MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...

Incident Response Services

Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...

Gartner Recognised

Integrity360 has been recognised as a Gartner Representative Vendor.

Download our MDR ebook

Many organisations are turning to managed service providers and MDR services. Find out why in our ebook.

The Reality of Ransomware: What you need to know in 2024

In 2024, the landscape of ransomware attacks will continue to evolve, drawing from past trends while adapting to new defences and technologies. 

How should organisations respond to a data breach?

In this blog we look at how an organisation should respond to a data breach.

Your guide to 2025: Trends and Predictions

Stay ahead of the latest cyber security industry developments, advancements and threats, and understand how you can best protect your organisation.

Choosing your cyber security framework

Learn about seven of the most popular cyber security frameworks being used by businesses around the world.

MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed

Integrity360 Expands into France

As part of its global expansion plan Integrity360 has acquired Holiseum

Integrity360 Expands into France

As part of its global expansion plan Integrity360 has acquired Holiseum

Integrity360 Accelerates Global Expansion

As part of its global expansion plan Integrity360 has acquired Grove Group, headquartered in Cape Town, South Africa.
Integrity360 Emergency Incident Response button Under Attack?

The A-Z Glossary of cyber security terms

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

A

 

An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet.

A list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.

A wireless access point, or more generally just access point, is a networking hardware device that allows other Wi-Fi devices to connect to a wired network.

These are the permissions that are granted to a user, or to an application, to read, write and erase files in the computer.

The process in managing account privileges.

An ad hoc network is a network that is composed of individual devices communicating with each other directly.

A level of permission that allows a user to install software, and change configuration settings. Integrity360 Tip – Ensure that staff only have access to the things they need to do their jobs.

An advanced persistent threat is an attack in which an unauthorised user gains access to a system or network and remains there for an extended period of time without being detected.

Malware that when installed forces a device to display and/or download advertisements automatically.

Software which makes it harder for an attacker to modify it. Also see code obfuscation.

The method of protection against the copying of computer software, illegal copies of copyrighted music, games, software, electronic books, and movies — or the prevention of streaming content without permission.

Antivirus software, or anti-virus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.

A software program that runs on your device. They include mobile apps, web browsers, email programs, word processors and games.

A security practice that blocks or restricts unauthorised applications from executing in ways that put data at risk.

An organisation with a set of security services and tools to conduct external vulnerability scanning of a network.

Any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.

A continuous process of discovering, analysing, and monitoring all internet-facing assets and exposures that could be targeted by threat actors. ASM helps organisations identify unknown or unmanaged assets, prioritise risks, and reduce their overall attack surface before attackers can exploit it.

The method route by which a hacker attacks an organisation. They enable hackers to exploit system vulnerabilities, including the human element.

A manual or systematic measurable technical assessment of a system or application.

The act of proving an assertion, such as the identity of a computer system user.

A security mechanism used to determine user/client privileges or access levels related to system resources, including computer programs, files, services, data and application features. Also see Admin Privilege.

A technology by which a process or procedure is performed with minimal human assistance

A virus that hijacks an autorun.inf file and runs on your computer without your consent.

B

 

A backdoor is used to describe a hidden method of bypassing security to gain access to a restricted part of a computer system.

To make a copy of data stored on a computer or server to reduce the potential impact of failure or loss.

Online baiting involves enticing a victim with an incentive.

Business Email Compromise attacks (also see Whaling).

Recording the events and activities of a system and its users to ensure they comply with security policy.

A cryptocurrency, a form of electronic money.

A person who attempts to find vulnerabilities and exploit them for personal financial gain or other malicious reasons.

A security mechanism that prohibits the execution of programs on a known malicious or undesired list of software.

A form of cyber attack that is made up of multiple attack vectors. Such attacks often cause severe damage to the intended victim.

Bluetooth is a wireless technology for exchanging data over short distances.

A software application that runs automated tasks over the Internet.

A botnet is a collection of internet-connected devices, which may include PCs, servers and mobile devices that are infected and controlled by a common type of malware.

The policy of permitting employees to bring personally owned devices to their workplace, and to use those devices to access privileged company information and applications.

High-speed data transmission system where the communications circuit is shared between multiple users.

A browser is software that is used to access the internet. The most popular web browsers are Chrome, Firefox, Safari, Internet Explorer, and Edge.

A form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. 

An attacker using trial and error in order to hopefully guess your password or passphrase.

A bug refers to an error, fault or flaw in a computer program that may cause it to unexpectedly quit or behave in an unintended manner.

A plan to help ensure that business processes can continue during a time of emergency or disaster. Also see Incident Response planning.

A unit of digital information that most commonly consists of eight bits, representing a binary number.

C

 

A test to determine whether the user is a human.

The unintelligible data created as a result of encryption.

A technique used by an attacker to inject malicious code in clickable content in websites.

The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.

Protection of data, infrastructure and applications involved in cloud computing.

Code obfuscation takes well-engineered code and makes it difficult for an attacker to understand. A cyber criminal’s first step of an attack is to analyze code and gain an understanding of your app logic—with code obfuscation, hackers can’t get started.

Machines that an attacker uses to communicate with a botnet and control compromised computers in the network. 

Also known as data compromise or data breach. Occurs when a security system has been bypassed maliciously or accidentally.

Evaluation to determine if systems have been breached.

The establishment of a security perimeter and of internal security requirements with the goal of defending a network against cyberattacks, intrusions and other violations.

A computer worm targeting the Microsoft Windows operating system that was first detected in November 2008.

Assessment of system configurations to ensure security best practices.

A screen and keyboard which permits access and control of a server, mainframe computer or other system type in a networked environment.

Is when an attacker tricks their victims into visiting a fake website that looks like the real one.

A proactive approach to cyber security that continuously identifies, prioritises, and helps remediate exposures across an organisation’s digital environment. CTEM integrates threat intelligence, asset discovery, and risk context to help security teams focus on what matters most—reducing real-world attack paths before they can be exploited.

Cookies are small files which are stored on a user’s computer.  Cookies provide a way for the website to recognize you and keep track of your preferences.

A fix for a specific problem that addresses a critical, non-security-related bug in computer software.

A technique used by hackers to plant a malicious code into a genuine website allowing them to gather a user’s information and use it for nefarious purposes.

A form of malware that spreads in the form of a worm and encrypts victims' data.

A form of digital currency where encryption techniques are used to regulate the generation of currency and verify its transfer, independent of a central bank.

Evaluation of an organisation's cyber security posture and capabilities.

The protection of computer systems from the theft of or damage to their hardware, software, or electronic data.

When nation states use information technology to penetrate other nations’ networks to cause damage or obtain sensitive information.

Resource placement service providing skilled technical professionals for specific durations.

A crime that involves a computer and a network.

The practice of facilitating illegal activities for cybercriminals through the provisioning of services.

The unethical act of violating the privacy and security of an organisation in order to leak data or disclose internal/private/confidential information.

D

 

The part of the internet that isn’t indexed by search engines such as Google.

Information processed or stored by a computer.

The release of private or confidential information either done intentionally, or unintentionally.

A security strategy and set of tools designed to detect and prevent the unauthorised sharing, transmission, or leakage of sensitive data. DLP helps protect intellectual property, personal data, and confidential information by monitoring user activity, enforcing policies, and blocking risky actions across endpoints, networks, and cloud environments.

The process of selecting, preparing, extracting, and transforming data and permanently transferring it from one computer storage system to another.

The process of discovering patterns in large data sets.

The act of stealing data.

An organised collection of data and structured information.

The act that transforms ciphertext produced by the cryptographic function of encryption back into its original plaintext or cleartext form.

An account that is predefined in a system, application, or device to permit initial access when the system is first put into service.

A standard pre-configured password for a device. Integrity360 Tip: Default passwords are notoriously weak and should be changed as quickly as possible.

A malicious attempt to disrupt normal traffic of a targeted server, network or service by overwhelming the target with a flood of internet traffic.

A method that allows researchers to investigate data without revealing confidential information.

A digital passport or stamp of approval that proves the identity of a person, website or service on the internet.

Investigation and analysis of digital evidence following security incidents.

The recovery and investigation of material found in digital devices, often in relation to cybercrime.

The use of technology to control and manage access to copyrighted material.

Is a digital rights management technology that restricts digital home technologies including DVD players and televisions by encrypting interconnections between devices.

A technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.

Occurs when multiple systems flood the bandwidth or resources of a targeted system. Such an attack is often the result of multiple compromised systems such as a botnet flooding the targeted system with traffic.

The main function of DNS is to translate domain names into IP Addresses, which computers can understand.

An attack in which DNS queries are wrongly resolved in order to unexpectedly send users to malicious sites.

An EU regulation aimed at strengthening the IT security and resilience of financial institutions. DORA requires firms to ensure they can withstand, respond to, and recover from all types of ICT-related disruptions and threats. It mandates risk management, incident reporting, resilience testing, third-party oversight, and compliance with a unified framework across the EU.

The unintentional downloading of malicious code to your computer or mobile device that leaves you open to a cyberattack.

E

 

Immediate action and support during active security breaches.

To detect if an application is being run on an emulator.

Are used by hackers to prepare attacks against apps and businesses. Taking an app out of its secure environment and running code on a desktop computer makes it easier for criminals to analyze code and exploit vulnerabilities.

The process of converting data from one form to another.

The process of converting information or data into a code. Normally used to prevent unauthorised access.

A type of encryption where data gets scrambled or encrypted at one end and gets decrypted at the other end.

An Internet-capable computer hardware device.

A cyber security solution focused on detecting, investigating, and responding to threats on endpoint devices such as laptops, desktops, and servers. EDR continuously monitors activity, records endpoint data, and uses analytics to identify suspicious behaviour. It enables rapid containment and remediation of threats before they can spread across a network.

A way to search for and find risks in software in various environments.

Locating vulnerabilities and weaknesses of a computer or system by duplicating the acts of a malicious hacker.

Evil access points are fake WI-FI hotspots which look like similar ones in the area. Once you are connected your data will be stolen. Integrity360 Tip: Always check to see if there are multiple hotspots with the same name close to each other. If you are unsure, use a VPN or tether to your phone.

Occurs when malware and/or a malicious actor carries out an unauthorised data transfer from a computer. A form of data theft.

A piece of software, data or commands that take advantage of a vulnerability to cause harm or theft.

A collection of exploits, which is a simple one-in-all tool for managing a variety of exploits altogether. They make it easier for non-technical people to commit criminal or harmful acts.

An external vulnerability assessment that attempts to verify whether the individual controls covering the Internet-facing perimeter network have been implemented correctly, and that obvious vulnerabilities are not present.

F

 

Malware used to scare users into downloading and installing unnecessary software.

A type of malicious software that uses legitimate programs to infect a computer. It does not rely on files and leaves no footprint, making it challenging to detect and remove.

A network security system which monitors incoming and outgoing network traffic. This is based on predetermined security rules.

Malware that works by capturing data in a web form before the form is submitted.

G

 

A device used to connect two different networks together.

The Government Communications Headquarters provides security intelligence to the British armed forces and the British government.

The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. Even though the UK voted to leave the EU in 2016, it adopted GDPR.

Support for compliance with the General Data Protection Regulation.

A unit of data storage capacity that is roughly equivalent to 1 billion bytes.

The common rules, policies and procedures that allow the Internet to function.

Green hats are the novices of the hacker world but are actively working on developing their skills. Typically, they are unaware of the consequences of their actions, making them dangerous in their own right.

A grey hat hacker is a hacker or expert who may choose to break the law or ethical standards without the same intent as a typical black hat hacker.

H

 

Someone who explores different methods of breaching and exploiting weaknesses in a security network.

A movement of people who seek to promote a political agenda by defacing websites, stealing information, redirecting traffic and launching denial-of-service attacks in support of their cause.

A hacker that commits cybercrime to further or protest a political cause.

The generating of a value or values from a string of text using a mathematical function.

A tactic used by cyber security teams to lure hackers into a computer system with the aim of capturing malware, detecting attacks or monitoring the motives and tactics of hackers.

A computer connected to a computer network.

Proactively identifies and prevents malicious network intrusions.

A physical location where people are able to obtain an internet connection. You’ll normally find these in bars, restaurants and hotels. Integrity360 Tip: be careful with what you share online via a public network/hotspot. This includes inputting personal details and bank details. Always ensure your device has VPN enabled to protect yourself against hackers.

Acronym for “hypertext transfer protocol.” Open internet protocol to transfer or convey information on the World Wide Web.

Acronym for “hypertext transfer protocol over secure socket layer. HTTPS is more secure than HTTP as it is designed for security-sensitive communication.

I

 

Identifier for a user or application.

Acronym for Intruder detection system. Software or hardware that alerts a user to intrusion attempts on a network.

A breach of an organisation’s security rules – see cyber-attack and/or data breach.

Proactive planning and readiness for potential security incidents.

Pre-arranged agreements for rapid incident response services.

The protection of information.

A framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.

The potential for employees to either deliberately or accidentally bring harm to an organisation.

The extension of Internet connectivity into physical devices and everyday objects. From smartphones to fridges, anything that is connected to the internet is an IoT device.

A network security tool that actively monitors traffic and blocks malicious activity in real time. IPS solutions detect threats such as exploits, malware, and unauthorised access attempts, and automatically take action to stop or quarantine suspicious traffic before it can cause harm.

Acronym for internet protocol.

An IP address is an Internet Protocoled Address which is a number assigned to each device connected to a computer network. An IP Address serves two functions – host or network interface identification and location addressing.

An attack technique used to gain unauthorised access to networks or computers.

Acronym for International Organisation of Standardisation, the body responsible for promoting international standards. ISO27001 for example is a specification for an information security management system.

Assistance with achieving and maintaining ISO certifications for information security.

J

 

The process by which you can figure out if an app is running on a jailbroken device or not.

A general-purpose programming language. 

A programming language commonly used in web development.

A popular image file format.

Used to access separate parts of a network. Pen testers/attackers like these while pivoting to achieve higher privileged access, in an effort to steal your IP/data.

K

 

Someone who records the keys struck on a keyboard. Most of the time, people using the keyboard are unaware. This can then lead to data being retrieved by the person operating the logging programme.

L

 

The minimum access and/or privileges necessary to perform a role or job function.

Software and/or hardware no longer supported by their original creators.

An operating system which can be used alternatively to Windows.

A group of computers and/or other devices that share a common communications line in a building or several buildings.

M

 

An application of artificial intelligence (AI) that provides systems the ability to automatically learn and improve from experience without being explicitly programmed.

Computers designed to handle very large volumes of data input and output and primarily used for bulk data processing.

Any software which has been designed to cause damage to a computer, server, computer network or client. The main types of malware are viruses, trojan horses, spyware or worms. Integrity360 tip: always ensure that your antivirus is kept up to date.

An attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

Security services for cloud-native applications.

Integration of Darktrace's AI-driven threat detection with SOC services.

Solutions to prevent unauthorised data exfiltration.

A fully managed service providing real-time threat detection, rapid containment, and expert-led remediation.

Protection for endpoint devices against cyber threats.

Firewall management services to protect networks from unauthorised access.

Services to manage and protect user identities and access.

Privileged Access Management services to control and monitor privileged accounts.

Software-defined networking services to optimise and secure wide-area networks.

A company that remotely manages a customer's IT infrastructure and/or end-user systems, typically on a proactive basis and under a subscription model.

Security Information and Event Management services that collect and analyse security data to detect threats.

Security Operations Centre services offering 24/7 monitoring and response to security incidents.

Security Service Edge and Secure Access Service Edge solutions integrating networking and security functions.

Continuous identification and remediation of system vulnerabilities.

A measure of computer processor storage and real and virtual memory.

An infamous type of malware discovered in 1999 that infected over 100,000 computers and caused an estimated $1.1 billion worth of damage to businesses worldwide.

A set of data which describes and gives information about other data. The main types are descriptive metadata, rights metadata and technical metadata.

A global technology company best known for its Windows operating system, Microsoft 365 productivity suite, Azure cloud platform, and a wide range of enterprise and security solutions. In cyber security, Microsoft provides tools for identity protection, endpoint security, threat detection, and compliance management—often integrated through Microsoft Defender and Sentinel.

A type of malware that turns networked devices running Linux into remotely controlled "bots" that can be used as part of a botnet in large-scale network attacks.

Software that doesn’t stop hacking from happening, but will mitigate the effects.

Means that a single instance of the software and its supporting infrastructure serves multiple customers. Each customer shares the software application and also shares a single database. Each tenant's data is isolated and remains invisible to other tenants.

N

 

The National Cyber Security Centre is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats.

A group of computer systems connected. This includes LANs and WANs.

Personnel responsible for managing the network within an entity.

A security solution that uses advanced analytics and machine learning to detect suspicious activity and threats across network traffic. NDR provides real-time visibility, detects lateral movement, and supports incident response by monitoring east-west traffic and uncovering threats that evade traditional perimeter defences.

The constant monitors the computer networks and notifies the administrator if there are any outages or other troubles.

An EU-wide legislation aimed at improving the cyber resilience of essential and important entities across sectors such as energy, transport, healthcare, and digital infrastructure. NIS2 expands the scope of the original NIS Directive, introduces stricter security requirements, mandatory incident reporting, and greater oversight. It applies to more organisations, including some based outside the EU if they operate within its market.

Implementation of the NIST framework to improve cyber security risk management.

A family of encrypting ransomware that was first discovered in 2016. The attack infected devices in the UK, France, Germany, Italy, Poland and the USA. The majority of infections however, were reported in Russia, and 80% in Ukraine.

O

 

Any programme whose source is available to be used or modified as a developer sees fit.

Software of a computer system that is responsible for the management and coordination of all activities and the sharing of computer resources.

Hardware and software systems that monitor and control physical processes, devices, and infrastructure. Commonly used in industries like manufacturing, energy, and transportation, OT includes industrial control systems (ICS), SCADA, and PLCs. As these systems become more connected, they are increasingly targeted by cyber threats, making OT security a critical concern.

P

 

Contains symbols, numbers and doesn’t make grammatical sense. Passphrases are normally longer than passwords and therefore can be harder for a hacker to retrieve.

A secret word or phrase used to log in to a private account.

An update to existing software to add functionality or to correct a defect.

An area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system.

The process of protecting sensitive data by replacing it with an algorithmically generated number called a token.

An attempt by an individual or “Ethical Hacker” to exploit a company’s system using, as close as possible, the methods employed by real hackers. 

Simulated cyber attacks to identify and address vulnerabilities.

An illegal attempt to obtain sensitive information. This can include your passwords and credit card details. Integrity360 tip – Phishing remains the most common form of cyber-attack. Always check the source of an email and avoid clicking on emails and attachments that don’t look legit. Look out for misspellings and grammar issues in the messages as this is a common sign of a phishing attempt.

The practice of downloading and distributing copyrighted content digitally without permission, such as music or software.

Organisation-wide rules that govern the acceptable use of computing resources, security practices, and guiding development of operational procedures.

When referring to a network or the Internet, a software or network port is a location where information is sent. When referring to a physical device, a hardware port or peripheral port is a hole or connection found on the front or back of a computer.

Is any connection within a specified network wherein restrictions are established to promote a secured environment.

A security solution that controls and monitors access to critical systems and sensitive information by privileged users such as IT administrators. PAM enforces least privilege, audits sessions, and helps prevent the misuse or compromise of high-level credentials. It is essential for protecting organisations from insider threats and external attackers targeting elevated access.

A user account with greater than basic access privileges.

Management of cyber security projects to ensure timely and effective delivery.

A server that acts as an intermediary between an internal network and the Internet.

A network established by a telecoms provider to provide data transmission services to the public. Integrity360 Tip – It’s strongly advised not to use such networks as data over public networks can be intercepted, modified, and/or diverted while in transit. E.g. the Internet.

Q

 

A network worm spreading under the Win32 systems with backdoor abilities. This worm was reported “in the wild” in JulyAugust 2000.

The standard layout on English-language typewriters and keyboards.

R

 

Ransomware is a type of malware which threatens to publish data unless a ransom is paid.

A service from Google that works to protect websites from spam and abuse caused by robots. 

The vigilantes of the hacker world. They’re like White Hats in that they halt Black Hats, but use more extreme measures to stop them actively wanting to harm them.

Advanced testing involving simulated attacks to assess security defences.

The ability to access a computer or a network remotely through a network connection.

A malware program that includes a back door for administrative control over the target computer.

A form of computer storage that is designed to be inserted and removed from a system.

The process of analyzing a compiled app to extract information about its source code. A hacker’s main goal in reverse engineering is to comprehend your code in order to execute an attack

A systematic process of evaluating the potential risks that may be involved in an activity or undertaking.

Attackers use rooting as a means to better understand how your app executes, to modify your app’s behaviour while it runs or to steal sensitive data.

The term used to describe the process of gaining root access or privileged control over devices, most commonly Android smartphones and tablets.

A type of malicious software that when installed without authorisation, can conceal its presence and gain administrative control of a computer system.

A router is a networking device that forwards data packets between computer networks.

S

 

Acronym for software as a service

Increasing security by isolating processes and browser tabs from one another and the rest of the computer.

A simple form of code.

A script kiddie is a person who lacks the expertise to write their own computer scripts, so will use existing ones to hack into computers.

A cloud-native security framework that combines network connectivity and security functions—such as SWG, CASB, ZTNA, and SD-WAN—into a unified service. SASE enables secure, scalable access to applications and data from any location or device, supporting modern hybrid work environments.

Acronym for Search Engine Optimisation, the practice of making adjustments to certain aspects of a website in an effort to improve its ranking on search engines.

A system that collects, analyses, and correlates data from various sources across an IT environment to detect potential security threats. SIEM provides real-time alerts, supports compliance reporting, and enhances incident investigation by centralising log data and applying analytics to uncover suspicious activity.

A dangerous disk wiping malware that has struck in three iterations. The first in 2012, the second in 2016 and the most recent and possibly most destructive form in December 2018.

The psychological manipulation for people to perform actions or expose confidential information.

Websites and applications that enable users to create and share content or to participate in social networking.

The programs and other operating information used by a computer.

A virtual WAN architecture that enables enterprises to securely connect users to applications using any combination of transport services including broadband, MPLS, and LTE. SD-WAN improves performance, increases agility, and reduces costs by intelligently directing traffic based on business policies and real-time network conditions.

Unsolicited email messages sent for marketing or potentially malicious purposes.

An email phishing attack that targets a specific organisation or individual, seeking unauthorised access to sensitive information.

A cyber attack where a person or programme disguises itself as something else in order to trick or win over someone’s trust.

Malware used to gain access to a user’s systems and monitor their data, files, and behaviour.

A web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It is one of the most common forms of cyber-attack.

Operations that include direct nation-state activity and proxy activity carried out by criminals and so-called hacktivists.

The malware infamous for being used in one of the most sophisticated cyber-attacks in history where it was used to attack Iran’s nuclear programme.

T

 

A discussion-based simulation used to test an organisation’s incident response and crisis management plans. Participants walk through a hypothetical cyber attack or disruption scenario to evaluate decision-making, communication, and coordination. Tabletop exercises help identify gaps in preparedness and improve readiness for real-world incidents.

Services to recruit skilled cyber security professionals.

Expert advice on designing and implementing secure IT architectures.

A unit of data storage capacity that is roughly equivalent to one trillion bytes.

Assessment and management of risks associated with third-party vendors.

A form of malware that disguises itself as a harmless computer program but allows hackers to execute a variety of attacks or steal information.

Also known as 2FA is a subset of MFA (Multi-Factor Authentication). 2FA is a two-step authentication method to confirm your identity. The first stage will typically be a password, followed by another form of identity.

U

 

URL is the Uniform Resource Locator which is used to specify address on the web. Integrity360 Tip: if you are sent a URL, always check how the URL has been configured. You can do this by checking for incorrect spelling, letters replaced by characters, special characters inserted, an unusual ending to the URL or an IP address inserted.

V

 

A VPN allows you to create a secure connection to another network over the internet.

The most common term used to describe malicious software that replicates itself by modifying other computer programmes and inserting its own code. Once it succeeds, the areas are said to be infected.

A computer program designed to assess computers, networks or applications for known weaknesses. Integrity360 Tip: Vulnerability scans should be carried on a regular basis. With new threats emerging all the time you shouldn’t just scan once a year.

W

 

Ransomware crypto worm that targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

The setting up of a fake website in order to exploit unaware visitors.

Acronym for Wired Equivalent Privacy, a wireless security protocol.

A type of phishing attack that targets an organisations leader (the big fish) or executives. A whaling attack is also known as a C-level fraud and BEC (business email scams).

Also known as Ethical Hacking/Penetration Testing.

Approved applications for use in an organisation.

A facility allowing computers, smartphones, or other devices to connect to the Internet or communicate with one another wirelessly within a particular area.

Acronym for Wi-Fi protected access.  A security standard for users of computing devices equipped with wireless internet connections.

X

 

A unified security solution that collects and correlates data across multiple security layers—such as endpoints, networks, servers, and cloud workloads—for improved threat detection and response. XDR provides broader visibility, faster investigations, and more efficient incident response by integrating security tools into a single platform.

eXtensible HyperText Markup language. A hybrid of XML and HTML to display web pages on portable and network devices.

Used to send data to an alternative device.

Y

 

A big security scare in the lead up to the year 2000. Also known as the millennium bug.

Sends data in 1024-byte blocks which allows for simultaneous file transmissions and can reduce file sizes for poor connections

Z

 

Discovered vulnerabilities not yet known to vendors or antivirus companies, that hackers can exploit.

A security framework that assumes no user, device, or application whether inside or outside the network can be trusted by default. Access is granted based on strict identity verification, least privilege principles, and continuous monitoring. Zero Trust helps prevent lateral movement across networks and is especially effective in hybrid and remote work environments.

Locations

Dublin, Ireland

London, United Kingdom

Stockholm, Sweden

Sofia, Bulgaria

Ludwigsburg, Germany

Madrid, Spain

Cape Town, South Africa

Johannesburg. South Africa

Kyiv, Ukraine

Naples, Italy

Vilnius, Lithuania

 

© 2025 Integrity360, All rights reserved