CyberArk用語集

多数の技術用語や業界用語がサイバーセキュリティに使用されています。CyberArk用語集の理解しやすい定義とリソースを、さらなる探求のガイドとしてお役立てください。

A

Access Certification

Access Certification facilitates the review of a user’s access privileges and requires a third-party to certify that the access should continue to be granted for a designated period of time.

詳細情報

Access Certification

Access Discovery

Access discovery provides administrators with a clear picture of who has access to what applications, resources or privileges across the organization.

詳細情報

Access Discovery

Access Management

Access management solutions are used by businesses to authenticate, authorize and audit access to on-premises and cloud-based applications and IT systems.

詳細情報

Access Management

Active Directory (AD)

Active Directory (AD) is Microsoft’s directory and identity management service for Windows domain networks. AD is used for user authentication and authorization by a variety of Microsoft solutions like Exchange Server and SharePoint Server, as well as third-party applications and services.

詳細情報

Active Directory (AD)

Adaptive Multi-Factor Authentication (MFA)

Adaptive MFA is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use Adaptive Authentication to balance security requirements with the user experience.

詳細情報

Adaptive Multi-Factor Authentication (MFA)

Application (App) Gateway

An app gateway is an enterprise security solution that lets users access traditional web applications hosted in corporate data centers using the same logon credentials and methods they use to access mobile apps and cloud services.

詳細情報

Application (App) Gateway

Authentication Authorization

Authentication and Authorization solutions positively validate a user’s identify and grant permission to access applications and IT systems once verified.

詳細情報

Authentication Authorization

B

Bot Security

Bots automate and supplement human workflows helping organizations improve business agility, reduce costs and risks, and free up staff for higher value tasks.

詳細情報

Bot Security

C

CI/CD Pipeline

A CI/CD pipeline is a collection of tools used by developers and test engineers throughout the continuous software development, delivery and deployment lifecycle.

詳細情報

CI/CD Pipeline

CISA Secure Software Development Attestation Form (SSDA)

The Secure Software Development Attestation Form is a requirement introduced by the Cybersecurity and Infrastructure Security Agency with OMB collaboration.

詳細情報

CISA Secure Software Development Attestation Form (SSDA)

Cloud IAM Permissions

Cloud identity and access management (IAM) permissions let IT and security organizations control access to the resources in their cloud environments.

詳細情報

Cloud IAM Permissions

Cloud Identity Security

Cloud identity security is the practice of implementing identity security controls to secure human and machine identities in hybrid and multi-cloud environments. Cloud migration and digital transformation have become commonplace for many modern enterprises

詳細情報

Cloud Identity Security

Cloud Infrastructure Entitlements Management (CIEM)

Sometimes referred to as Cloud Entitlements Management solutions or Cloud Permissions Management solutions, CIEM solutions apply the Principle of Least Privilege access to cloud infrastructure and services, helping organizations defend against data breaches, malicious attacks and other risks posed by excessive cloud permissions.

詳細情報

Cloud Infrastructure Entitlements Management (CIEM)

Cloud Security クラウドセキュリティ

クラウドセキュリティとは、クラウドベースのアプリケーション、データ、バーチャルインフラストラクチャの整合性を保護することを意味します。この用語は、すべてのクラウド展開モデル(パブリッククラウド、プライベートクラウド、ハイブリッドクラウド、マルチクラウド)、およびすべてのタイプのクラウドベースのサービスとオンデマンドソリューション(IaaS、PaaS、SaaS)に適用されます。

詳細情報

Cloud Security クラウドセキュリティ

Customer Identity and Access Management (CIAM)

CIAM solutions control access to public websites and digital properties, making it easy for customers to sign up and log on to online applications and services.

詳細情報

Customer Identity and Access Management (CIAM)

Cyber Insurance

Businesses purchase cyber insurance (also known as cybersecurity insurance) to mitigate financial loss due to cyber attacks and data breaches.

詳細情報

Cyber Insurance

D

Data Breach データ侵害

データ侵害とは、社内の脅威や外部からの攻撃者が、医療記録、財務情報、個人識別情報(PI)などの機密データまたは機密情報に不正にアクセスするセキュリティインシデントです。データ侵害は、あらゆる規模、業界、地域のビジネスに影響を及ぼす、最も一般的で最もコストがかかるサイバーセキュリティインシデントのひとつであり、驚くほど頻繁に発生しています。

詳細情報

Data Breach データ侵害

Data Sovereignty

Data sovereignty is the ability of enterprises to safeguard and have full control over the personally identifiable information (PII) of any citizen or permanent resident of the country in which it operates.

詳細情報

Data Sovereignty

Defense-in-Depth

A defense-in-depth strategy, aka a security-in-depth strategy, refers to a cybersecurity approach that uses multiple layers of security for holistic protection.

詳細情報

Defense-in-Depth

DevOpセキュリティ

DevOpsは、ソフトウェア開発(Dev)とIT運用(Ops)が連携してシステムを開発・運用することを意味します。これにより、アプリケーションやサービスを高速で配信でき、文化的な基本方針、プラクティス、ツールを組み合わせて、より良いサービスを顧客に提供して組織の能力を高めることができます。DevOps は、新たなリスクと文化的な変化をもたらします。これにより、通常は従来のセキュリティ管理ソリューションおよびプラクティスでは対処できないセキュリティ上の課題が生じます。

詳細情報

DevOpセキュリティ

Digital Transformation

Digital transformation refers to the process of integrating digital technology into various aspects of an organization to fundamentally change how it operates and delivers value to its customers or stakeholders.

詳細情報

Digital Transformation

Directory Services

A directory service is a common data repository for maintaining information about network users and resources as part of their Identity Security strategy.

詳細情報

Directory Services

DORA Act

The Digital Operational Resilience Act (DORA) Act, is a regulatory framework established by the European Union to fortify the financial sector against ICT threats.

詳細情報

DORA Act

E

Endpoint Security エンドポイントセキュリティ

エンドポイントセキュリティとは、オンプレミスまたはリモートデバイスで発生する脅威から企業ネットワークを保護することを意味します。エンドポイントは、企業の資産とアプリケーションへのエントリポイントを提供し、サイバーセキュリティ対して潜在的に脆弱なデバイスです。

詳細情報

Endpoint Security エンドポイントセキュリティ

Enterprise Browser

An enterprise browser is a dedicated, corporate web browser designed to give enterprises enhanced security and control over how the browser functions while ensuring a seamless browsing experience for employees

詳細情報

Enterprise Browser

F

FedRAMP Authorization

Federal Risk and Authorization Management Program (FedRAMP) is a United States government-wide program that standardizes the security assessment, authorization and continuous monitoring of cloud products and services.

詳細情報

FedRAMP Authorization

FIDO2

FIDO2 is an open authentication standard developed by the FIDO Alliance, an organization with the mission to develop open, scalable authentication standards.

詳細情報

FIDO2

G

H

Healthcare Cybersecurity

Healthcare cybersecurity protects organizations from cyber attacks and ensures availability of medical services, integrity of patient data, and compliance.

詳細情報

Healthcare Cybersecurity

I

Identity and Access Management (IAM)

Identity and Access Management (IAM) solutions enable administration of user identities and control of access to enterprise resources. IAM solutions ensure the right individuals have access to the right IT resources, for the right reasons, at the right time.

詳細情報

Identity and Access Management (IAM)

Identity as a Service (IDaaS)

Identity as a Service (IDaaS) is an Identity and Access Management solution delivered in the form of a cloud-based service hosted and managed by a trusted third party. An IDaaS offering combines all the functions and benefits of an enterprise-class IAM solution with all the economic and operational advantages of a cloud-based service.

詳細情報

Identity as a Service (IDaaS)

Identity Governance and Administration (IGA)

Identity Governance and Administration (IGA) solutions efficiently manage digital identities and access rights across diverse systems and are used by corporate information security, risk management, compliance teams and IT organizations.

詳細情報

Identity Governance and Administration (IGA)

Identity Lifecycle Management

Identity lifecycle management refers to the process of managing the user identities and evolving access privileges of employees and contractors throughout their tenure—from day one through separation.

詳細情報

Identity Lifecycle Management

Identity Orchestration

Learn everything you need to know identity orchestration and how it automates identity management workflows without writing custom codes or scripts.

詳細情報

Identity Orchestration

Identity Security

Identity Security is a comprehensive solution for securing all identities– human or machine – throughout the cycle of accessing critical assets.

詳細情報

Identity Security

Identity Threat Detection and Response (ITDR)

Identity Threat Detection and Response (ITDR) is a security discipline consisting of cyber threat intelligence, behavior analysis, tools and structured processes to enhance identity infrastructure security and accelerate the remediation of identity-centric attacks.

詳細情報

Identity Threat Detection and Response (ITDR)

Intelligent Privilege Controls

Intelligent privilege controls are security measures designed to manage access to enterprise resources based on real-time risk assessments and contextual factors.

詳細情報

Intelligent Privilege Controls

ISO

ISO stands for the International Organization for Standardization that sets standards for quality, safety, efficiency and interoperability across industries.

詳細情報

ISO

J

Just-In-Time Access ジャストインタイムアクセス

ジャストインタイム(JIT)アクセスを使用することで、組織は必要なタスクを実行するために、人および人以外のユーザーをリアルタイムで昇格させて、アプリケーションまたはシステムへの高度できめ細かな特権アクセスを提供することができます。ランサムウェアは、攻撃者が被害者から身代金を獲得することを目的に開発されたマルウェアの一種です。

詳細情報

Just-In-Time Access ジャストインタイムアクセス

K

Kubernetes

Kubernetes, also known as K8s, is a popular open-source container orchestration platform designed for cloud portability across hybrid and multi-cloud infrastructure. 

詳細情報

Kubernetes

L

Least Privilege 最小特権

最小特権の原則(PoLP)は、ユーザーが職務を遂行するために必要な最小限のレベルのアクセス(または許可)をユーザーに与える情報セキュリティの概念です。最小特権の原則は、サイバーセキュリティのベストプラクティスであると広く考えられており、価値の高いデータおよび資産への特権アクセスを保護するための基本的なステップです。

詳細情報

Least Privilege 最小特権

M

Machine Identity

Machine identities are digital entities used to identify, authenticate and authorize machines, devices, and IT infrastructure that is not associated with a human.

詳細情報

Machine Identity

Malware マルウェア

マルウェアとは、エンドユーザーが気付かないうちにコンピュータ、サーバー、クライアント、またはコンピュータネットワークやインフラストラクチャに損害や危害を与えるように設計された、あらゆる種類の悪意のあるソフトウェアの総称です。サイバー攻撃者は、さまざまな理由でマルウェアを作成、使用、販売していますが、財務情報、ビジネス情報を盗むために最も頻繁に使用されています。

詳細情報

Malware マルウェア

MITRE ATT&CK Framework

Mitre Att&ck is an open framework for implementing cybersecurity detection and response programs that includes a global knowledge base of adversarial TTPs.

詳細情報

MITRE ATT&CK Framework

Multi-cloud

Multi-cloud leverages two or more cloud services from more than one cloud provider. In the enterprise, multi-cloud typically refers to running enterprise applications on platform-as-a-service (PaaS) or infrastructure-as-a-service (IaaS) from multiple cloud service providers, such as Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM cloud and Microsoft Azure.

詳細情報

Multi-cloud

Multi-Factor Authentication (MFA)

Multi-Factor Authentication is a method for using contextual information and business rules to determine which authentication factors to apply to a particular user in a particular situation. Businesses use MFA to balance security requirements with the user experience.

詳細情報

Multi-Factor Authentication (MFA)

N

NIS2 Directive

The NIS2 (Network and Information Security) Directive is a regulatory framework established by the European Union(EU) to enhance the cybersecurity of critical infrastructure and digital service providers.

詳細情報

NIS2 Directive

NIST CSF 2.0

NIST CSF 2.0 is a new version of the original National Institute of Standards and Technology Cybersecurity Framework, help to manage and mitigate cybersecurity risks.

詳細情報

NIST CSF 2.0

NIST SP 800-207

NIST SP 800-207 is a guidance published by the National Institute of Standards and Technology. A part of NIST SP 800 series for information security and cybersecurity.

詳細情報

NIST SP 800-207

Non-Human Identity

Non-human Identities are digital entities used to identify, authenticate and authorize machines, devices, and IT infrastructure that is not associated with a human.

詳細情報

Non-Human Identity

O

Operational Technology (OT) Cybersecurity

Operational Technology (OT) cybersecurity is a key component of protecting the uptime, security and safety of industrial environments and critical infrastructure.

詳細情報

Operational Technology (OT) Cybersecurity

P

Passwordless Authentication

Passwordless Authentication is an authentication method that allows a user to gain access to an application or IT system without entering a password or answering security questions.

詳細情報

Passwordless Authentication

PCI-DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of security practices to protect cardholder data and prevent credit card fraud.

詳細情報

PCI-DSS

Phishing Attack

A phishing attack is a social engineering tactic commonly used to steal confidential data or deliver ransomware or some other form of malware.

詳細情報

Phishing Attack

Privileged Access Management (PAM) 特権アクセス管理

特権アクセス管理(PAM)とは、ユーザー、プロセス、テクノロジーで構成される包括的なサイバーセキュリティ戦略です。これには、企業のIT環境全体にわたるすべての人および人以外の特権IDとアクティビティの制御、監視、保護、監査が含まれます。組織は、特権アクセス管理を実施して、認証情報の盗難や特権の悪用によって引き起こされる脅威に対する保護を行っています。

詳細情報

Privileged Access Management (PAM) 特権アクセス管理

Q

R

Ransomware ランサムウェア

ランサムウェアは、攻撃者が被害者から身代金を獲得することを目的に開発されたマルウェアの一種です。ランサムウェアに感染すると、ユーザーは身代金を支払うまでファイル、アプリケーション、システムを使用できなくなります。身代金は通常、ビットコインのような追跡不可能な通貨で支払われています。

詳細情報

Ransomware ランサムウェア

Remote Access Security

Remote access security solutions authenticate users who are accessing business applications and IT systems from outside the private enterprise network.

詳細情報

Remote Access Security

Remote Work Security

Remote work security safely extends business applications and services to teleworkers and nomadic users without impairing user experience or satisfaction.

詳細情報

Remote Work Security

Robotic Process Automation ロボテックプロセスオートメーション

ロボテックプロセスオートメーション(RPA)は、組織が標準化されたタスクを部分的または完全に自動化できるオートメーション技術です。ロボテックプロセスオートメーションソフトウェアロボット(「ボット」)は、作業を実行する人の動作を模倣できます。

詳細情報

Robotic Process Automation ロボテックプロセスオートメーション

S

SaaS

サービスとしてのソフトウェア(SaaS)は、サービスプロバイダーがアプリケーションをホストし、インターネット経由で顧客が利用できるようするソフトウェアのライセンスおよび配布モデルです。SaaSは「オンデマンドソフトウェア」、「ホスト型ソフトウェア」、「Webベースのソフトウェア」とも呼ばれ、デジタルトランスフォーメーションの基本要素のひとつである、クラウドコンピューティングの3つの主要コンポーネントのひとつです。

詳細情報

SaaS

Secrets Management シークレット管理

シークレット管理により、組織は人以外のIDに対してセキュリティポリシーを一貫して実施できます。シークレット管理は、認証および承認されたエンティティのみがアクセスできるようにして、ツールスタック、プラットフォーム、クラウド環境全体にわたってリソースを保証します。

詳細情報

Secrets Management シークレット管理

Security Assertion Markup Language (SAML)

Security Assertion Markup Language (SAML) provides a standard way for businesses and application providers to share user authentication and authorization data and federate identity management functionality.

詳細情報

Security Assertion Markup Language (SAML)

Security Framework

A security framework is a set of documented standards, policies, procedures, and best practices intended to enhance an organization’s security and reduce risk.

詳細情報

Security Framework

Security Operations (SecOps)

Security Operations (SecOps) is the practice of combining internal information security and IT operations practices to improve collaboration and reduce risks.

詳細情報

Security Operations (SecOps)

Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that lets users access multiple applications and services using a single set of login credentials. SSO can help businesses improve user satisfaction and productivity, strengthen access security, and reduce IT operations expense and complexity.

詳細情報

Single Sign-On (SSO)

SOC 2

SOC 2 is a security compliance framework developed by the American Institute of Certified Public Accountants (AICPA) to securely manage customer data within the cloud.

詳細情報

SOC 2

Social Engineering

Social engineering is a manipulation technique aimed at tricking individuals into revealing sensitive information

詳細情報

Social Engineering

SWIFT Compliance

The Society of Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative founded in 1973 by members of the financial community with proprietary network.

詳細情報

SWIFT Compliance

Synthetic Identity

Synthetic identity refers to a counterfeit identity formed by combining a mix of genuine and false information, blurring the line between physical and digital characteristics that identify a human being.

詳細情報

Synthetic Identity

T

TEA (Time, Entitlements and Approvals)

TEA is a security concept that enhances access control by managing when, how much, and under what conditions users or systems can access resources.

詳細情報

TEA (Time, Entitlements and Approvals)

Temporary Elevated Access Management

Temporary elevated access management (TEAM) access methodology helps organizations elevate privileges for human and non-human users in real time to provide granular access to an application or system in order to perform a necessary task.

詳細情報

Temporary Elevated Access Management

Third-Party Access

Third-party access is the process of granting external vendors and service providers secure access to IT assets for maintenance, administration and management.

詳細情報

Third-Party Access

U

User Behavior Analytics

User behavior analytics use AI and machine learning to analyze large datasets to identify security breaches, data exfiltration and other malicious activities.

詳細情報

User Behavior Analytics

V

Virtual Directory

A virtual directory is an Identity and Access Management architectural component that gives identity consumers a consolidated and unified view of identity management information stored in multiple disparate data repositories.

詳細情報

Virtual Directory

W

X

Y

Z

Zero Standing Privileges

Zero Standing Privileges (ZSP) is an identity security principle that advocates for the removal of all persistent privileges for users within an enterprise’s estate. Practically, Zero Standing Privileges is a progression from the concept of just-in-time access.

詳細情報

Zero Standing Privileges

Zero Trust ゼロトラスト

ゼロトラストは、最新のデジタルビジネス環境を保護するために考案された戦略的なサイバーセキュリティモデルです。ゼロトラストは、ネットワーク境界の外側のみならず内側であっても、すべてを信頼しないという考え方に基づいています。ゼロトラストモデルでは、組織のシステムへのアクセスを許可する前に、接続を試みるすべてのユーザーおよび活動を検証する必要があります。

詳細情報

Zero Trust ゼロトラスト