and Response

A unified security platform that integrates data from endpoints, networks, cloud workloads, and email to provide holistic threat detection, investigation, and automated response.

Security Orchestration, Automation and Response

A technology stack that integrates security tools and automates incident response workflows, enabling faster triage, investigation, and remediation of security alerts.

A group of security professionals who simulate real-world attacks to test an organisation's defensive capabilities.

An international standard for information security management systems specifying requirements for establishing and maintaining security.

A targeted phishing attack directed at specific individuals or organisations using personalised deceptive content.

A programming error where data written to a buffer exceeds its capacity, potentially allowing code execution.

A cloud architecture that converges networking and security services including SD-WAN, firewall, and zero trust access into a unified cloud-delivered platform.

A collaborative security approach combining red team attack knowledge with blue team defensive capabilities.

The practice of protecting information by mitigating information risks including unauthorised access, use, and disruption.

A web security vulnerability allowing attackers to inject malicious scripts into web pages viewed by other users.