Computer security

2017-07-28T19:10:07+03:00[Europe/Moscow] en true Virus Bulletin, Backdoor (computing), CAPTCHA, Computer and network surveillance, FreeIPA, Sandboxie, Chaos Computer Club, Federal Office for Information Security, Reverse engineering, Data integrity, Principle of least privilege, Information security management system, Regin (malware), VirusTotal, Perfect Dark (P2P), Cyber Intelligence Sharing and Protection Act, Honeyd, Security-Enhanced Linux, Dvdisaster, NetIQ Identity Manager, FreeS/WAN, Hooking, Security Vision, FreeRADIUS, GoodSync, Higgins project, TotalRecovery, Phishing, Cybercrime, Carrier IQ, ARP spoofing, Deep Freeze (software), Classified information in the United States, Linter SQL RDBMS, Off-the-Record Messaging, AppArmor, UserGate Web Filter, Open Threat Exchange, Trust on first use, Hackers Wanted, Aurora Generator Test, CloudPassage, Michigan Cyber Range, RiskIQ, Typed assembly language, Rublon, VPN blocking, Blue Coat Systems, Packet analyzer, Footprinting, Seccomp, Secure coding, Security bug, SekChek Classic, SekChek Local, Cybersecurity Information Sharing Act, Information security, Spanish Network of Excellence on Cybersecurity Research, Cyber Threat Intelligence Integration Center, Observeit, Safe-T, Anomaly Detection at Multiple Scales, Proactive Discovery of Insider Threats Using Graph Analysis and Learning, McAfee Institute, Authenticated session, Trustworthy computing, Agence nationale de la sécurité des systèmes d'information, Humming Heads, Project Zero (Google), EnCase, Computer Law & Security Review, HEAT LANrev, Penta Security flashcards Computer security
Click to flip
  • Virus Bulletin
    Virus Bulletin is a magazine about the prevention, detection and removal of malware and spam.
  • Backdoor (computing)
    A backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, cryptosystem or algorithm etc.
  • CAPTCHA
    A CAPTCHA (a backronym for "Completely Automated Public Turing test to tell Computers and Humans Apart") is a type of challenge-response test used in computing to determine whether or not the user is human.
  • Computer and network surveillance
    Computer and network surveillance is the monitoring of computer activity and data stored on a hard drive, or data being transferred over computer networks such as the Internet.
  • FreeIPA
    In computing, FreeIPA – an open-source project sponsored by Red Hat – aims to provide an easily managed Identity, Policy, and Audit (IPA)software suite primarily targeted towards networks of Linux and Unix computers.
  • Sandboxie
    Sandboxie is a sandbox-based isolation program developed by Invincea (which acquired it from the original author Ronen Tzur), for 32- and 64-bit Windows NT-based operating systems.
  • Chaos Computer Club
    The Chaos Computer Club (CCC) is Europe's largest association of hackers.
  • Federal Office for Information Security
    The Federal Office for Information Security (German: Bundesamt für Sicherheit in der Informationstechnik, abbreviated as BSI) is the German Upper-level Federal agency in charge of managing computer and communication security for the German government.
  • Reverse engineering
    Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted information.
  • Data integrity
    Data integrity is the maintenance of, and the assurance of the accuracy and consistency of, data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data.
  • Principle of least privilege
    In information security, computer science, and other fields, the principle of least privilege (also known as the principle of minimal privilege or the principle of least authority) requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
  • Information security management system
    An information security management system (ISMS) is a set of policies concerned with information security management or IT related risks.
  • Regin (malware)
    Regin (also known as Prax or WarriorPride) is a sophisticated malware toolkit revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014.
  • VirusTotal
    VirusTotal is a website, created by the Spanish security company Hispasec Sistemas.
  • Perfect Dark (P2P)
    Perfect Dark (パーフェクトダーク) is a peer-to-peer file-sharing (P2P) application from Japan designed for use with Microsoft Windows.
  • Cyber Intelligence Sharing and Protection Act
    The Cyber Intelligence Sharing and Protection Act (CISPA H.R. 3523 (112th Congress), H.R. 624 (113th Congress), H.R. 234 (114th Congress)) is a proposed law in the United States which would allow for the sharing of Internet traffic information between the U.
  • Honeyd
    Honeyd is an open source computer program created by Niels Provos that allows a user to set up and run multiple virtual hosts on a computer network.
  • Security-Enhanced Linux
    Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC).
  • Dvdisaster
    dvdisaster is a computer program aimed to enhance data survivability on optical discs by creating error detection and correction data, which is used for data recovery.
  • NetIQ Identity Manager
    NetIQ Identity Manager (a.k.a. IDM) was formerly owned by Novell.
  • FreeS/WAN
    FreeS/WAN, for Free Secure Wide-Area Networking, was a free software project, which implemented a reference version of the IPsec network security layer for Linux.
  • Hooking
    In computer programming, the term hooking covers a range of techniques used to alter or augment the behavior of an operating system, of applications, or of other software components by intercepting function calls or messages or events passed between software components.
  • Security Vision
    Security Vision – software meant for automation of information security management system (ISMS) organisation.
  • FreeRADIUS
    FreeRADIUS is a modular, high performance free RADIUS suite developed and distributed under the GNU General Public License, version 2, and is free for download and use.
  • GoodSync
    GoodSync is a backup and file synchronization program.
  • Higgins project
    Higgins is an open source project dedicated to giving individuals more control over their personal identity, profile and social network data.
  • TotalRecovery
    TotalRecovery is a backup and recovery software product, developed by FarStone Technology.
  • Phishing
    Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
  • Cybercrime
    Cybercrime, or computer crime, is crime that involves a computer and a network.
  • Carrier IQ
    Carrier IQ was a privately owned mobile software company founded in 2005 in Sunnyvale, California.
  • ARP spoofing
    In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network.
  • Deep Freeze (software)
    Deep Freeze, by Faronics, is an application available for the Microsoft Windows, and Mac OS X operating systems which allows system administrators to protect the core operating system and configuration files on a workstation or server by restoring a computer back to its original configuration each time the computer restarts.
  • Classified information in the United States
    The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic.
  • Linter SQL RDBMS
    Linter SQL RDBMS is the main product of RELEX Group.
  • Off-the-Record Messaging
    Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations.
  • AppArmor
    AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.
  • UserGate Web Filter
    UserGate Web Filter performs Internet filtering for large and medium business, educational institutions, Internet providers, and public Wi-Fi access points.
  • Open Threat Exchange
    Open Threat Exchange (OTX) is the world's largest crowd-sourced computer-security platform with more than 26,000 participants in 140 countries who share more than one million potential threats daily.
  • Trust on first use
    TOFU or TUFU are information security slang acronyms which mean Trust On First Use or Trust Upon First Use.
  • Hackers Wanted
    Hackers Wanted is an unreleased American documentary film.
  • Aurora Generator Test
    Idaho National Laboratory ran the Aurora Generator Test in 2007 to demonstrate how a cyber attack could destroy physical components of the electric grid.
  • CloudPassage
    CloudPassage is a company that provides an automation platform, delivered via software as a service, that improves security for private, public, and hybrid cloud computing environments.
  • Michigan Cyber Range
    Michigan Cyber Range was established by Merit Network in the summer of 2012 to teach cybersecurity certification courses and to provide cybersecurity-related services.
  • RiskIQ
    RiskIQ is a cyber security company based in San Francisco, California.
  • Typed assembly language
    In computer science, a typed assembly language (TAL) is an assembly language that is extended to include a method of annotating the datatype of each value that is manipulated by the code.
  • Rublon
    Rublon is a two-factor authentication system that acts as an additional security layer which protects the password-based login process to web applications.
  • VPN blocking
    VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems.
  • Blue Coat Systems
    Blue Coat Systems Inc.
  • Packet analyzer
    A packet analyzer (also known as a network analyzer, protocol analyzer or packet sniffer—or, for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or piece of computer hardware that can intercept and log traffic that passes over a digital network or part of a network.
  • Footprinting
    Footprinting (also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to.
  • Seccomp
    seccomp (short for secure computing mode) is a computer security facility that provides an application sandboxing mechanism in the Linux kernel.
  • Secure coding
    Securing coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities.
  • Security bug
    A security bug or security defect is a software bug that can be exploited to gain unauthorized access or privileges on a computer system.
  • SekChek Classic
    SekChek Classic comprises a set of automated computer security audit and benchmarking tools for non-mainframe platforms developed by SekChek IPS in 1996.
  • SekChek Local
    SekChek Local is a set of automated computer security audit and benchmarking tools developed by SekChek IPS in March 2008.
  • Cybersecurity Information Sharing Act
    The Cybersecurity Information Sharing Act (CISA S. 2588 [113th Congress], S. 754 [114th Congress]) is a United States federal law designed to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes".
  • Information security
    Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction.
  • Spanish Network of Excellence on Cybersecurity Research
    The Spanish Network of Excellence on Cybersecurity Research (RENIC), is a research initiative to promote cybersecurity interests in Spain.
  • Cyber Threat Intelligence Integration Center
    The Cyber Threat Intelligence Integration Center (CTIIC) is a new United States federal government agency that will be a fusion center between existing agencies and the private sector for real-time use against cyber attacks.
  • Observeit
    Co-founders Gaby Friedlander and Avi Amos founded ObserveIT in USA in 2006.
  • Safe-T
    Safe-T provides solutions that allow securing the exchange of data as well as securing the access to data.
  • Anomaly Detection at Multiple Scales
    Anomaly Detection at Multiple Scales, or ADAMS, is a $35 million DARPA project designed to identify patterns and anomalies in very large data sets.
  • Proactive Discovery of Insider Threats Using Graph Analysis and Learning
    Proactive Discovery of Insider Threats Using Graph Analysis and Learning or PRODIGAL is a computer system for predicting anomalous behavior amongst humans by data mining network traffic such as emails, text messages and log entries.
  • McAfee Institute
    McAfee Institute Inc.
  • Authenticated session
    An authenticated session is a form of protocol that precedes the execution of a web application.
  • Trustworthy computing
    The term Trustworthy Computing (TwC) has been applied to computing systems that are inherently secure, available, and reliable.
  • Agence nationale de la sécurité des systèmes d'information
    The Agence nationale de la sécurité des systèmes d'information (ANSSI) (English: National Cybersecurity Agency of France) is a French service created on 7 July 2009 with responsibility for computer security.
  • Humming Heads
    Humming Heads Inc.
  • Project Zero (Google)
    Project Zero is the name of a team of security analysts employed by Google tasked with finding zero-day exploits.
  • EnCase
    EnCase is the shared technology within a suite of digital investigations products by Guidance Software.
  • Computer Law & Security Review
    The Computer Law & Security Review is a journal accessible to a wide range of professional legal and IT practitioners, businesses, academics, researchers, libraries and organisations in both the public and private sectors, the Computer Law and Security Review regularly covers: The Journal's Correspondent Panel includes more than 40 specialists in IT law and security - between them offering expert analysis on all aspects of this fast moving field of law - spotting trends, highlighting practical concerns, monitoring new problems, and outlining key developments.
  • HEAT LANrev
    HEAT LANrev (formerly Absolute Manage) is systems lifecycle management software used by system administrators to automate IT administration tasks.
  • Penta Security
    Penta Security Systems Inc.