Computer security

Virus Bulletin is a magazine about the prevention, detection and removal of malware and spam.

A backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, cryptosystem or algorithm etc.

A CAPTCHA (a backronym for "Completely Automated Public Turing test to tell Computers and Humans Apart") is a type of challenge-response test used in computing to determine whether or not the user is human.

Computer and network surveillance is the monitoring of computer activity and data stored on a hard drive, or data being transferred over computer networks such as the Internet.

In computing, FreeIPA – an open-source project sponsored by Red Hat – aims to provide an easily managed Identity, Policy, and Audit (IPA)software suite primarily targeted towards networks of Linux and Unix computers.

Sandboxie is a sandbox-based isolation program developed by Invincea (which acquired it from the original author Ronen Tzur), for 32- and 64-bit Windows NT-based operating systems.

The Chaos Computer Club (CCC) is Europe's largest association of hackers.

The Federal Office for Information Security (German: Bundesamt für Sicherheit in der Informationstechnik, abbreviated as BSI) is the German Upper-level Federal agency in charge of managing computer and communication security for the German government.

Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted information.

Data integrity is the maintenance of, and the assurance of the accuracy and consistency of, data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data.

In information security, computer science, and other fields, the principle of least privilege (also known as the principle of minimal privilege or the principle of least authority) requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.

An information security management system (ISMS) is a set of policies concerned with information security management or IT related risks.

Regin (also known as Prax or WarriorPride) is a sophisticated malware toolkit revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014.

VirusTotal is a website, created by the Spanish security company Hispasec Sistemas.

Perfect Dark (パーフェクトダーク) is a peer-to-peer file-sharing (P2P) application from Japan designed for use with Microsoft Windows.

The Cyber Intelligence Sharing and Protection Act (CISPA H.R. 3523 (112th Congress), H.R. 624 (113th Congress), H.R. 234 (114th Congress)) is a proposed law in the United States which would allow for the sharing of Internet traffic information between the U.

Honeyd is an open source computer program created by Niels Provos that allows a user to set up and run multiple virtual hosts on a computer network.

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC).

dvdisaster is a computer program aimed to enhance data survivability on optical discs by creating error detection and correction data, which is used for data recovery.

NetIQ Identity Manager (a.k.a. IDM) was formerly owned by Novell.

FreeS/WAN, for Free Secure Wide-Area Networking, was a free software project, which implemented a reference version of the IPsec network security layer for Linux.

In computer programming, the term hooking covers a range of techniques used to alter or augment the behavior of an operating system, of applications, or of other software components by intercepting function calls or messages or events passed between software components.

Security Vision – software meant for automation of information security management system (ISMS) organisation.

FreeRADIUS is a modular, high performance free RADIUS suite developed and distributed under the GNU General Public License, version 2, and is free for download and use.

GoodSync is a backup and file synchronization program.

Higgins is an open source project dedicated to giving individuals more control over their personal identity, profile and social network data.

TotalRecovery is a backup and recovery software product, developed by FarStone Technology.

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

Cybercrime, or computer crime, is crime that involves a computer and a network.

Carrier IQ was a privately owned mobile software company founded in 2005 in Sunnyvale, California.

In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network.

Deep Freeze, by Faronics, is an application available for the Microsoft Windows, and Mac OS X operating systems which allows system administrators to protect the core operating system and configuration files on a workstation or server by restoring a computer back to its original configuration each time the computer restarts.

The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic.

Linter SQL RDBMS is the main product of RELEX Group.

Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations.

AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.

UserGate Web Filter performs Internet filtering for large and medium business, educational institutions, Internet providers, and public Wi-Fi access points.

Open Threat Exchange (OTX) is the world's largest crowd-sourced computer-security platform with more than 26,000 participants in 140 countries who share more than one million potential threats daily.

TOFU or TUFU are information security slang acronyms which mean Trust On First Use or Trust Upon First Use.

Hackers Wanted is an unreleased American documentary film.

Idaho National Laboratory ran the Aurora Generator Test in 2007 to demonstrate how a cyber attack could destroy physical components of the electric grid.

CloudPassage is a company that provides an automation platform, delivered via software as a service, that improves security for private, public, and hybrid cloud computing environments.

Michigan Cyber Range was established by Merit Network in the summer of 2012 to teach cybersecurity certification courses and to provide cybersecurity-related services.

RiskIQ is a cyber security company based in San Francisco, California.

In computer science, a typed assembly language (TAL) is an assembly language that is extended to include a method of annotating the datatype of each value that is manipulated by the code.

Rublon is a two-factor authentication system that acts as an additional security layer which protects the password-based login process to web applications.

VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems.

Blue Coat Systems Inc.

A packet analyzer (also known as a network analyzer, protocol analyzer or packet sniffer—or, for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or piece of computer hardware that can intercept and log traffic that passes over a digital network or part of a network.

Footprinting (also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to.

seccomp (short for secure computing mode) is a computer security facility that provides an application sandboxing mechanism in the Linux kernel.

Securing coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities.

A security bug or security defect is a software bug that can be exploited to gain unauthorized access or privileges on a computer system.

SekChek Classic comprises a set of automated computer security audit and benchmarking tools for non-mainframe platforms developed by SekChek IPS in 1996.

SekChek Local is a set of automated computer security audit and benchmarking tools developed by SekChek IPS in March 2008.

The Cybersecurity Information Sharing Act (CISA S. 2588 [113th Congress], S. 754 [114th Congress]) is a United States federal law designed to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes".

Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction.

The Spanish Network of Excellence on Cybersecurity Research (RENIC), is a research initiative to promote cybersecurity interests in Spain.

The Cyber Threat Intelligence Integration Center (CTIIC) is a new United States federal government agency that will be a fusion center between existing agencies and the private sector for real-time use against cyber attacks.

Co-founders Gaby Friedlander and Avi Amos founded ObserveIT in USA in 2006.

Safe-T provides solutions that allow securing the exchange of data as well as securing the access to data.

Anomaly Detection at Multiple Scales, or ADAMS, is a $35 million DARPA project designed to identify patterns and anomalies in very large data sets.

Proactive Discovery of Insider Threats Using Graph Analysis and Learning or PRODIGAL is a computer system for predicting anomalous behavior amongst humans by data mining network traffic such as emails, text messages and log entries.

McAfee Institute Inc.

An authenticated session is a form of protocol that precedes the execution of a web application.

The term Trustworthy Computing (TwC) has been applied to computing systems that are inherently secure, available, and reliable.

The Agence nationale de la sécurité des systèmes d'information (ANSSI) (English: National Cybersecurity Agency of France) is a French service created on 7 July 2009 with responsibility for computer security.

Humming Heads Inc.

Project Zero is the name of a team of security analysts employed by Google tasked with finding zero-day exploits.

EnCase is the shared technology within a suite of digital investigations products by Guidance Software.

The Computer Law & Security Review is a journal accessible to a wide range of professional legal and IT practitioners, businesses, academics, researchers, libraries and organisations in both the public and private sectors, the Computer Law and Security Review regularly covers: The Journal's Correspondent Panel includes more than 40 specialists in IT law and security - between them offering expert analysis on all aspects of this fast moving field of law - spotting trends, highlighting practical concerns, monitoring new problems, and outlining key developments.

HEAT LANrev (formerly Absolute Manage) is systems lifecycle management software used by system administrators to automate IT administration tasks.

Penta Security Systems Inc.