Cybersecurity English
Cybersecurity English Glossary
677 professional cybersecurity english terms with definitions, pronunciation and examples. Learn what each term means — free with Termify.
A
- Che cos'e Abuso della logica di business? The exploitation of legitimate business logic in applications to gain unauthorized advantages, often bypassing technical...
- Che cos'e Accesso Inter-Tenant? The mechanism by which users, services, or applications are granted permission to access resources across different isol...
- Che cos'e Accesso Just In Time? A privileged access management method that grants users temporary, time-bound, and auditable access rights to critical s...
- Che cos'e Accettazione del rischio? A formal decision to acknowledge and accept the consequences of a specific risk, typically documented and approved by au...
- Che cos'e Accettazione del rischio? The formal decision to tolerate a known risk in cryptographic or PKI systems, typically documented through risk manageme...
- Che cos'e Accordo di chiave? A cryptographic protocol that enables two or more parties to establish a shared secret key over an insecure channel, com...
- Che cos'e Aderenza alla politica? The degree to which organizational personnel follow established internal policies, procedures, and standards.
- Che cos'e Affaticamento da allerta? Alert Fatigue is a condition in which security analysts become desensitized or overwhelmed due to excessive or repetitiv...
- Che cos'e Aggregazione dei log? Log Aggregation is the process of collecting and centralizing logs from diverse systems, applications, and devices into ...
- Che cos'e Aggregazione della telemetria di rete? The collection, normalization, and consolidation of network telemetry data (such as flow records, logs, or metrics) from...
- Che cos'e Algoritmo di firma? A cryptographic algorithm used to generate and verify digital signatures, ensuring data authenticity and integrity, such...
- Che cos'e Algoritmo MAC? A cryptographic function that produces a short piece of information used to authenticate a message and provide integrity...
- Che cos'e Allerta di escalation dei privilegi? The process of generating real-time alerts whenever a user or process attempts to gain higher-level access than authoriz...
- Che cos'e Allerta di Sicurezza? Automated or manual notification process by which a security system or analyst informs relevant personnel of detected su...
- Che cos'e Allineamento normativo? The degree to which organizational controls, processes, and policies conform to laws, regulations, and relevant industry...
- Che cos'e Analisi abuso API? The use of data analysis techniques to monitor, identify, and report on abnormal or malicious usage patterns within API ...
- Che cos'e Analisi d'impatto? A structured assessment of the potential consequences or business disruption resulting from the exploitation of vulnerab...
- Che cos'e Analisi degli Incidenti? The comprehensive examination and assessment of a security incident to determine its cause, scope, impact, and lessons l...
- Che cos'e Analisi dei log? The process of examining and interpreting system, application, and security logs to detect, investigate, and respond to ...
- Che cos'e Analisi del Comportamento a Runtime? Continuous monitoring and assessment of applications’ or systems’ activities during execution to detect anomalies or thr...
- Che cos'e Analisi del Comportamento Utente? Advanced analytics that monitor and analyze user activity patterns to detect insider threats, compromised accounts, and ...
- Che cos'e Analisi del Flusso di Rete? The process of collecting, monitoring, and analyzing metadata about network traffic flows to detect anomalies and threat...
- Che cos'e Analisi del malware? The process of examining malicious software to understand its behavior, intent, origin, and potential impact on affected...
- Che cos'e Analisi del rischio? The systematic process of identifying, evaluating, and prioritizing risks to organizational assets, considering likeliho...
- Che cos'e Analisi della Cattura dei Pacchetti? The process of collecting and analyzing network packet data to detect threats, troubleshoot issues, and validate securit...
- Che cos'e Analisi delle dipendenze del codice? The process of examining software dependencies for known vulnerabilities, outdated components, or license compliance iss...
- Che cos'e Analisi delle minacce? Threat Analysis is the systematic evaluation of potential and actual cyber threats by assessing threat actor capabilitie...
- Che cos'e Analisi dell’esposizione? Systematic evaluation of cryptographic or PKI assets and their attack surface to determine points of exposure to vulnera...
- Che cos'e Analisi di sicurezza? Security Analytics refers to the use of advanced data analysis techniques, including machine learning and statistical mo...
- Che cos'e Analisi d’impatto? The process of identifying and evaluating the potential consequences and business impacts of threats, incidents, or poli...
- Che cos'e Analisi Forense? The scientific examination and investigation of digital devices, logs, or data to identify, collect, preserve, and analy...
- Che cos'e Analisi forense? The application of specialized techniques to collect, preserve, and analyze digital evidence from information systems fo...
- Che cos'e Analisi Immagine Container? The process of automatically analyzing container images for vulnerabilities, malware, and policy violations before deplo...
- Che cos'e Ancora della catena? The process of ensuring that a certificate chain terminates at a trusted root certificate authority (trust anchor), as r...
- Che cos'e Ancora di fiducia? A trusted entity (typically a root certificate authority) whose public key is used as the ultimate basis for validating ...
- Che cos'e Anomalia di Comportamento di Rete? An observed deviation from established patterns of normal network activity that may indicate the presence of malicious a...
- Che cos'e Applicazione del Binding del Token? A security control requiring the cryptographic binding of authentication tokens to specific TLS sessions or client devic...
- Che cos'e Applicazione del Controllo di Accesso alla Rete? The application of technical controls to regulate and restrict user, device, or service access to network resources, enf...
- Che cos'e Applicazione del Minimo Privilegio? The continuous process of restricting user, process, or system access rights to the minimum necessary to perform authori...
- Che cos'e Applicazione del Tasso API? A control that limits the number of API requests a client or application can make within a specific time frame to preven...
- Che cos'e Applicazione della policy CORS? The process of strictly applying Cross-Origin Resource Sharing (CORS) policies to control which origins can interact wit...
- Che cos'e Applicazione della politica di segmentazione? The application and monitoring of access control policies that govern traffic between network segments to minimize unaut...
- Che cos'e Applicazione delle politiche? The process of ensuring that policies, standards, and procedures are implemented and followed within the organization, w...
- Che cos'e Applicazione delle Politiche di Endpoint? The application of security controls to endpoints (e.g., laptops, mobiles) to ensure compliance with organizational secu...
- Che cos'e Applicazione delle Regole Aziendali? Implementation and monitoring of business logic controls within applications to prevent unauthorized or unintended actio...
- Che cos'e Applicazione dell’ambito del token? The process of restricting token privileges to the minimum necessary set of actions or resources, ensuring that access t...
- Che cos'e Applicazione Forzata degli Header di Sicurezza? The application of mandatory HTTP response headers (such as CSP, HSTS, X-Frame-Options) to protect web applications from...
- Che cos'e Applicazione Gateway API? Operational policy and control enforcement at the API gateway layer, ensuring only validated and authorized API traffic ...
- Che cos'e Applicazione Lato Client? Reliance on client-side logic to enforce security controls, which can be bypassed or manipulated, undermining the intend...
- Che cos'e Applicazione Quota API? The process of applying limits to the number of API requests allowed for each user, application, or key, to prevent reso...
- Che cos'e Applicazione schema API? The practice of validating incoming and outgoing API requests and responses against a defined schema to prevent structur...
- Che cos'e Applicazione Timeout di Sessione? Policy and technical controls to ensure user sessions automatically expire after a defined period of inactivity, minimiz...
- Che cos'e Architettura DNS Resiliente? A DNS infrastructure designed for high availability, redundancy, and resistance to attacks or failures, ensuring continu...
- Che cos'e Architettura Zero Trust? A security model based on the principle that no user, device, or network component should be trusted by default. Enforce...
- Che cos'e Architettura Zero Trust? A security model centered on the assumption that no user or device, inside or outside the network perimeter, is trusted ...
- Che cos'e Architettura Zero Trust? A security model that assumes no implicit trust is granted to systems or users inside or outside the network; verificati...
- Che cos'e Archiviazione Crittografica Compromessa? A vulnerability where sensitive data is improperly encrypted, decrypted, or stored using weak cryptographic algorithms, ...
- Che cos'e Archivio di exploit? A centralized and curated repository of documented exploits relevant to cryptographic or PKI environments, used for thre...
- Che cos'e Archivio di fiducia? A repository of trusted root and intermediate certificates used by applications and systems to verify the authenticity o...
- Che cos'e Archivio radice? A trusted repository of root CA certificates used by operating systems and applications to validate the trustworthiness ...
- Che cos'e Arricchimento degli allarmi? The process of adding contextual information to security alerts, such as asset details, user context, or threat intellig...
- Che cos'e Assegnazione VLAN di Quarantena? The process of isolating endpoints identified as compromised or non-compliant by assigning them to a dedicated VLAN with...
- Che cos'e Asserzione firmata? A digital statement or claim, such as an authentication response or attribute, that is cryptographically signed to ensur...
- Che cos'e Associazione del token? A security mechanism where cryptographic tokens are cryptographically bound to a TLS connection, ensuring that tokens ca...
- Che cos'e Attacco di crittoanalisi? A method of attacking cryptographic systems by analyzing the algorithms and ciphertexts to extract secret keys or plaint...
- Che cos'e Attacco di Manomissione dei Parametri? An attack technique where an adversary manipulates input parameters in client requests to alter application behavior, by...
- Che cos'e Attacco di relay di autenticazione? A cyberattack in which authentication credentials are intercepted and forwarded (relayed) to impersonate a legitimate us...
- Che cos'e Attestazione di Salute Endpoint? A process by which the health state of an endpoint device is cryptographically measured and validated before it is allow...
- Che cos'e Attore di minaccia? An individual, group, or entity with the intent, capability, and opportunity to exploit vulnerabilities in cryptographic...
- Che cos'e Attribuzione del rischio? The process of quantifying and prioritizing risks by assigning numerical or qualitative values based on likelihood, impa...
- Che cos'e Attribuzione della minaccia? Threat Attribution is the analytical process of linking a detected cyber threat, campaign, or incident to a specific act...
- Che cos'e Audit degli Accessi Cloud? Systematic logging and analysis of access events in cloud environments to ensure compliance, detect anomalies, and suppo...
- Che cos'e Audit di conformità? A systematic, independent review to determine whether activities and related results comply with planned arrangements, p...
- Che cos'e Audit di sicurezza? A formal, systematic review of an organization’s information systems, controls, and procedures to verify their effective...
- Che cos'e Audit di sicurezza? A formal, systematic review and verification of cryptographic and PKI processes, controls, and compliance with standards...
- Che cos'e Autenticazione Multifattore? A security mechanism requiring users to present two or more independent forms of evidence (factors) to verify their iden...
- Che cos'e Autenticazione reciproca? A security process in which both entities in a communication verify each other's identities, typically using digital cer...
- Che cos'e Automazione dei test? The application of automated tools and scripts to perform repeatable, consistent validation of cryptographic functions, ...
- Che cos'e Automazione del Playbook? The automated execution of predefined incident response actions and workflows using orchestration tools, reducing manual...
- Che cos'e Automazione dell'orchestrazione della sicurezza? The integration and automation of security processes, tools, and workflows to accelerate detection, investigation, and r...
- Che cos'e Automazione della Scoperta degli Asset? The automated identification and inventory of all devices, cloud resources, software, and services within an organizatio...
- Che cos'e Automazione della sicurezza? Security Automation is the application of technology to perform repetitive or time-sensitive security operations tasks—s...
- Che cos'e Autorità di politica? An entity within a PKI or trust framework responsible for defining, governing, and maintaining security and operational ...
- Che cos'e Autorità di validazione? A trusted service or entity that provides real-time or historical status information about digital certificates, typical...
- Che cos'e Autorità radice? The top-level Certificate Authority (CA) in a PKI hierarchy whose root certificate is self-signed and serves as the ulti...
- Che cos'e Autorizzazione a livello di funzione? A control mechanism that verifies a user’s or system’s permission for each specific API endpoint or business function be...
- Che cos'e Autovalutazione dei Controlli? Short for 'Control Self-Assessment'—an internal process where departments evaluate the design and effectiveness of their...
- Che cos'e Avviso di Errata Configurazione delle Risorse? Automated notification generated when a cloud resource, such as storage or compute, is configured in a way that exposes ...
- Che cos'e Avviso di Esfiltrazione Dati? The real-time detection and notification of unauthorized attempts to transfer sensitive or regulated data out of protect...
- Che cos'e Avvolgimento della chiave? The process of encrypting one cryptographic key with another key to securely transport or store keys, typically used for...
- Che cos'e Azione di rimedio? Steps taken to eliminate the cause of a detected security incident, restore affected systems, and strengthen defenses to...
- Che cos'e Azione di rimedio? A specific corrective step taken to address a vulnerability, nonconformity, or security finding in cryptographic or PKI ...
B
- Che cos'e Backup della chiave? The secure process of creating a protected copy of a cryptographic key, enabling recovery if the original is lost or dam...
- Che cos'e Baseline di configurazione sicura? A documented set of secure settings and parameters for systems or applications, serving as a reference point for complia...
- Che cos'e Baseline di sicurezza? A documented set of minimum security controls or configurations established as a standard for systems, services, or proc...
- Che cos'e Baseline di sicurezza? A set of minimum security controls and configurations established for cryptographic or PKI systems to ensure compliance ...
- Che cos'e Binding del token di sessione? A security mechanism that cryptographically ties a session token to a specific user device or connection context, preven...
- Che cos'e Blocco del traffico dannoso? Automated or manual actions taken to identify and prevent the flow of network traffic identified as malicious, including...
- Che cos'e Blocco di Script Dannosi? The detection and prevention of unauthorized, harmful scripts (such as JavaScript, PowerShell, or macros) from executing...
- Che cos'e Blocco legale? A directive to preserve all forms of relevant information when litigation or investigation is reasonably anticipated.
- Che cos'e Broker di Accesso Cloud? A security policy enforcement point between cloud service users and providers that ensures enterprise security requireme...
- Che cos'e Brokeraggio di Sicurezza SaaS? A security model and technology platform that intermediates access between enterprise users and SaaS applications, enfor...
- Che cos'e Busta digitale? A mechanism in cryptography where a message is encrypted with a symmetric key and the symmetric key is then encrypted wi...
C
- Che cos'e CA subordinata? A Certificate Authority (CA) that is certified and authorized by a root or higher-level CA to issue digital certificates...
- Che cos'e Caccia alle Minacce Automatica? The continuous, proactive, and algorithm-driven search for threats and anomalies in an environment, using automated tool...
- Che cos'e Caccia alle minacce di rete? The proactive process of searching for hidden threats or adversaries within network traffic using behavioral analytics, ...
- Che cos'e Canale di comando e controllo? A communications channel used by attackers or malware to issue instructions to compromised hosts, or by defenders for au...
- Che cos'e Canale di comando sicuro? An encrypted, authenticated communication pathway used for transmitting privileged commands or control signals, as descr...
- Che cos'e Canale sicuro? A communication path protected by cryptographic means, ensuring confidentiality, integrity, and authentication of data i...
- Che cos'e Capacità di rilevamento? Detection Capability is the measure of an organization's ability to identify and recognize cyber threats, malicious acti...
- Che cos'e Carta di Sicurezza? A formal document that defines the scope, authority, and responsibilities of the security function within an organizatio...
- Che cos'e Catalogo delle minacce? A structured and curated inventory of recognized PKI or cryptographic threats, attack vectors, and related mitigation st...
- Che cos'e Categorizzazione degli asset? The process of classifying PKI and cryptographic assets based on value, criticality, sensitivity, and role within the or...
- Che cos'e Categorizzazione degli incidenti? Incident Categorization is the process of classifying security events or incidents based on type, severity, impact, and ...
- Che cos'e Catena di attacco? A sequence of steps or techniques used by threat actors to exploit cryptographic or PKI weaknesses, progressing from ini...
- Che cos'e Catena di certificati? An ordered sequence of certificates, from an end-entity certificate up to the root authority, each certifying the next i...
- Che cos'e Catena di custodia? A formal process documenting the chronological handling, transfer, and control of digital evidence, ensuring its integri...
- Che cos'e Catena di exploit? The sequential use of multiple exploits to bypass security mechanisms and gain unauthorized access to cryptographic or P...
- Che cos'e Causa radice? The fundamental underlying reason or origin of a security incident, breach, or operational failure, identified through s...
- Che cos'e Centro di Fusione degli Indicatori? A centralized facility or platform that aggregates, correlates, and analyzes cybersecurity indicators (such as IOCs) fro...
- Che cos'e Certificato autofirmato? A digital certificate that is signed by the same entity whose identity it certifies, rather than by a trusted Certificat...
- Che cos'e Certificato CA? A digital certificate issued to a Certificate Authority, used to sign and validate other digital certificates within a P...
- Che cos'e Certificato del dispositivo? A digital certificate issued to a device (such as a server, router, or IoT component) to authenticate its identity withi...
- Che cos'e Certificato di attributo? A digital certificate that binds attribute information (such as roles or permissions) to a subject, separate from the id...
- Che cos'e Certificato radice? A self-signed digital certificate that identifies a trusted Certificate Authority (CA) at the apex of a certification ch...
- Che cos'e Certificazione degli accessi? A formal, periodic review process in which managers or data owners attest that users have the appropriate levels of acce...
- Che cos'e Checksum della chiave? A value derived from a cryptographic key using a checksum or hash algorithm, used to verify the integrity or correctness...
- Che cos'e Chiave del soggetto? The cryptographic public key associated with the subject of a digital certificate, used to verify signatures or encrypt ...
- Che cos'e Chiave dell'emittente? The private key held by a Certificate Authority (CA) or issuer used to sign digital certificates and assert trust in a P...
- Che cos'e Chiave di sessione? A temporary symmetric key used for a single communication session, providing confidentiality and integrity for exchanged...
- Che cos'e Chiave effimera? A cryptographic key generated for temporary use in a single session or operation, after which it is discarded and not re...
- Che cos'e Chiave precondivisa? A symmetric key distributed to and shared by parties before communication begins, commonly used in VPNs, Wi-Fi WPA2-PSK,...
- Che cos'e Chiave privata? A confidential cryptographic key in an asymmetric key pair, used to sign or decrypt data, and must be kept secret to mai...
- Che cos'e Chiave pubblica? The openly distributed cryptographic key in an asymmetric key pair, used to verify digital signatures or encrypt data fo...
- Che cos'e Chiave simmetrica? A cryptographic key used in symmetric encryption where the same key is used for both encryption and decryption operation...
- Che cos'e Chiusura dell'Incidente? The formal completion and documentation of all response activities for a security incident, ensuring lessons learned and...
- Che cos'e Ciclo di Vita dell'Allerta? The sequence of phases that a security alert undergoes, from initial detection and triage through investigation, escalat...
- Che cos'e Ciclo di Vita dell’Identità della Macchina? The complete set of processes for creating, managing, renewing, and retiring machine identities (e.g., certificates, key...
- Che cos'e Cifrario a blocchi? A symmetric key encryption algorithm that encrypts data in fixed-size blocks, such as AES and 3DES.
- Che cos'e Cifratura ibrida? A cryptographic approach that combines asymmetric and symmetric encryption to leverage the advantages of both for secure...
- Che cos'e Classificazione degli asset? The process of categorizing cryptographic, PKI, and related assets based on sensitivity, criticality, and regulatory req...
- Che cos'e Classificazione dei dati? The process of categorizing data based on its sensitivity, value, and the impact to the organization if disclosed, alter...
- Che cos'e Classificazione dei dati? The systematic process of categorizing information based on sensitivity, criticality, and regulatory requirements to det...
- Che cos'e Classificazione della sicurezza? The categorization of data or assets based on sensitivity, value, and required level of protection, typically in alignme...
- Che cos'e Cloud Privata Virtuale? A logically isolated section of a public cloud where organizations can launch resources in a virtual network that they d...
- Che cos'e Codice di condotta? A formal set of ethical and behavioral guidelines that define acceptable and unacceptable actions for personnel within a...
- Che cos'e Collisione di hash? An event where two different inputs produce the same output hash value from a cryptographic hash function, undermining d...
- Che cos'e Comitato di audit? A formally established group within an organization tasked with oversight of financial reporting, internal controls, ris...
- Che cos'e Comitato di governance? A formal group of executives and stakeholders responsible for overseeing information security, compliance, and risk mana...
- Che cos'e Comunicazione degli Incidenti? The timely and coordinated exchange of information about an incident’s status, impact, and response among internal teams...
- Che cos'e Concessione Eccessiva di Autorizzazione? A security misconfiguration where a user or entity is assigned more access rights than necessary, violating the principl...
- Che cos'e Condivisione automatica degli indicatori? The automatic exchange of cyber threat indicators between organizations and trusted partners using standardized formats ...
- Che cos'e Condivisione impropria delle risorse? A security risk where system resources are shared without proper isolation or access controls, leading to unintended dat...
- Che cos'e Conferma della chiave? A cryptographic process where parties confirm to each other that they possess the same secret key, usually as a final st...
- Che cos'e Confinamento tramite isolamento host? A network defense strategy to restrict or cut off network access for a compromised or suspicious host to prevent lateral...
- Che cos'e Confine di fiducia di terze parti? A defined security demarcation between an organization’s internal systems and those of third-party entities, used to enf...
- Che cos'e Conformità crittografica? Adherence to laws, regulations, and standards that govern cryptographic practices, algorithm usage, and key management, ...
- Che cos'e Conformità legale? The state of adhering to all applicable laws, regulations, and legal obligations relevant to an organization's business ...
- Che cos'e Conformità normativa? Adherence to laws, regulations, and standards applicable to the organization's operations and information security pract...
- Che cos'e Conservazione dei dati? The set of policies and procedures governing how long organizational data must be kept, archived, or deleted in complian...
- Che cos'e Conservazione dei Log? The process and policy of securely retaining security event and audit logs for a defined period to ensure availability f...
- Che cos'e Conservazione delle Prove? The controlled process of securing, documenting, and protecting digital or physical evidence to maintain integrity for i...
- Che cos'e Consiglio di sorveglianza? A governing committee or group responsible for strategic direction, oversight, and monitoring of the organization’s risk...
- Che cos'e Contenimento del malware? Malware Containment is the set of actions and controls enacted to isolate and prevent the spread of malicious software w...
- Che cos'e Contenimento della risposta agli incidenti? The process of isolating or restricting the impact of an active security incident to prevent further spread, as describe...
- Che cos'e Contenimento dell’incidente? The actions taken to limit the impact of a security incident by isolating affected systems, preventing lateral movement,...
- Che cos'e Contenitore di chiavi? A logical or physical storage area used to hold cryptographic keys, often protected by access controls and used in softw...
- Che cos'e Contesto di vulnerabilità? The operational, environmental, and architectural conditions under which a cryptographic or PKI vulnerability may be pre...
- Che cos'e Continuità operativa? A holistic management process that identifies potential threats and ensures organizational resilience by planning for co...
- Che cos'e Controllo accessi compromesso? A critical security flaw where access restrictions are incorrectly implemented, enabling users to perform actions or acc...
- Che cos'e Controllo Cache Improprio? Failure to configure cache settings securely, leading to the unintended storage or exposure of sensitive data in shared ...
- Che cos'e Controllo dei log sensibili? Procedures and mechanisms to ensure that confidential or regulated information is never written to logs, reducing the ri...
- Che cos'e Controllo dell'Impersonificazione Utente? Mechanisms and safeguards that prevent or detect unauthorized use of a legitimate user's identity within a system or app...
- Che cos'e Controllo della canonicalizzazione dell’input? Processes that convert various possible input formats to a standard, canonical form before validation, helping to preven...
- Che cos'e Controllo delle Istanza Effimere? Security controls and automation for governing short-lived, temporary compute instances to prevent persistence, limit at...
- Che cos'e Controllo delle modifiche? A formal process used to ensure that all modifications to systems, processes, or documents are introduced in a controlle...
- Che cos'e Controllo di Accesso Adattivo? A dynamic security mechanism that adjusts access decisions in real-time based on user behavior, device health, risk cont...
- Che cos'e Controllo di Accesso allo Storage? Policies and mechanisms that restrict and monitor access to data storage systems, ensuring only authorized users or appl...
- Che cos'e Controllo di conformità? A specific policy, process, or technical measure implemented to ensure an organization meets applicable legal, regulator...
- Che cos'e Controllo di mitigazione? A technical or procedural safeguard implemented to reduce the likelihood or impact of cryptographic or PKI-related risks...
- Che cos'e Controllo di Protezione del Perimetro? Security mechanisms (e.g., firewalls, gateways) deployed at network perimeters to monitor and filter inbound and outboun...
- Che cos'e Controllo di Residenza dei Dati? Policies and technical mechanisms that ensure organizational data is stored, processed, and managed in specific legal or...
- Che cos'e Controllo Entropia Insufficiente? Failure to verify that cryptographic functions use sources of randomness with adequate entropy, increasing the risk of p...
- Che cos'e Coordinamento della Risposta? The structured management and collaboration among teams and stakeholders to ensure efficient containment, eradication, a...
- Che cos'e Coordinamento della risposta? Response Coordination is the organized management of communication, task allocation, and resource deployment among stake...
- Che cos'e Copertura dei test? The extent to which cryptographic or PKI system components, use cases, and controls are validated by automated or manual...
- Che cos'e Copertura della scansione? The extent to which cryptographic systems, PKI components, and related assets are included in vulnerability or configura...
- Che cos'e Coppia di chiavi? A set of two mathematically linked cryptographic keys, typically consisting of a public key for encryption/verification ...
- Che cos'e Correlazione Attività Cloud? The process of linking and analyzing disparate cloud events, logs, and telemetry to detect patterns indicative of threat...
- Che cos'e Correlazione degli allarmi? Alert Correlation is the process of analyzing and linking related security alerts from different sources or systems to i...
- Che cos'e Correlazione delle Minacce? The analytical process of aggregating and comparing multiple data points from diverse sources to identify relationships ...
- Che cos'e Correlazione di eventi? The process of analyzing and combining related security events from multiple sources to identify patterns indicative of ...
- Che cos'e Costruzione della catena? The process of assembling a complete, ordered set of certificates from an end-entity certificate up to a trusted root, v...
- Che cos'e Crittografia del service mesh? End-to-end encryption of communications between services within a service mesh architecture, typically using mutual TLS ...
- Che cos'e Crittografia del tessuto di rete? Encryption mechanisms applied to the entire data path within a network fabric, ensuring confidentiality and integrity of...
- Che cos'e Crittografia dello Storage Cloud? The use of cryptographic techniques to protect data stored in cloud environments, ensuring confidentiality and integrity...
- Che cos'e Crittografia di Trasporto Reciproca? Encryption mechanism where both endpoints authenticate each other and establish encrypted transport, as defined in NIST ...
- Che cos'e Cronologia dell'incidente? A detailed chronological record of all events, actions, and system states related to a security incident, used for inves...
- Che cos'e Curva ellittica? A type of algebraic curve used in public-key cryptography, providing strong security with smaller key sizes; the basis o...
D
- Che cos'e Dashboard dei rischi? A real-time interface that aggregates, visualizes, and monitors PKI or cryptographic risks, vulnerabilities, and remedia...
- Che cos'e Dashboard di conformità? A real-time visualization tool that aggregates and displays the status of cryptography and PKI controls, risks, incident...
- Che cos'e Database delle vulnerabilità? A centralized, authoritative repository cataloging known cryptographic and PKI-related vulnerabilities, including CVEs, ...
- Che cos'e DDoS a Livello Applicazione? A type of distributed denial-of-service attack that targets the application layer (OSI Layer 7) with malicious HTTP or A...
- Che cos'e Debolezza di controllo? A flaw, gap, or insufficient strength in technical or procedural controls that may allow threats to compromise cryptogra...
- Che cos'e Deficienza di controllo? A weakness in the design or operation of a control that prevents it from effectively mitigating risk or achieving compli...
- Che cos'e Delega di Consenso OAuth? Process by which a resource owner grants a client application delegated access to protected resources, based on explicit...
- Che cos'e Deposito chiave? A key management process in which cryptographic keys are held in escrow by a trusted third party, enabling recovery unde...
- Che cos'e Derivazione di chiavi? A cryptographic process for generating one or more secret keys from a shared secret or password using a deterministic fu...
- Che cos'e Deserializzazione Non Sicura? A vulnerability where untrusted or tampered data is deserialized without proper validation, potentially leading to remot...
- Che cos'e Difesa contro il dirottamento di sessione? Countermeasures and controls implemented to detect, prevent, and respond to session hijacking attacks, such as session f...
- Che cos'e Difesa Contro il Takeover degli Account? Security measures designed to detect and prevent unauthorized access to user accounts, including the use of MFA, behavio...
- Che cos'e Difesa dal Credential Stuffing? Measures and technologies to detect, block, and mitigate automated login attempts using stolen or reused username-passwo...
- Che cos'e Digest del messaggio? A fixed-length, unique output value generated by applying a cryptographic hash function to a message, used for verifying...
- Che cos'e Dispositivo HSM? A dedicated hardware device designed to securely generate, manage, and store cryptographic keys, and perform cryptograph...
- Che cos'e Distribuzione CRL? The mechanism and locations for making Certificate Revocation Lists (CRLs) available to PKI participants to check the re...
- Che cos'e Distribuzione delle patch? The distribution and installation of security updates to cryptographic or PKI-related systems to remediate vulnerabiliti...
- Che cos'e Distribuzione di Honeynet di Inganno? The setup of a network of decoy systems and services designed to lure, detect, and analyze attacker behavior.
- Che cos'e Distribuzione IPsec instradata? An implementation of IPsec that leverages routing protocols to establish secure tunnels between network endpoints, suppo...
- Che cos'e Distribuzione Patch Virtuale? The process of applying security controls, such as firewall rules or IPS signatures, to mitigate vulnerabilities without...
- Che cos'e Divulgazione di Informazioni Non Intenzionale? The accidental or unauthorized exposure of sensitive data due to flawed application logic, misconfigurations, or insuffi...
- Che cos'e Divulgazione di vulnerabilità? The process by which security vulnerabilities are reported to the relevant organization, vendor, or public, typically fo...
- Che cos'e Documentazione degli Incidenti? The detailed and systematic recording of all relevant information, actions, decisions, and evidence related to a cyberse...
- Che cos'e Documentazione delle politiche? The comprehensive collection and maintenance of all written policies, procedures, and standards governing security, risk...
- Che cos'e Documentazione di Allerta? The detailed recording of all relevant information about a security alert, including source, analysis, actions, and outc...
- Che cos'e Durata della chiave? The maximum period that a cryptographic key is allowed to be active and used for cryptographic operations before mandato...
E
- Che cos'e Eccezione alla politica? A formally approved, documented deviation from an established security policy, typically granted on a temporary basis wi...
- Che cos'e Eccezione di patch? A formally documented decision to temporarily or permanently not apply a specific patch to a PKI or cryptographic system...
- Che cos'e Elenco degli exploit? An authoritative and frequently updated catalog of all known exploits that could target cryptographic or PKI assets, inc...
- Che cos'e Elenco di controllo degli accessi? A table or data structure used to specify permissions attached to system objects, defining which users or processes are ...
- Che cos'e Elenco di revoca JWT? A security control that maintains a list of invalidated JSON Web Tokens (JWTs), preventing previously issued tokens from...
- Che cos'e Elusione del bypass di rilevamento? Techniques used by threat actors to evade or bypass security detection mechanisms such as IDS, IPS, or endpoint protecti...
- Che cos'e Elusione Limite di Frequenza? A technique or vulnerability where attackers evade rate limiting controls to send more requests than intended, potential...
- Che cos'e Emulazione dell’Avversario? The simulation of real-world attacker behaviors and techniques in a controlled environment to test and improve detection...
- Che cos'e Enumerazione degli attacchi? The process of systematically identifying and cataloging all possible attack vectors and threat actors relevant to a cry...
- Che cos'e Enumerazione della rete? The systematic identification and cataloging of networked assets, hosts, and services, including cryptographic and PKI i...
- Che cos'e Errata configurazione di sicurezza? A common vulnerability where systems, servers, or applications are deployed with insecure default settings, incomplete c...
- Che cos'e Errata configurazione di sicurezza? A failure to implement correct or secure settings in cryptographic, PKI, or network assets, resulting in exposure to exp...
- Che cos'e Escalation dei privilegi? An attack or exploit in which a user or application gains higher access rights or privileges than intended by system pol...
- Che cos'e Escalation dei privilegi? The process by which a threat actor gains unauthorized elevated access rights within cryptographic or PKI systems.
- Che cos'e Escalation del Caso? The process of transferring a security incident or case to a higher-level team or authority due to severity, complexity,...
- Che cos'e Escalation dell’incidente? The formal process of transferring a detected security incident to higher-level personnel or specialized teams for furth...
- Che cos'e Escalation di Allerta? The process of forwarding a security alert to higher-level analysts or decision makers when the event exceeds the curren...
- Che cos'e Esercitazione Tabletop? A discussion-based incident response simulation where team members review and role-play their actions and decisions for ...
- Che cos'e Esposizione alla minaccia? The degree to which a PKI or cryptographic system is vulnerable or visible to potential threat actors, based on controls...
- Che cos'e Esposizione all’exploit? The state in which PKI or cryptographic systems are vulnerable to a known exploit, due to unpatched or misconfigured com...
- Che cos'e Esposizione delle credenziali? The unauthorized disclosure or leak of authentication credentials or cryptographic secrets (such as private keys or cert...
- Che cos'e Esposizione di dati sensibili? A risk where confidential or regulated data is unintentionally disclosed through insecure APIs, weak encryption, or impr...
- Che cos'e Esposizione di Funzioni Sensibili? A flaw where critical application functions, such as admin features or payment operations, are accessible to unauthorize...
- Che cos'e Esposizione eccessiva di dati? A security weakness where APIs expose more data than necessary to clients, increasing the risk of sensitive information ...
- Che cos'e Estrazione della chiave? The process of obtaining a cryptographic key from a hardware or software source, typically for backup, migration, or for...
- Che cos'e Evidenza della rimedio? Documented proof that a PKI or cryptographic vulnerability or deficiency has been addressed and corrective actions were ...
- Che cos'e Evidenza di mitigazione? Documented proof that specific technical or administrative actions have effectively addressed and reduced the risk of cr...
F
- Che cos'e Federazione Cloud Ibrida? The operational model enabling secure interoperability and resource management across multiple private and public cloud ...
- Che cos'e Feedback del cifrario? A block cipher mode of operation (CFB) that turns a block cipher into a self-synchronizing stream cipher, providing conf...
- Che cos'e Filtraggio del Traffico in Uscita? The process of monitoring and controlling outgoing network traffic to block unauthorized, malicious, or policy-violating...
- Che cos'e Filtraggio del vettore di accesso? A network defense technique that restricts or monitors traffic based on access vectors such as protocol, port, and direc...
- Che cos'e Finestra di esposizione? The time period during which cryptographic or PKI assets remain susceptible to exploitation due to the existence of unpa...
- Che cos'e Finestra di exploit? The period between public disclosure of a cryptographic or PKI vulnerability and the application of effective remediatio...
- Che cos'e Flusso di autenticazione compromesso? A security flaw in authentication workflows allowing users to bypass, disrupt, or abuse login and identity verification ...
- Che cos'e Flusso di lavoro di rimedio? A formalized sequence of steps for resolving cryptographic or PKI vulnerabilities, including assignment, tracking, verif...
- Che cos'e Flusso di rimedio? Remediation Workflow is a structured, documented process for addressing and resolving identified security issues or inci...
- Che cos'e Flusso di Risposta? A formalized, step-by-step sequence of procedures and roles that guide the incident response process from detection thro...
- Che cos'e Formazione sulla consapevolezza? Education provided to personnel to raise awareness about security risks, threats, and safe practices, often as part of c...
- Che cos'e Formazione sulla sicurezza? Instructional activities designed to equip personnel with the knowledge and skills to recognize, prevent, and respond to...
- Che cos'e Fornitore di sicurezza gestita? An external organization that delivers outsourced security monitoring, management, and incident response services for cl...
- Che cos'e Framework di controllo? A structured set of governance, risk, and compliance (GRC) policies, processes, and controls aligned to industry standar...
- Che cos'e Framework di fiducia? A formal structure of policies, roles, rules, and standards that define how trust is established, maintained, and evalua...
- Che cos'e Frequenza di scansione? The rate at which cryptographic assets or PKI-enabled systems are scanned or assessed for vulnerabilities, exposures, or...
G
- Che cos'e Gateway di Accesso Remoto? A secured network device or service that brokers and controls remote user access to internal organizational resources, e...
- Che cos'e Gateway di confine sicuro? A security-hardened network device or configuration that manages and filters traffic entering or leaving the network per...
- Che cos'e Gateway di Crittografia Cloud? A security appliance or service that encrypts sensitive data before it is transferred to cloud services, ensuring confid...
- Che cos'e Gateway di Posta Elettronica Sicura? A dedicated security appliance or cloud service that monitors, filters, and blocks malicious email content (spam, phishi...
- Che cos'e Gateway di Sicurezza API? A dedicated service or device that provides centralized security controls for APIs, including authentication, authorizat...
- Che cos'e Gateway Servizi Honeypot? A dedicated network gateway or proxy that directs traffic to and from honeypot resources, isolating deceptive assets fro...
- Che cos'e Generazione nonce? The process of generating a unique, unpredictable, and usually random number (nonce) used once per cryptographic protoco...
- Che cos'e Gestione automatizzata delle patch? A systematic approach that uses software tools to automatically identify, acquire, test, and deploy security patches acr...
- Che cos'e Gestione Certificati Dispositivo? The process of issuing, deploying, renewing, and revoking digital certificates used to authenticate and secure devices w...
- Che cos'e Gestione degli incidenti? A structured process for identifying, assessing, responding to, and recovering from security incidents to minimize impac...
- Che cos'e Gestione degli Incidenti? A structured set of procedures used by security teams to address, manage, and resolve cybersecurity incidents, including...
- Che cos'e Gestione degli Incidenti? A coordinated set of processes and tools for identifying, assessing, responding to, tracking, and resolving security inc...
- Che cos'e Gestione dei Casi? The process of documenting, tracking, and resolving security incidents or investigations within a structured platform, e...
- Che cos'e Gestione dei dati? The processes and procedures for collecting, processing, storing, transmitting, and disposing of data in a secure and co...
- Che cos'e Gestione dei Diritti dell’Infrastruttura? A process and toolset for discovering, controlling, and auditing permissions and access rights across cloud and hybrid i...
- Che cos'e Gestione dei ruoli? The process of defining, assigning, and controlling user roles and associated privileges within systems to enforce least...
- Che cos'e Gestione dell'Incidente? The comprehensive process of managing a cybersecurity incident from initial detection through analysis, containment, era...
- Che cos'e Gestione della Conformità? The coordinated set of processes and controls designed to ensure adherence to legal, regulatory, and internal policy req...
- Che cos'e Gestione della crisi? Coordinated organizational actions and communication aimed at containing, resolving, and recovering from severe security...
- Che cos'e Gestione della Registrazione dei Dispositivi? The process of registering and configuring devices to ensure compliance with security policies before granting access to...
- Che cos'e Gestione delle chiavi? The set of processes and mechanisms for generating, distributing, storing, using, rotating, archiving, and destroying cr...
- Che cos'e Gestione delle chiavi? The set of processes and mechanisms used for the secure generation, distribution, storage, rotation, and destruction of ...
- Che cos'e Gestione delle eccezioni? A formal process for documenting, assessing, approving, and monitoring deviations from standard policies or controls, en...
- Che cos'e Gestione delle eccezioni? The systematic process of identifying, logging, resolving, and reporting deviations from expected information security o...
- Che cos'e Gestione delle Identità Privilegiate? A security discipline and toolset focused on discovering, controlling, and monitoring accounts with elevated access righ...
- Che cos'e Gestione delle patch? A formal process for the identification, acquisition, testing, and deployment of patches to correct vulnerabilities in c...
- Che cos'e Gestione delle richieste preflight? The process of managing HTTP preflight requests (OPTIONS method) sent by browsers to check CORS permissions before the a...
- Che cos'e Gestione Impropria degli Errori? Failure to securely process or sanitize application errors, leading to information disclosure or security bypass opportu...
- Che cos'e Griglia di Inganno Distribuita? A security architecture that uses distributed decoys, honeypots, and lures throughout the network or cloud to detect, de...
- Che cos'e Guardia di livello interfaccia? A security control that enforces policy, filtering, or access restrictions at a specific network interface, segmenting a...
I
- Che cos'e IAM del Fornitore Cloud? Identity and access management systems and controls provided by cloud service vendors, enabling secure authentication, a...
- Che cos'e Identificatore dell'emittente? A unique value or distinguished name that identifies the Certificate Authority (CA) or entity that issues a digital cert...
- Che cos'e Impatto sul business? The effect or consequence an incident, risk, or change has on an organization's operations, assets, individuals, or repu...
- Che cos'e Impatto sulla Privacy? The effect of a process, project, or system on the privacy of individuals, often measured and documented through a forma...
- Che cos'e Importazione chiave? The process of securely bringing a cryptographic key into a software or hardware cryptographic module, typically in comp...
- Che cos'e Indagine di Allerta? The structured process of examining the source, context, and impact of a security alert to determine its validity, root ...
- Che cos'e Indagine sull’incidente? A systematic process of collecting, analyzing, and documenting evidence to determine the cause, impact, and scope of a s...
- Che cos'e Indicatore di rischio? A measurable signal or metric used to identify, quantify, or monitor risks affecting cryptographic or PKI assets, suppor...
- Che cos'e Informatica Forense? The discipline of identifying, preserving, analyzing, and documenting digital evidence from electronic devices to suppor...
- Che cos'e Informativa sulla privacy? A formal document that informs individuals about how their personal data is collected, used, stored, and protected by th...
- Che cos'e Infrastruttura PKI? A system of hardware, software, policies, and procedures needed to create, manage, distribute, use, store, and revoke di...
- Che cos'e Ingegneria della Rilevazione? The discipline of designing, implementing, and tuning security monitoring rules, analytics, and automation to identify t...
- Che cos'e Iniezione di Processo? A technique used by attackers or legitimate tools to inject code into the address space of another process, enabling cod...
- Che cos'e Inoltro Sicuro dei Pacchetti? The practice of transmitting data packets across networks in a manner that maintains confidentiality, integrity, and aut...
- Che cos'e Inquinamento dei parametri HTTP? A web security vulnerability where multiple HTTP parameters with the same name are sent in a single request, potentially...
- Che cos'e Inserimento PIN? The act of securely entering a personal identification number (PIN) into a trusted hardware or software interface for au...
- Che cos'e Integrazione del servizio di attestazione? The process of connecting systems to trusted attestation services that validate the integrity and security posture of cl...
- Che cos'e Intelligence sulle Minacce? Evidence-based knowledge about existing and emerging threats, derived from analysis of indicators, adversary behavior, a...
- Che cos'e Intelligence sulle minacce? Curated, actionable knowledge regarding cryptographic or PKI-related threats, including adversary tactics, relevant indi...
- Che cos'e Intelligence sulle minacce cloud? The process of gathering, analyzing, and operationalizing information about cloud-specific threats, adversary tactics, a...
- Che cos'e Intelligence sulle Minacce Endpoint? The real-time collection and analysis of threat indicators and adversary tactics from endpoint devices to enhance detect...
- Che cos'e Interessato? An individual whose personal data is collected, held or processed by a data controller or processor as defined by privac...
- Che cos'e Introspezione del Token OAuth? A protocol mechanism defined in RFC 7662 that allows resource servers to query an authorization server about the status ...
- Che cos'e Inventario degli asset? A comprehensive list of all information assets within an organization, including hardware, software, data, and supportin...
- Che cos'e Inventario degli asset improprio? A failure to maintain a complete, accurate, and up-to-date list of all hardware, software, and cloud assets, leading to ...
- Che cos'e Inventario degli attacchi? A comprehensive, regularly updated list or database of all known attack techniques, tools, or vectors relevant to crypto...
- Che cos'e Inventario delle risorse? A comprehensive, up-to-date record of all hardware, software, certificates, cryptographic modules, and other PKI-relevan...
- Che cos'e Investigazione di Allerta? The process of analyzing and validating security alerts to determine their legitimacy, scope, and required response acti...
- Che cos'e Isolamento del Runtime del Contenitore? A set of controls and configurations that ensure each running container is logically and physically separated from other...
- Che cos'e Isolamento del Sistema Operativo Ospite? The practice of isolating virtual machines (guests) from each other and from the host system to prevent unauthorized acc...
- Che cos'e Isolamento delle sessioni privilegiate? The separation and monitoring of administrative sessions from standard user sessions to prevent misuse of privileged acc...
- Che cos'e Isolamento dell’Host? The process of removing a compromised or suspicious host from the network to prevent lateral movement and further compro...
- Che cos'e Isolamento Remoto del Browser? A security technique in which a user’s web browsing session is executed on a remote server, isolating all web content fr...
- Che cos'e Isolamento tra tenant? Security controls that strictly separate data, processes, and resources among different tenants in multi-tenant cloud or...
- Che cos'e Ispezione del Traffico Cifrato? A process that enables the examination of encrypted network traffic to detect threats, enforce policies, and prevent dat...
L
- Che cos'e Lacuna di sicurezza? A missing or insufficient security control in cryptographic or PKI systems that exposes assets to risk, noncompliance, o...
- Che cos'e Lacuna normativa? Any deficiency or mismatch between current organizational controls, policies, or processes and those required by relevan...
- Che cos'e Limitazione della frequenza API? A security control mechanism that restricts the number of API requests from a user or client within a specified timefram...
- Che cos'e Limitazione della frequenza impropria? A security weakness where APIs or web services do not sufficiently restrict the frequency or volume of requests, allowin...
- Che cos'e Linea etica? A confidential reporting mechanism that allows employees and third parties to report ethical or compliance concerns anon...
- Che cos'e Livello funzione compromesso? An API vulnerability where improper function-level authorization allows attackers to access or execute functions beyond ...
- Che cos'e Livello oggetto compromesso? A critical API vulnerability where improper access controls allow attackers to manipulate or access objects belonging to...
M
- Che cos'e Manomissione Risorse API? The unauthorized modification or manipulation of API resources, typically by altering request parameters or payloads to ...
- Che cos'e Mappatura dei controlli? The process of linking controls to regulatory, policy, or framework requirements to demonstrate compliance and facilitat...
- Che cos'e Mappatura dei controlli? The process of aligning cryptographic or PKI controls with regulatory frameworks, standards, or organizational requireme...
- Che cos'e Mappatura dei dati? The structured process of identifying, documenting, and connecting the flow of data elements across systems, application...
- Che cos'e Mappatura dei processi? A systematic technique for visually documenting and analyzing business or IT processes, their sequence, stakeholders, in...
- Che cos'e Mappatura dei processi? A structured method of visually documenting and analyzing processes, including their steps, controls, and responsible pa...
- Che cos'e Mappatura delle politiche? The process in PKI where certificate policies from one CA are mapped to equivalent policies in another, allowing interop...
- Che cos'e Mappatura di Identità Federata? A process that links a user’s identity and credentials across multiple trusted identity providers, enabling Single Sign-...
- Che cos'e Mappatura di Identità Federata? A process that links user identities from external or partner identity providers to local systems, enabling single sign-...
- Che cos'e Mappatura Identità Risorsa? The process of associating digital resources (such as VMs, APIs, or storage objects) with unique, verifiable identities ...
- Che cos'e Marcatura temporale? The process of recording the exact date and time that a digital document or transaction was created or signed, often wit...
- Che cos'e Marcatura temporale dei pacchetti? The process of attaching accurate time information to network packets for logging, monitoring, forensic analysis, and la...
- Che cos'e Markup di Asserzione di Sicurezza? An XML-based framework (SAML) for exchanging authentication and authorization data between security domains, commonly us...
- Che cos'e Matrice del Rischio? A graphical tool that maps risk likelihood and impact to prioritize mitigation and support risk management decisions.
- Che cos'e Maturità dei controlli? A measure of how well an internal control is designed, implemented, and operating as intended to mitigate risk and meet ...
- Che cos'e Meccanismo di Logout Improprio? A logout process that fails to fully invalidate all session tokens and authentication artifacts, allowing potential sess...
- Che cos'e Memorizzazione Impropria di Segreti? A vulnerability where sensitive secrets, such as API keys or passwords, are stored in insecure locations, such as plaint...
- Che cos'e Metrica di esposizione? A quantitative value representing the degree of risk, visibility, or attack surface present in PKI or cryptographic asse...
- Che cos'e Minimizzazione dei dati? The principle and practice of limiting personal or sensitive data collection, processing, and retention to only what is ...
- Che cos'e Mirroring del Traffico Cloud? A cloud-native capability that duplicates network traffic to analysis tools for monitoring, threat detection, and compli...
- Che cos'e Mitigazione automatizzata delle minacce? The use of automated controls, tools, and workflows to detect, respond to, and neutralize cyber threats in real time, mi...
- Che cos'e Mitigazione degli attacchi di replay? Security controls implemented to detect and prevent replay attacks, where previously valid data transmissions are malici...
- Che cos'e Mitigazione degli exploit? Technical and procedural controls implemented to reduce or eliminate the risk of exploitation of vulnerabilities in cryp...
- Che cos'e Mitigazione degli Incidenti? Targeted actions taken to reduce the immediate and long-term impact of a security incident, including containment, eradi...
- Che cos'e Mitigazione dei reindirizzamenti aperti? Security controls that detect and prevent web applications from redirecting users to untrusted external URLs, reducing t...
- Che cos'e Mitigazione delle Minacce Persistenti? A set of proactive and reactive controls aimed at detecting, containing, and eradicating advanced persistent threats (AP...
- Che cos'e Mitigazione dell’Evasione dell’Hypervisor? A set of security controls and techniques that prevent or detect attempts by virtual machines to break out of hypervisor...
- Che cos'e Modellazione delle minacce? A structured methodology to identify, analyze, and address potential threats and vulnerabilities in information systems ...
- Che cos'e Modellazione delle Minacce? A structured process for identifying, prioritizing, and evaluating potential threats and vulnerabilities to an organizat...
- Che cos'e Modellazione delle minacce? A structured process to identify, categorize, and prioritize potential threats to cryptographic systems or PKI deploymen...
- Che cos'e Modellazione percorso di attacco? The systematic mapping and simulation of possible routes an adversary might take to compromise assets, used to assess ri...
- Che cos'e Modello di certificato? A predefined configuration for certificate attributes and extensions, used by CAs to automate and standardize certificat...
- Che cos'e Modello di governance? A documented structure that defines roles, responsibilities, decision-making processes, and authority for managing infor...
- Che cos'e Modulo Piattaforma Fidato? A hardware security chip designed to securely store cryptographic keys, certificates, and perform integrity checks to en...
- Che cos'e Monitoraggio abuso API? Continuous observation and analysis of API traffic to detect misuse patterns, abuse, or automated attacks, such as scrap...
- Che cos'e Monitoraggio Accesso alle Credenziali? The process of continuously tracking, analyzing, and alerting on access to credentials (passwords, tokens, secrets) in o...
- Che cos'e Monitoraggio Continuo? Ongoing real-time observation and analysis of security controls and risks to ensure timely detection of threats and comp...
- Che cos'e Monitoraggio Continuo della Conformità? The ongoing process of automatically assessing systems, configurations, and user activities to ensure adherence to regul...
- Che cos'e Monitoraggio della remediation? The ongoing process of monitoring and managing corrective actions taken to resolve identified security or compliance iss...
- Che cos'e Monitoraggio della sicurezza? Continuous observation, collection, and analysis of security events and data across information systems to detect threat...
- Che cos'e Monitoraggio delle correzioni? The process of monitoring and documenting the status and effectiveness of actions taken to correct identified vulnerabil...
- Che cos'e Monitoraggio dell’Integrità dell’Host? Continuous assessment of a host system’s files, processes, and configurations to detect unauthorized changes, tampering,...
- Che cos'e Monitoraggio Est-Ovest? Continuous inspection and analysis of lateral (intra-network) data flows within an organization's internal environment t...
- Che cos'e Motore delle minacce? An automated software module that aggregates, analyzes, and correlates threat intelligence related to cryptographic or P...
- Che cos'e Motore di classificazione del traffico? A system or module that automatically identifies, categorizes, and labels network traffic based on protocols, applicatio...
- Che cos'e Motore di scansione? A dedicated software module or appliance that performs automated vulnerability, compliance, or configuration scans on cr...
N
- Che cos'e Networking Sicuro dei Container? The practice of applying security controls, segmentation, and encrypted communication to the networking layer between co...
- Che cos'e Nome soggetto? The distinguished name (DN) in a digital certificate that uniquely identifies the certificate holder or entity, as speci...
- Che cos'e Notifica dell’incidente? The act of formally informing stakeholders, management, or regulatory bodies about a detected or ongoing security incide...
- Che cos'e Notifica di Minaccia? Official communication to stakeholders regarding the discovery or presence of a specific cyber threat, often required by...
- Che cos'e Notifica di rischio? A formal alert generated to inform stakeholders of emerging or realized PKI or cryptographic risks, often automated with...
- Che cos'e Notifica di Sicurezza? The formal process of communicating significant security events or incident statuses to designated stakeholders or regul...
- Che cos'e Notifica di Violazione? The formal process of informing affected parties, regulators, and other stakeholders about a confirmed data breach, in a...
O
- Che cos'e Obiettivo di controllo? A specific statement of the desired result or purpose that a control is intended to achieve, forming the basis for asses...
- Che cos'e Obsolescenza della versione API? The process and risk associated with retiring or deprecating old API versions, often resulting in unsupported endpoints ...
- Che cos'e OCSP stapling? A TLS extension that allows servers to send a time-stamped OCSP response for their certificate during handshake, improvi...
- Che cos'e Oggetto diretto insicuro? A vulnerability where applications expose internal object references, such as file or database keys, directly to users w...
- Che cos'e Operazioni di Cyber-Deception? Deliberate use of decoys, traps, and misinformation within an organization's environment to detect, divert, and analyze ...
- Che cos'e Operazioni di Sicurezza? All coordinated activities performed in a Security Operations Center (SOC) to monitor, detect, investigate, and respond ...
- Che cos'e Oracolo casuale? A theoretical black box model that responds to every unique query with a truly random response, used as an idealized com...
- Che cos'e Orchestrazione della Sicurezza? The automated coordination and integration of security tools, processes, and workflows to accelerate response and improv...
- Che cos'e Orchestrazione di risposta adattiva? The automated coordination and execution of security responses that dynamically adjust based on incident severity and co...
- Che cos'e Origine del percorso BGP? The original source Autonomous System (AS) that advertises a specific IP prefix into the global BGP routing table, valid...
P
- Che cos'e Padding della firma? A method of formatting a message or hash before digital signature creation, used to prevent certain attacks and ensure c...
- Che cos'e Percorso del certificato? An ordered sequence of certificates from the end-entity certificate to a trusted root certificate, used to establish tru...
- Che cos'e Percorso di attacco? A sequence or route by which a threat actor progresses through vulnerabilities, misconfigurations, or controls in crypto...
- Che cos'e Perdita di Dati? The unintended or unauthorized destruction, corruption, or loss of data, potentially resulting in business disruption or...
- Che cos'e Perimetro Definito dal Software? A cybersecurity framework that dynamically creates one-to-one network connections between users and resources using iden...
- Che cos'e Periodo di validità? The designated timeframe during which a cryptographic certificate or key is considered valid and trusted for use, after ...
- Che cos'e Pianificazione della resilienza? The strategic process of designing and implementing measures to ensure an organization can adapt, recover, and continue ...
- Che cos'e Piano di correzione? A documented set of actions, responsibilities, and timelines designed to resolve identified cryptographic or PKI vulnera...
- Che cos'e Piano di Mitigazione? A documented strategy detailing specific actions and controls to reduce the likelihood or impact of identified risks.
- Che cos'e Piano di monitoraggio? A documented approach outlining processes, tools, and responsibilities for continuously observing and assessing security...
- Che cos'e Piano di rimedio? A formal strategy that outlines actions, responsibilities, and timelines to correct identified security or compliance de...
- Che cos'e Piano di Rimedio? A documented set of actions designed to eliminate the root cause and effects of a security incident, restore affected sy...
- Che cos'e Piano di Risposta? A documented strategy outlining procedures, roles, responsibilities, and communications for responding to cybersecurity ...
- Che cos'e Piattaforma di Protezione dei Carichi di Lavoro? A cloud-native security solution that provides visibility and real-time protection for workloads—such as virtual machine...
- Che cos'e Piattaforma fidata? A computing environment equipped with hardware and software components (e.g., TPM, secure boot) designed to ensure integ...
- Che cos'e Pinning dei Certificati Cloud? A security technique that restricts applications or devices to accept only specific trusted certificates or public keys ...
- Che cos'e Pinning del certificato? A security technique that restricts which certificates are considered valid for a particular service or domain, by stori...
- Che cos'e Pivoting di Threat Intelligence? The analytic process of using one indicator (such as an IP, domain, or hash) as a starting point to discover related thr...
- Che cos'e Playbook di Sicurezza? A documented set of repeatable incident response procedures and decision trees tailored to specific threat scenarios or ...
- Che cos'e Playbook di threat hunting? A documented, repeatable procedure outlining hypothesis-driven threat hunting steps, data sources, detection logic, and ...
- Che cos'e Politica di Accesso Condizionale? A security rule that grants or blocks access to resources based on specific conditions such as user location, device pos...
- Che cos'e Politica di certificato? A set of rules and practices that indicates the applicability of a certificate to a particular community or class of app...
- Che cos'e Politica di Condivisione delle Risorse? A set of security rules and access controls governing how digital resources such as data, storage, and APIs are shared a...
- Che cos'e Politica di conservazione? A documented set of rules defining how long information or records must be retained to comply with regulatory, legal, or...
- Che cos'e Politica di emissione? A formal document or set of rules that defines the procedures and requirements for issuing digital certificates within a...
- Che cos'e Politica di firma? A set of technical and procedural requirements governing the creation, validation, and management of digital signatures ...
- Che cos'e Politica di gestione delle credenziali? A formal set of rules and procedures for creating, storing, rotating, and revoking authentication credentials to ensure ...
- Che cos'e Politica di Isolamento dei Carichi di Lavoro? A security policy that enforces strict logical and sometimes physical separation of workloads to prevent unauthorized ac...
- Che cos'e Politica di Microsegmentazione? A granular security approach that divides networks into isolated segments at the workload or application level, enforcin...
- Che cos'e Politica di Microsegmentazione? A set of rules that define fine-grained network zones and enforce isolation between workloads to limit lateral movement.
- Che cos'e Politica di Quarantena degli Endpoint? A defined set of rules for isolating endpoints that exhibit suspicious or non-compliant behavior to prevent them from ac...
- Che cos'e Politica di Quarantena degli Endpoint? A formalized set of procedures and controls for isolating endpoints exhibiting signs of compromise or non-compliance fro...
- Che cos'e Politica di Sicurezza Serverless? A set of security controls and guidelines specifically designed to protect serverless computing architectures by restric...
- Che cos'e Politica di Whitelisting delle Applicazioni? A security control that restricts the execution of software to only pre-approved applications, preventing unauthorized o...
- Che cos'e Politica Firewall Host? A defined set of rules and configurations that control inbound and outbound network traffic at the individual host or VM...
- Che cos'e Port Knocking Dinamico? A security technique requiring a dynamic, pre-defined sequence of connection attempts to specific ports before granting ...
- Che cos'e Posizione di sicurezza? The overall status of an organization’s cybersecurity policies, controls, capabilities, and readiness to detect, prevent...
- Che cos'e Postura di Sicurezza Cloud? The overall security status and configuration of cloud services, assets, and workloads in accordance with organizational...
- Che cos'e Prevenzione degli exploit? A set of technical and procedural controls to proactively prevent exploitation of vulnerabilities in cryptographic and P...
- Che cos'e Prevenzione del Movimento Laterale? Techniques and controls designed to detect and stop an adversary’s efforts to move laterally within a network after init...
- Che cos'e Prevenzione della diffusione dei segreti? The implementation of processes and tools to prevent sensitive secrets—such as API keys, credentials, and certificates—f...
- Che cos'e Prevenzione della Fuga dal Contenitore? Security controls and mechanisms implemented to prevent processes within a container from breaching isolation boundaries...
- Che cos'e Prevenzione della Perdita di Dati? A suite of technologies and policies designed to detect, monitor, and prevent the unauthorized transmission or disclosur...
- Che cos'e Prevenzione della perdita di token? Measures and controls implemented to prevent authentication or authorization tokens from being inadvertently exposed, in...
- Che cos'e Prevenzione Intrusione Host? A security solution deployed on host systems to proactively detect, block, and log malicious activity, such as exploits ...
- Che cos'e Prevenzione Replay dei Token? Security controls and techniques that ensure tokens, such as authentication or session tokens, cannot be reused by attac...
- Che cos'e Prioritizzazione degli alert? The process of ranking and categorizing security alerts based on risk, relevance, and organizational impact, to enable e...
- Che cos'e Prioritizzazione degli Incidenti? The classification and ranking of security incidents based on risk, severity, and potential business impact to determine...
- Che cos'e Prioritizzazione dei rischi? The process of ranking identified risks based on their likelihood, potential impact, and organizational risk appetite to...
- Che cos'e Prioritizzazione dei rischi? The structured process of ranking risks to cryptographic and PKI systems based on likelihood, impact, and exposure, to g...
- Che cos'e Prioritizzazione delle vulnerabilità? The process of ranking discovered cryptographic and PKI vulnerabilities according to risk, exploitability, business impa...
- Che cos'e Processo di controllo? A series of coordinated actions and procedures implemented to manage and mitigate risk by enforcing policies and securit...
- Che cos'e Processo di Indagine? A structured series of analytical steps undertaken by security teams to determine the scope, cause, and impact of a cybe...
- Che cos'e Processo di Validazione HMAC? A procedure using Hash-based Message Authentication Code (HMAC) to verify data integrity and authenticity during transmi...
- Che cos'e Processore crittografico? A hardware device or chip specifically designed to perform cryptographic operations such as encryption, decryption, sign...
- Che cos'e Profilazione del traffico anomalo? The identification and categorization of network traffic patterns that deviate from established baselines to detect pote...
- Che cos'e Prontezza agli Incidenti? The proactive state of an organization’s people, processes, and technology to efficiently detect, respond to, and recove...
- Che cos'e Prontezza di Risposta? The state of preparedness of personnel, processes, and technology to quickly and effectively respond to cybersecurity in...
- Che cos'e Propensione al rischio? The level and type of risk an organization is willing to accept in pursuit of its objectives, as formally defined by sen...
- Che cos'e Protezione contro il replay di sessione? Controls and mechanisms designed to prevent attackers from capturing and reusing legitimate session tokens or data packe...
- Che cos'e Protezione contro la ripetizione di testo cifrato? A security mechanism that detects and blocks the reuse of captured ciphertext to prevent replay attacks in encrypted com...
- Che cos'e Protezione da Manomissione Endpoint? A security feature that prevents unauthorized users or malware from disabling, modifying, or bypassing endpoint security...
- Che cos'e Protezione dalle Minacce API? A set of security mechanisms designed to detect, block, and mitigate malicious activity targeting application programmin...
- Che cos'e Protocollo di Attestazione Remota? A cryptographic protocol that enables a verifier to remotely validate the integrity and trustworthiness of a device or s...
- Che cos'e Protocollo di Federazione dell'Identità? A standardized mechanism allowing multiple organizations or domains to securely share and validate user identities using...
- Che cos'e Provisioning degli utenti? The process of creating, managing, and assigning user accounts and privileges within an organization's IT systems in acc...
- Che cos'e Proxy consapevole dell'identità? A security proxy that enforces access controls and authentication based on user or device identity before allowing acces...
- Che cos'e Proxy di terminazione TLS? A network device or service that decrypts incoming TLS traffic at the network edge, forwarding unencrypted traffic inter...
- Che cos'e Punteggio di Fiducia Dispositivo? A security metric that evaluates the trustworthiness of a device based on hardware, software, configuration, compliance ...
- Che cos'e Punteggio di rischio? The quantitative or qualitative assignment of a value to a risk, based on the likelihood and impact of vulnerabilities w...
- Che cos'e Punteggio di Rischio Dinamico? A continuous process that calculates the real-time security risk posed by users, devices, or applications based on behav...
- Che cos'e Punto di decisione della politica? A logical component in access control architectures (e.g., ABAC, RBAC) that evaluates access requests against policy rul...
Q
- Che cos'e Quadro della segretezza diretta? A cryptographic protocol property ensuring that compromise of long-term keys does not compromise past session keys, as r...
- Che cos'e Quadro delle politiche? A structured set of overarching policies, standards, and guidelines that governs how information security, compliance, a...
- Che cos'e Quadro di conformità? An integrated system of standards, guidelines, and procedures designed to help an organization meet all relevant legal, ...
- Che cos'e Quadro di responsabilità? A structured set of responsibilities, roles, and processes that ensure individuals and teams are answerable for security...
R
- Che cos'e Raccolta delle prove? The systematic process of gathering digital artifacts, logs, devices, or other data relevant to a security incident, fol...
- Che cos'e Raccolta forense degli endpoint? The process of acquiring and preserving digital evidence from cloud or on-premises endpoints in a manner consistent with...
- Che cos'e Radice hardware di fiducia? A cryptographic foundation embedded in hardware (e.g., TPM, HSM, or secure enclave) that provides immutable security anc...
- Che cos'e Randomizzazione delle porte effimere? A technique where ephemeral (temporary) TCP/UDP ports are assigned randomly to reduce the risk of port prediction attack...
- Che cos'e Rapporto di correzione? A formal document detailing the corrective actions taken to address identified cryptographic or PKI vulnerabilities, inc...
- Che cos'e Recupero chiave? A controlled process for restoring lost or inaccessible cryptographic keys, typically from a secure backup or escrow, fo...
- Che cos'e Recupero dell'incidente? The coordinated set of actions taken to restore systems, operations, and services to normal functioning after a security...
- Che cos'e Registrazione degli audit? The process of recording security-related events, operations, or accesses within a cryptographic or PKI environment to p...
- Che cos'e Registrazione degli audit? The systematic recording of events and user actions in information systems to enable traceability, accountability, and f...
- Che cos'e Registrazione degli eventi di sicurezza? The systematic recording of security-related activities, alerts, and incidents within systems or networks to support det...
- Che cos'e Registrazione degli Incidenti? The systematic recording of incident details, timelines, actions taken, and outcomes to ensure transparency, facilitate ...
- Che cos'e Registrazione delle Attività Cloud? The process of capturing, storing, and analyzing logs of user actions, system events, and resource access within cloud e...
- Che cos'e Registrazione delle Sessioni Privilegiate? The logging and monitoring of all actions performed during privileged sessions, such as administrative or root access, t...
- Che cos'e Registro dei rischi? A central repository listing identified organizational risks, their likelihood, impact, mitigation actions, and responsi...
- Che cos'e Replay di attacco? The process of re-enacting a recorded or theoretical attack vector against PKI or cryptographic systems to test detectio...
- Che cos'e Replay di attacco? A controlled reproduction of a previously observed or simulated attack scenario targeting cryptographic or PKI assets, u...
- Che cos'e Report di conformità? The process of preparing and delivering evidence-based reports to demonstrate adherence to regulatory, legal, and contra...
- Che cos'e Reporting dei rischi? The process of collecting, analyzing, and communicating information about risk exposures, controls, and mitigation activ...
- Che cos'e Resistenza quantistica? The property of cryptographic algorithms to withstand attacks by quantum computers, typically achieved by using post-qua...
- Che cos'e Responsabilità dei dati? The assignment of responsibility for the management, oversight, and protection of data assets to designated individuals ...
- Che cos'e Restrizione API Privilegiata? Controls that limit access to sensitive API endpoints or functions to only those users or services with explicit privile...
- Che cos'e Restrizione Audience JWT? A security control ensuring a JWT token is only accepted by the intended recipients (audiences), preventing token reuse ...
- Che cos'e Rete di Sicurezza Microservizi? A distributed security framework that provides consistent identity, policy enforcement, and encrypted communication acro...
- Che cos'e Rete Overlay Sicura? A logically separated, secured network built on top of an existing network to provide enhanced security controls and iso...
- Che cos'e Revisione degli Incidenti? A structured post-incident process for evaluating the effectiveness of detection, response, and recovery measures to ide...
- Che cos'e Revisione dei Controlli? An assessment of security controls to determine their effectiveness, adequacy, and proper implementation within the orga...
- Che cos'e Revisione delle Politiche? A formal and systematic evaluation of organizational policies to ensure their adequacy, effectiveness, and compliance wi...
- Che cos'e Revisione delle Politiche? A formal and systematic evaluation of organizational policies to ensure their adequacy, effectiveness, and compliance wi...
- Che cos'e Revisione normativa? A systematic evaluation of processes, policies, and controls to ensure alignment with applicable regulatory requirements...
- Che cos'e Riassemblaggio frammenti IP? The process of reconstructing fragmented IP packets into their original form for delivery, inspection, or security analy...
- Che cos'e Ricerca di exploit? The investigative process of analyzing, discovering, and documenting methods by which vulnerabilities in PKI or cryptogr...
- Che cos'e Ricertificazione degli accessi? A formal process to periodically review and validate user access rights to systems and data to ensure only authorized pe...
- Che cos'e Richiesta di token? A formal operation in which a client requests an authentication or authorization token from an identity provider or secu...
- Che cos'e Riduzione del raggio di impatto? Limiting the potential impact of a security breach by isolating assets and implementing controls that constrain the effe...
- Che cos'e Riduzione del rischio? The application of technical, administrative, or physical controls in cryptographic and PKI environments to lower the li...
- Che cos'e Riesame della direzione? A formal evaluation conducted by senior management to assess the adequacy and effectiveness of security, compliance, and...
- Che cos'e Rilevamento degli Incidenti? The process of identifying potential or actual security incidents in an IT environment by monitoring logs, events, and n...
- Che cos'e Rilevamento del percorso laterale? The process of identifying unauthorized lateral movement within a network, typically by monitoring for abnormal access o...
- Che cos'e Rilevamento del tunneling DNS? The process of monitoring and identifying covert data exfiltration or command-and-control channels hidden within DNS que...
- Che cos'e Rilevamento delle Minacce Inline? Real-time inspection of network traffic by security appliances placed directly in the data path to identify and block th...
- Che cos'e Rilevamento dell’incidente? The process of identifying and confirming security events indicating unauthorized activity or compromise of cryptographi...
- Che cos'e Rilevamento di anomalie? Anomaly Detection is the process of identifying unusual patterns, events, or activities in datasets, logs, or network tr...
- Che cos'e Rilevamento di Attacco Replay? A security mechanism to identify and block attempts where valid data transmissions are maliciously repeated or delayed, ...
- Che cos'e Rilevamento di canali occulti? The identification and monitoring of unauthorized communication channels that exploit legitimate network protocols or re...
- Che cos'e Rilevamento di Credential Stuffing? The identification and mitigation of automated attacks in which attackers use lists of compromised credentials to gain u...
- Che cos'e Rilevamento di Deviazione della Configurazione? The automated identification of unintended changes in system configurations from an approved baseline, used to prevent p...
- Che cos'e Rilevamento di exploit? The process of identifying and alerting on attempted or successful exploitation of vulnerabilities in cryptographic, PKI...
- Che cos'e Rilevamento di manomissione dei dati? Mechanisms and monitoring used to detect unauthorized or malicious modification of data in storage, transit, or processi...
- Che cos'e Rilevamento di Segreti Statici? The process of identifying hardcoded or unchanging secrets such as API keys or passwords within source code or binaries.
- Che cos'e Rilevamento e Risposta Endpoint? A cybersecurity solution that monitors, detects, and responds to threats on endpoint devices in real time, integrating t...
- Che cos'e Rilevamento e Risposta Gestiti? A managed security service that provides continuous threat monitoring, detection, investigation, and active response to ...
- Che cos'e Rimedi Basati su Policy? Automated or manual corrective actions triggered by predefined policies to mitigate detected security incidents or confi...
- Che cos'e Rinnovo del certificato? The process of issuing a new certificate for an entity before the expiration of the current certificate, maintaining con...
- Che cos'e Ripresa sessione? A TLS or secure channel mechanism that enables clients and servers to reuse a previously negotiated session state for fa...
- Che cos'e Rischio di terze parti? The exposure to potential harm or loss resulting from external vendors, suppliers, contractors, or service providers who...
- Che cos'e Rischio normativo? The potential for losses or legal penalties resulting from non-compliance with laws, regulations, or mandatory standards...
- Che cos'e Risponditore online? A network service that provides real-time certificate status information, typically using the Online Certificate Status ...
- Che cos'e Risposta agli incidenti? The structured approach to managing and addressing cybersecurity incidents, with processes for detection, containment, e...
- Che cos'e Risposta agli Incidenti? A coordinated approach to addressing and managing the aftermath of a security breach or cyberattack, with the aim of lim...
- Che cos'e Risposta agli Incidenti Cloud? A structured approach to managing and mitigating security incidents in cloud environments, including preparation, detect...
- Che cos'e Risposta al Phishing? Coordinated actions taken to detect, contain, and mitigate phishing attacks, including user notification, credential res...
- Che cos'e Risposta di Sicurezza? Coordinated activities by security personnel to mitigate, contain, and resolve identified threats or incidents in accord...
- Che cos'e Risultato della scansione? The output or findings generated by automated or manual scans of PKI or cryptographic systems for vulnerabilities, compl...
- Che cos'e Rollback della patch? The process of reverting cryptographic or PKI system components to a previous version when a deployed patch introduces i...
- Che cos'e Rollover del certificato? The managed transition from an expiring or old certificate to a new certificate in a way that minimizes service interrup...
- Che cos'e Rotazione Automatica delle Chiavi? A security control that automatically replaces cryptographic keys at predefined intervals to minimize the risk of key co...
- Che cos'e Rotazione delle chiavi? The scheduled process of replacing cryptographic keys with new keys to limit the period a compromised key can be misused...
- Che cos'e Rotazione delle chiavi? The scheduled or event-driven replacement of cryptographic keys in a system to reduce exposure from key compromise and e...
- Che cos'e Rotazione delle chiavi API? The operational practice of periodically replacing and invalidating existing API keys to minimize the risk of key compro...
S
- Che cos'e Scadenza della correzione? The maximum time allowed to fully address a vulnerability or nonconformity in PKI or cryptographic environments, as defi...
- Che cos'e Scansione del codice statico? The process of automatically analyzing source code or binaries for security vulnerabilities, coding errors, or policy vi...
- Che cos'e Scansione delle Vulnerabilità Senza Agente? A vulnerability assessment performed without installing agents on target systems, using network, API, or credentialed sc...
- Che cos'e Scansione di conformità? An automated scan of cryptographic or PKI systems to verify conformity with regulatory and industry requirements.
- Che cos'e Scansione di valutazione della compromissione? A security scan that evaluates systems for indicators of compromise (IoCs), persistent threats, or policy violations, as...
- Che cos'e Scenario delle minacce? The evolving set of potential threats, adversary capabilities, and attack vectors relevant to cryptographic and PKI ecos...
- Che cos'e Scenario di attacco? A detailed narrative describing a potential attack vector or sequence of actions that a threat actor may use to exploit ...
- Che cos'e Schema di Autorizzazione Compromesso? A security flaw where access control logic is incomplete or inconsistent, enabling unauthorized users to gain access to ...
- Che cos'e Schema di firma? A cryptographic algorithm for creating and verifying digital signatures, specifying mathematical processes and key struc...
- Che cos'e Schermatura dei Metadati dell'Istanza? A security control that prevents unauthorized access to the metadata service of virtual machine or container instances, ...
- Che cos'e Scoperta degli asset? The process of identifying and cataloging all PKI, cryptographic, or supporting assets within an organizational environm...
- Che cos'e Scoperta dell'inventario degli asset? The process of systematically identifying, cataloging, and updating all IT and OT assets within an organization's enviro...
- Che cos'e Scoperta di Shadow IT? The process of identifying unauthorized or unmanaged IT systems, applications, or services within an organization, typic...
- Che cos'e Scoperta Endpoint API? The process of identifying available API endpoints, often through automated tools or by analyzing documentation and appl...
- Che cos'e Segmentazione basata sui ruoli? A network security practice dividing network resources or data access based on user or device roles, enforcing least pri...
- Che cos'e Segmentazione della rete cloud? The practice of dividing cloud-based network environments into distinct, isolated segments to enforce security boundarie...
- Che cos'e Segmentazione della Rete Cloud? The process of dividing a cloud network into isolated segments or zones to control traffic flow and limit lateral moveme...
- Che cos'e Segmentazione di rete? The practice of dividing a computer network into subnetworks, each being a network segment, to improve security, perform...
- Che cos'e Segmentazione di Rete Virtuale? The division of a physical network into multiple logical networks using virtualization techniques to isolate traffic and...
- Che cos'e Segnalazione di Incidente? The formal communication process for notifying internal or external authorities about detected security incidents, as re...
- Che cos'e Segnalazione di Incidenti? The formal process of documenting and communicating information about detected security incidents to relevant stakeholde...
- Che cos'e Segnalazione di Incidenti? The formal process of documenting and communicating the details of a cybersecurity incident to relevant stakeholders, re...
- Che cos'e Segregazione del piano dati? The separation of the data forwarding path from management and control planes within network infrastructure to improve s...
- Che cos'e Segretezza diretta? A cryptographic property ensuring that the compromise of long-term keys does not compromise past session keys, providing...
- Che cos'e Sensore raccoglitore di flussi? A network device or software agent that passively gathers, aggregates, and forwards network flow records (such as NetFlo...
- Che cos'e Separazione dei compiti? A risk management control principle that divides critical tasks and privileges among multiple individuals to reduce oppo...
- Che cos'e Server Policy NAC? A core component of network access control (NAC) systems, responsible for evaluating endpoint posture, enforcing securit...
- Che cos'e Servizio di Gestione delle Chiavi? A centralized service or system that creates, stores, rotates, and manages cryptographic keys used for securing data at ...
- Che cos'e Servizio di iscrizione? A trusted PKI component that manages requests for digital certificates, validates identity, and issues or renews certifi...
- Che cos'e Servizio di Isolamento Browser? A security control that runs browser sessions in isolated, remote containers or sandboxes to protect endpoints from web-...
- Che cos'e Servizio di Isolamento del Browser? A security mechanism that isolates end-users’ web browsing activity from the endpoint or corporate network by running br...
- Che cos'e Servizio di tokenizzazione? A security process or managed solution that replaces sensitive data elements with non-sensitive equivalents (tokens), of...
- Che cos'e Sfruttamento assegnazione massiva? A vulnerability where an attacker assigns values to object properties that should not be directly set by the user, often...
- Che cos'e Shaping adattivo dei pacchetti? A dynamic network management technique that adjusts packet flows based on real-time bandwidth, latency, or application p...
- Che cos'e Sicurezza dei Container Applicativi? Practices and controls for securing containerized applications and environments, including image scanning, runtime prote...
- Che cos'e Sicurezza dei punti di interscambio Internet? The collective security controls, policies, and operational measures implemented at an Internet Exchange Point (IXP) to ...
- Che cos'e Sicurezza del Desktop Virtuale? Practices, controls, and technologies used to secure virtual desktop infrastructure (VDI) and virtual desktops in cloud ...
- Che cos'e Sicurezza del livello di trasporto? A cryptographic protocol designed to provide secure communication over a computer network, protecting data in transit vi...
- Che cos'e Sicurezza del Service Mesh? A set of controls, policies, and tools for ensuring secure communication, authentication, and authorization between micr...
- Che cos'e SIEM Cloud Native? A Security Information and Event Management platform built specifically for cloud architectures, offering elastic scalab...
- Che cos'e Simulazione dell’avversario? Adversary Simulation is a controlled security exercise that emulates realistic cyber attacks by mimicking the tactics, t...
- Che cos'e Simulazione di Attacco? A controlled emulation of cyberattacks against systems, networks, or people to assess security posture, validate defense...
- Che cos'e Simulazione di attacco? The process of emulating real-world cyberattacks against cryptographic infrastructure or PKI environments to evaluate de...
- Che cos'e Simulazione di exploit? A controlled emulation of exploit attempts against cryptographic or PKI vulnerabilities to assess system resilience and ...
- Che cos'e Simulazione di minaccia? The practice of emulating real-world attacks on cryptographic or PKI infrastructure to test defenses, validate response ...
- Che cos'e Soppressione degli Avvisi? The intentional filtering or silencing of specific security alerts to reduce noise from false positives and allow focus ...
- Che cos'e Sovranità dei dati? The concept that digital data is subject to the laws and governance structures within the nation where it is collected o...
- Che cos'e Split tunneling VPN? A VPN configuration that allows some traffic to be routed through the secure VPN tunnel while other traffic accesses the...
- Che cos'e Stato delle patch? The documented and regularly updated record of the deployment, verification, and compliance of cryptographic or PKI-rela...
- Che cos'e Stato di revoca? The current validity state of a digital certificate, indicating whether it has been revoked by the issuing certificate a...
- Che cos'e Stato di revoca? The current validity state of a digital certificate as determined by a recognized Certificate Authority (CA), typically ...
- Che cos'e Stato online? In cryptography/PKI, refers to the real-time validity of a digital certificate or credential as determined by protocols ...
- Che cos'e Strategia di Contenimento? A set of planned actions and measures taken to limit the spread and impact of a cybersecurity incident, preventing furth...
- Che cos'e Strategia di Difesa a Strati? An approach that uses multiple, overlapping security controls at different layers (network, application, endpoint) to pr...
- Che cos'e Strategia di mitigazione? A structured approach involving technical, administrative, or procedural controls to reduce the likelihood or impact of ...
- Che cos'e Strategia di sicurezza? A high-level plan that defines how an organization will protect its information assets, meet regulatory obligations, and...
- Che cos'e Strategia di throttling delle API? A structured approach to limit the number of API requests made by a client or IP within a specified timeframe, preventin...
- Che cos'e Strumentazione dinamica del codice? The process of inserting monitoring hooks or logic into running code to analyze application behavior, detect anomalies, ...
- Che cos'e Suite di cifratura? A named set of cryptographic algorithms used to negotiate security settings in network protocols like TLS, including key...
- Che cos'e Superficie di attacco? The sum of all points in a cryptographic or PKI environment where an unauthorized user could attempt to enter data, extr...
- Che cos'e Supervisione della conformità? Ongoing supervision and review of an organization's compliance with laws, regulations, policies, and contractual obligat...
- Che cos'e Supervisione della sicurezza? The ongoing supervision and review of security policies, controls, and processes to ensure effective risk management and...
T
- Che cos'e Tagging delle Risorse Cloud? The process of assigning metadata labels to cloud resources to facilitate access management, cost allocation, compliance...
- Che cos'e Tap del tessuto di visibilità? A hardware or virtual device that creates a copy of network traffic for out-of-band monitoring, analytics, and security ...
- Che cos'e Telemetria di sicurezza? Security Telemetry refers to the automated collection, transmission, and aggregation of security-relevant data—such as l...
- Che cos'e Tentativo di exploit? An unauthorized action or sequence initiated by a threat actor to actively test or leverage a cryptographic or PKI vulne...
- Che cos'e Test delle credenziali? The process of validating the strength, configuration, and authenticity of credentials used within cryptographic or PKI ...
- Che cos'e Test di penetrazione? An authorized and controlled simulated attack on cryptographic and PKI systems, conducted to identify exploitable vulner...
- Che cos'e Test di sicurezza? The process of evaluating cryptographic, PKI, and supporting systems for compliance with security requirements, through ...
- Che cos'e Threat Hunting? A proactive and iterative search through networks, endpoints, and datasets to detect and isolate advanced threats that e...
- Che cos'e Ticket di sessione? A data structure issued by a server to a client in TLS to enable stateless session resumption by encapsulating keying ma...
- Che cos'e Titolarità dei dati? The formal assignment of authority and accountability for data assets to specific individuals or roles within an organiz...
- Che cos'e Titolarità del rischio? The assignment of accountability and authority for managing identified risks to a specific individual or organizational ...
- Che cos'e Token hardware? A physical device, such as a USB or smart card, used to store cryptographic keys and perform authentication or signing o...
- Che cos'e Tolleranza al Rischio? The amount and type of risk an organization is willing to accept in pursuit of its objectives, as defined in risk manage...
- Che cos'e Traccia di audit? A chronological record of system activities and user actions, providing documented evidence to support accountability, t...
- Che cos'e Tracciamento degli Incidenti? The systematic process of recording, updating, and monitoring security incidents throughout their lifecycle to ensure ac...
- Che cos'e Tracciato di audit insufficiente? A deficiency in logging or tracking system activities that undermines the ability to reconstruct security events, invest...
- Che cos'e Transito Segmentato Microservizi? A network architecture approach in which communications between microservices are isolated into distinct, secured segmen...
- Che cos'e Trasporto Rigido MTA? An email security policy (MTA-STS) that enforces strict encrypted transport (typically via TLS) between Mail Transfer Ag...
- Che cos'e Triage di Evento? The process of rapidly classifying, prioritizing, and assigning security events for investigation based on impact, sever...
- Che cos'e Triaging degli Alert? The systematic process of evaluating, prioritizing, and categorizing security alerts based on severity, credibility, and...
- Che cos'e Tunnel privato virtuale? A secure, encrypted connection established over a public or untrusted network, forming a logical link that protects data...
V
- Che cos'e Validazione Allerta? The process of verifying whether a security alert is genuine, actionable, and relevant, typically by correlating with ad...
- Che cos'e Validazione del certificato client? A process that verifies the authenticity and trustworthiness of client certificates during mutual TLS connections, enabl...
- Che cos'e Validazione del contratto API? The process of verifying that an API’s requests and responses strictly conform to the documented interface specification...
- Che cos'e Validazione del modulo crittografico? The formal process of testing and certifying that a cryptographic module meets defined security standards such as FIPS 1...
- Che cos'e Validazione del nonce di replay? A security mechanism that ensures a unique nonce value is included and validated in each request or transaction, protect...
- Che cos'e Validazione dell'indirizzo sorgente? The process of verifying that the source IP address of a packet is legitimate and not spoofed, typically enforced at net...
- Che cos'e Validazione dell'integrità del percorso? A set of mechanisms that verify the authenticity and correctness of network routing information to prevent route hijacki...
- Che cos'e Validazione della catena? The process of verifying each certificate in a chain from the end entity up to the root CA, ensuring all links are trust...
- Che cos'e Validazione della catena DNSSEC? The process of verifying each link in the DNSSEC signature chain from root to record to ensure domain name authenticity ...
- Che cos'e Validazione della conformità? The formal process of testing and confirming that systems, processes, and controls meet regulatory, contractual, and pol...
- Che cos'e Validazione della conformità? The systematic confirmation that cryptographic, PKI, and supporting systems conform to relevant standards, policies, and...
- Che cos'e Validazione della logica aziendale? The process of systematically verifying application workflows and rules to ensure that implemented business logic enforc...
- Che cos'e Validazione della patch? The process of confirming through controlled testing that a security patch applied to cryptographic modules or PKI compo...
- Che cos'e Validazione della scadenza del token? The process of checking the expiration date and time of authentication or authorization tokens to ensure that expired to...
- Che cos'e Validazione exploit? The process of confirming, through controlled testing, that a discovered vulnerability in a cryptographic or PKI system ...
- Che cos'e Valore di salt? A random value added to data, typically passwords, before hashing to ensure that identical inputs produce different hash...
- Che cos'e Valore nonce? A randomly or pseudo-randomly generated number used only once in a cryptographic communication to prevent replay attacks...
- Che cos'e Valutazione degli exploit? The evaluation of identified vulnerabilities in cryptographic or PKI assets to determine the likelihood and potential im...
- Che cos'e Valutazione dei controlli? A formal evaluation of the design and effectiveness of security controls to determine whether they are operating as inte...
- Che cos'e Valutazione dei controlli? A systematic assessment of technical and procedural security controls in cryptographic and PKI environments to determine...
- Che cos'e Valutazione dei fornitori? A structured evaluation of third-party providers’ security, compliance, and risk management practices prior to and durin...
- Che cos'e Valutazione del rischio? The process of assessing the potential impact and likelihood of identified risks to determine their significance and gui...
- Che cos'e Valutazione dell'impatto? A systematic analysis of the consequences that an identified risk or incident could have on business operations, assets,...
- Che cos'e Valutazione della compromissione? Compromise Assessment is the comprehensive evaluation of an organization’s systems, networks, and data to identify evide...
- Che cos'e Valutazione della gravità? A standardized scale or categorization of the impact and urgency of vulnerabilities or incidents affecting cryptographic...
- Che cos'e Valutazione della Postura del Dispositivo? The evaluation of a device's security state, such as patch levels, configurations, and presence of security controls, be...
- Che cos'e Valutazione della sicurezza? A systematic evaluation of the security posture of systems, networks, and processes to identify vulnerabilities, threats...
- Che cos'e Valutazione delle lacune? A structured review that compares current security controls and practices against required standards or frameworks to id...
- Che cos'e Valutazione delle minacce? A structured process for identifying, evaluating, and prioritizing potential threats to an organization's assets, operat...
- Che cos'e Valutazione delle minacce? A structured process for identifying, analyzing, and prioritizing potential threats to an organization's assets, operati...
- Che cos'e Valutazione delle sanzioni? The formal process of determining and imposing financial or legal penalties for non-compliance with regulatory or contra...
- Che cos'e Valutazione delle Vulnerabilità? A systematic process for identifying, classifying, and evaluating vulnerabilities in information systems, cryptographic ...
- Che cos'e Valutazione di baseline? A comprehensive evaluation of the security posture of PKI and cryptographic systems against established industry baselin...
- Che cos'e Verifica della correzione? The process of confirming that actions taken to correct cryptographic or PKI vulnerabilities are effective and that affe...
- Che cos'e Verifica della firma JWT? The process of validating the cryptographic signature of a JSON Web Token (JWT) to ensure its integrity and authenticity...
- Che cos'e Verifica delle patch? The process of confirming that applied patches to cryptographic, PKI, or related systems have been correctly installed, ...
- Che cos'e Verifica di avvio sicuro? A cryptographic process that ensures only trusted, signed firmware and software are loaded during system startup, preven...
- Che cos'e Vettore di attacco? A specific method or pathway by which a threat actor attempts to exploit vulnerabilities in cryptographic or PKI infrast...
- Che cos'e Violazione della Politica di Sicurezza? Any action or event that contravenes an established information security policy or standard, triggering investigation or...
- Che cos'e Violazione di Politica? An act or omission that breaches or contradicts an established organizational policy, potentially leading to disciplinar...
- Che cos'e Vulnerabilità dell’asset? A weakness in a cryptographic, PKI, or related system asset that could be exploited by a threat actor to compromise conf...
W
- Che cos'e Workflow di Incidente? A structured sequence of tasks and escalation steps followed during the lifecycle of a security incident, from detection...
- Che cos'e Wrapping Funzioni Serverless? The security practice of encapsulating serverless functions within wrappers or middleware to enforce policy, perform inp...
Z
- Che cos'e Zero-Day? A vulnerability in PKI or cryptographic systems that is unknown to the vendor and for which no official patch or mitigat...
- Che cos'e Zona di interfaccia non attendibile? A designated network segment where interfaces connect to untrusted networks or devices, typically requiring strict secur...
Learn All Cybersecurity English Terms Free
Master every term with native pronunciation, IPA transcriptions and career quizzes. 100% free, forever.
Download Free for iOS