CYBERARK GLOSSARY

Cybersecurity is awash in technical terms and industry buzzwords. The CyberArk Glossary is your guide through a sea of complicated terminology, providing easy-to-understand definitions and resources for further exploration.

A

Active Directory

Active Directory (AD) is Microsoft’s directory and identity management service for Windows domain networks. AD is used for user authentication and authorization by a variety of Microsoft solutions like Exchange Server and SharePoint Server, as well as third-party applications and services.

Learn more about

Active Directory

Adaptive Multi-factor Authentication

Adaptive Authentication is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use Adaptive Authentication to balance security requirements with the user experience.

Learn more about

Adaptive Multi-factor Authentication

App Gateway

An app gateway is an enterprise security solution that lets users access traditional web applications hosted in corporate data centers using the same logon credentials and methods they use to access mobile apps and cloud services.

Learn more about

App Gateway

B

C

Cloud Security

Cloud security refers to the practice of protecting the integrity of cloud-based applications, data and virtual infrastructure.  The term applies to all cloud deployment models (public cloud, private cloud, hybrid cloud, multi-cloud) and all types of cloud-based services and on-demand solutions (IaaS, PaaS, SaaS).

Learn more about

Cloud Security

D

Data Breach

A data breach is a security incident in which malicious insiders or external attackers gain unauthorized access to confidential data or sensitive information such as medical records, financial information or personally identifiable information (PII). Data breaches are one of the most common and most costly types of cybersecurity incidents.

Learn more about

Data Breach

DevOps Security

DevOps is a term used to describe a set of cultural philosophies, practices and tools that bring together software development (Dev) and IT operations (Ops) and increase an organization’s ability to deliver applications and services at high velocity. DevOps presents new risks and cultural changes that create security challenges that cannot typically be addressed by conventional security management solutions and practices.

Learn more about

DevOps Security

E

Endpoint Security

Endpoint security refers to the practice of protecting enterprise networks against threats originating from on-premises or remote devices. An endpoint is any device that provides an entry point to corporate assets and applications and represents a potential cybersecurity vulnerability.

Learn more about

Endpoint Security

F

G

H

I

Identity and Access Management (IAM)

Identity and Access Management (IAM) solutions enable administration of user identities and control of access to enterprise resources. IAM solutions ensure the right individuals have access to the right IT resources, for the right reasons, at the right time.

Learn more about

Identity and Access Management (IAM)

Identity as a Service (IDaaS)

Identity as a Service (IDaaS) is an Identity and Access Management solution delivered in the form of a cloud-based service hosted and managed by a trusted third party. An IDaaS offering combines all the functions and benefits of an enterprise-class IAM solution with all the economic and operational advantages of a cloud-based service.

Learn more about

Identity as a Service (IDaaS)

J

Just-In-Time Access

Using the just-in-time (JIT) access methodology, organizations can elevate human and non-human users in real-time to provide elevated and granular privileged access to an application or system in order to perform a necessary task. Cybersecurity industry analysts recommend JIT access as a way of provisioning secure privileged access by minimizing standing access.

Learn more about

Just-In-Time Access

K

L

Least Privilege

The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access – or permissions – needed to perform his/her job functions. The principle of least privilege is widely considered to be a cybersecurity best practice and is a fundamental step in protecting privileged access to high-value data and assets.

Learn more about

Least Privilege

M

Malware

Malware is a broad name for any type of malicious software designed to cause harm or damage to a computer, server, client or computer network and infrastructure without end-user knowledge. Cyber attackers create, use and sell malware for many different reasons, but it is most frequently used to steal personal, financial or business information.

Learn more about

Malware

Multi-factor Authentication (MFA)

Adaptive Authentication is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use Adaptive Authentication to balance security requirements with the user experience.

Learn more about

Multi-factor Authentication (MFA)

N

O

P

Passwordless Authentication

Passwordless Authentication is an authentication method that allows a user to gain access to an application or IT system without entering a password or answering security questions.

Learn more about

Passwordless Authentication

Privileged Access Management (PAM)

Privilege access management (PAM) refers to a comprehensive cybersecurity strategy – comprising people, processes and technology – to control, monitor, secure and audit all human and non-human privileged identities and activities across an enterprise IT environment. Organizations implement privilege access management to protect against the threats posed by credential theft and privilege misuse.

Learn more about

Privileged Access Management (PAM)

Q

R

Ransomware

Ransomware is a type of malware designed to extort victims for financial gain. Once activated, ransomware prevents users from interacting with their files, applications or systems until a ransom is paid, usually in the form of an untraceable currency like Bitcoin.

Learn more about

Ransomware

Robotic Process Automation (RPA)

Robotic process automation (RPA) is an automation technology that helps organizations to partially or fully automate standardized tasks. Robotic process automation software robots, or “bots” can mimic the actions of humans to perform work.

Learn more about

Robotic Process Automation (RPA)

S

SaaS

Software-as-a-Service (SaaS) is a software licensing and distribution model in which a service provider hosts applications and makes them available to customers over the Internet. Also referred to as “on-demand software,” “hosted software,” and “web-based software,” SaaS is one of three main components of cloud computing—which is one of the foundational elements of digital transformation.

Learn more about

SaaS

Secrets Management

Secrets management allows organizations to consistently enforce security policies for non-human identities. Secrets management provides assurance that resources across tool stacks, platforms and cloud environments can only be accessed by authenticated and authorized entities.

Learn more about

Secrets Management

Security Assertion Markup Language (SAML)

Security Assertion Markup Language (SAML) provides a standard way for businesses and application providers to share user authentication and authorization data and federate identity management functionality.

Learn more about

Security Assertion Markup Language (SAML)

Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that lets users access multiple applications and services using a single set of login credentials. SSO can help businesses improve user satisfaction and productivity, strengthen access security, and reduce IT operations expense and complexity.

Learn more about

Single Sign-On (SSO)

T

U

V

Virtual Directory

A virtual directory is an Identity and Access Management architectural component that gives identity consumers a consolidated and unified view of identity management information stored in multiple disparate data repositories.

Learn more about

Virtual Directory

W

X

Y

Z

Zero Trust

Zero Trust is a strategic cybersecurity model designed to protect modern digital business environments. Zero Trust is centered on the belief that organizations should not automatically trust anything, whether it’s outside or inside its network perimeter. Zero Trust models demand that anyone and everything trying to connect to an organization’s systems must first be verified before access is granted.

Learn more about

Zero Trust

STAY IN TOUCH

STAY IN TOUCH!

Keep up-to-date on security best practices, events and webinars.