Cybersecurity English
Cybersecurity English Glossary
677 professional cybersecurity english terms with definitions, pronunciation and examples. Learn what each term means — free with Termify.
А
- Что такое Автоматизация безопасности? Security Automation is the application of technology to perform repetitive or time-sensitive security operations tasks—s...
- Что такое Автоматизация обнаружения активов? The automated identification and inventory of all devices, cloud resources, software, and services within an organizatio...
- Что такое Автоматизация оркестрации безопасности? The integration and automation of security processes, tools, and workflows to accelerate detection, investigation, and r...
- Что такое Автоматизация плейбука? The automated execution of predefined incident response actions and workflows using orchestration tools, reducing manual...
- Что такое Автоматизация тестирования? The application of automated tools and scripts to perform repeatable, consistent validation of cryptographic functions, ...
- Что такое Автоматизированное смягчение угроз? The use of automated controls, tools, and workflows to detect, respond to, and neutralize cyber threats in real time, mi...
- Что такое Автоматизированное управление патчами? A systematic approach that uses software tools to automatically identify, acquire, test, and deploy security patches acr...
- Что такое Автоматизированный обмен индикаторами? The automatic exchange of cyber threat indicators between organizations and trusted partners using standardized formats ...
- Что такое Автоматизированный поиск угроз? The continuous, proactive, and algorithm-driven search for threats and anomalies in an environment, using automated tool...
- Что такое Автоматическая ротация ключей? A security control that automatically replaces cryptographic keys at predefined intervals to minimize the risk of key co...
- Что такое Авторизация на уровне функций? A control mechanism that verifies a user’s or system’s permission for each specific API endpoint or business function be...
- Что такое Агрегация журналов? Log Aggregation is the process of collecting and centralizing logs from diverse systems, applications, and devices into ...
- Что такое Агрегация сетевой телеметрии? The collection, normalization, and consolidation of network telemetry data (such as flow records, logs, or metrics) from...
- Что такое Адаптивное формирование пакетов? A dynamic network management technique that adjusts packet flows based on real-time bandwidth, latency, or application p...
- Что такое Адаптивный контроль доступа? A dynamic security mechanism that adjusts access decisions in real-time based on user behavior, device health, risk cont...
- Что такое Алгоритм подписи? A cryptographic algorithm used to generate and verify digital signatures, ensuring data authenticity and integrity, such...
- Что такое Анализ воздействия? The process of identifying and evaluating the potential consequences and business impacts of threats, incidents, or poli...
- Что такое Анализ воздействия? A structured assessment of the potential consequences or business disruption resulting from the exploitation of vulnerab...
- Что такое Анализ вредоносного ПО? The process of examining malicious software to understand its behavior, intent, origin, and potential impact on affected...
- Что такое Анализ журналов? The process of examining and interpreting system, application, and security logs to detect, investigate, and respond to ...
- Что такое Анализ зависимостей кода? The process of examining software dependencies for known vulnerabilities, outdated components, or license compliance iss...
- Что такое Анализ захвата пакетов? The process of collecting and analyzing network packet data to detect threats, troubleshoot issues, and validate securit...
- Что такое Анализ инцидента? A structured post-incident process for evaluating the effectiveness of detection, response, and recovery measures to ide...
- Что такое Анализ инцидентов? The comprehensive examination and assessment of a security incident to determine its cause, scope, impact, and lessons l...
- Что такое Анализ поведения во время выполнения? Continuous monitoring and assessment of applications’ or systems’ activities during execution to detect anomalies or thr...
- Что такое Анализ политики? A formal and systematic evaluation of organizational policies to ensure their adequacy, effectiveness, and compliance wi...
- Что такое Анализ политики? A formal and systematic evaluation of organizational policies to ensure their adequacy, effectiveness, and compliance wi...
- Что такое Анализ рисков? The systematic process of identifying, evaluating, and prioritizing risks to organizational assets, considering likeliho...
- Что такое Анализ Сетевых Потоков? The process of collecting, monitoring, and analyzing metadata about network traffic flows to detect anomalies and threat...
- Что такое Анализ угроз? Threat Analysis is the systematic evaluation of potential and actual cyber threats by assessing threat actor capabilitie...
- Что такое Анализ экспозиции? Systematic evaluation of cryptographic or PKI assets and their attack surface to determine points of exposure to vulnera...
- Что такое Аналитика безопасности? Security Analytics refers to the use of advanced data analysis techniques, including machine learning and statistical mo...
- Что такое Аналитика злоупотреблений API? The use of data analysis techniques to monitor, identify, and report on abnormal or malicious usage patterns within API ...
- Что такое Аналитика поведения пользователей? Advanced analytics that monitor and analyze user activity patterns to detect insider threats, compromised accounts, and ...
- Что такое Аналитика угроз? Evidence-based knowledge about existing and emerging threats, derived from analysis of indicators, adversary behavior, a...
- Что такое Аналитика угроз? Curated, actionable knowledge regarding cryptographic or PKI-related threats, including adversary tactics, relevant indi...
- Что такое Аномалия сетевого поведения? An observed deviation from established patterns of normal network activity that may indicate the presence of malicious a...
- Что такое Антикризисное управление? Coordinated organizational actions and communication aimed at containing, resolving, and recovering from severe security...
- Что такое Аппаратный корень доверия? A cryptographic foundation embedded in hardware (e.g., TPM, HSM, or secure enclave) that provides immutable security anc...
- Что такое Аппаратный токен? A physical device, such as a USB or smart card, used to store cryptographic keys and perform authentication or signing o...
- Что такое Аппетит к риску? The level and type of risk an organization is willing to accept in pursuit of its objectives, as formally defined by sen...
- Что такое Архив эксплойтов? A centralized and curated repository of documented exploits relevant to cryptographic or PKI environments, used for thre...
- Что такое Архитектура Zero Trust? A security model that assumes no implicit trust is granted to systems or users inside or outside the network; verificati...
- Что такое Архитектура нулевого доверия? A security model based on the principle that no user, device, or network component should be trusted by default. Enforce...
- Что такое Архитектура Нулевого Доверия? A security model centered on the assumption that no user or device, inside or outside the network perimeter, is trusted ...
- Что такое Атака на подделку параметров? An attack technique where an adversary manipulates input parameters in client requests to alter application behavior, by...
- Что такое Атака ретрансляции аутентификации? A cyberattack in which authentication credentials are intercepted and forwarded (relayed) to impersonate a legitimate us...
- Что такое Атрибутный сертификат? A digital certificate that binds attribute information (such as roles or permissions) to a subject, separate from the id...
- Что такое Атрибуция угроз? Threat Attribution is the analytical process of linking a detected cyber threat, campaign, or incident to a specific act...
- Что такое Аттестация доступа? A formal, periodic review process in which managers or data owners attest that users have the appropriate levels of acce...
- Что такое Аттестация состояния конечной точки? A process by which the health state of an endpoint device is cryptographically measured and validated before it is allow...
- Что такое Аудит безопасности? A formal, systematic review of an organization’s information systems, controls, and procedures to verify their effective...
- Что такое Аудит безопасности? A formal, systematic review and verification of cryptographic and PKI processes, controls, and compliance with standards...
- Что такое Аудит доступа в облаке? Systematic logging and analysis of access events in cloud environments to ensure compliance, detect anomalies, and suppo...
- Что такое Аудит соответствия? A systematic, independent review to determine whether activities and related results comply with planned arrangements, p...
- Что такое Аудиторский журнал? The systematic recording of events and user actions in information systems to enable traceability, accountability, and f...
- Что такое Аудиторский комитет? A formally established group within an organization tasked with oversight of financial reporting, internal controls, ris...
- Что такое Аудиторский след? A chronological record of system activities and user actions, providing documented evidence to support accountability, t...
Б
- Что такое База уязвимостей? A centralized, authoritative repository cataloging known cryptographic and PKI-related vulnerabilities, including CVEs, ...
- Что такое Базовая оценка? A comprehensive evaluation of the security posture of PKI and cryptographic systems against established industry baselin...
- Что такое Базовый уровень безопасной настройки? A documented set of secure settings and parameters for systems or applications, serving as a reference point for complia...
- Что такое Базовый уровень безопасности? A documented set of minimum security controls or configurations established as a standard for systems, services, or proc...
- Что такое Базовый уровень безопасности? A set of minimum security controls and configurations established for cryptographic or PKI systems to ensure compliance ...
- Что такое Безагентное сканирование уязвимостей? A vulnerability assessment performed without installing agents on target systems, using network, API, or credentialed sc...
- Что такое Безопасная контейнерная сеть? The practice of applying security controls, segmentation, and encrypted communication to the networking layer between co...
- Что такое Безопасная оверлейная сеть? A logically separated, secured network built on top of an existing network to provide enhanced security controls and iso...
- Что такое Безопасная пересылка пакетов? The practice of transmitting data packets across networks in a manner that maintains confidentiality, integrity, and aut...
- Что такое Безопасностная телеметрия? Security Telemetry refers to the automated collection, transmission, and aggregation of security-relevant data—such as l...
- Что такое Безопасностное оповещение? Automated or manual notification process by which a security system or analyst informs relevant personnel of detected su...
- Что такое Безопасность виртуального рабочего стола? Practices, controls, and technologies used to secure virtual desktop infrastructure (VDI) and virtual desktops in cloud ...
- Что такое Безопасность интернет-обмена? The collective security controls, policies, and operational measures implemented at an Internet Exchange Point (IXP) to ...
- Что такое Безопасность контейнеров приложений? Practices and controls for securing containerized applications and environments, including image scanning, runtime prote...
- Что такое Безопасность сервисной сетки? A set of controls, policies, and tools for ensuring secure communication, authentication, and authorization between micr...
- Что такое Безопасность транспортного уровня? A cryptographic protocol designed to provide secure communication over a computer network, protecting data in transit vi...
- Что такое Безопасный канал? A communication path protected by cryptographic means, ensuring confidentiality, integrity, and authentication of data i...
- Что такое Безопасный командный канал? An encrypted, authenticated communication pathway used for transmitting privileged commands or control signals, as descr...
- Что такое Безопасный пограничный шлюз? A security-hardened network device or configuration that manages and filters traffic entering or leaving the network per...
- Что такое Безопасный почтовый шлюз? A dedicated security appliance or cloud service that monitors, filters, and blocks malicious email content (spam, phishi...
- Что такое Блокировка вредоносного трафика? Automated or manual actions taken to identify and prevent the flow of network traffic identified as malicious, including...
- Что такое Блокировка вредоносных скриптов? The detection and prevention of unauthorized, harmful scripts (such as JavaScript, PowerShell, or macros) from executing...
- Что такое Блочный шифр? A symmetric key encryption algorithm that encrypts data in fixed-size blocks, such as AES and 3DES.
- Что такое Брокер безопасности SaaS? A security model and technology platform that intermediates access between enterprise users and SaaS applications, enfor...
- Что такое Брокер облачного доступа? A security policy enforcement point between cloud service users and providers that ensures enterprise security requireme...
В
- Что такое Валидация бизнес-логики? The process of systematically verifying application workflows and rules to ensure that implemented business logic enforc...
- Что такое Валидация контракта API? The process of verifying that an API’s requests and responses strictly conform to the documented interface specification...
- Что такое Валидация криптографического модуля? The formal process of testing and certifying that a cryptographic module meets defined security standards such as FIPS 1...
- Что такое Валидация оповещения? The process of verifying whether a security alert is genuine, actionable, and relevant, typically by correlating with ad...
- Что такое Ввод PIN-кода? The act of securely entering a personal identification number (PIN) into a trusted hardware or software interface for au...
- Что такое Ведение аудита? The process of recording security-related events, operations, or accesses within a cryptographic or PKI environment to p...
- Что такое Вектор атаки? A specific method or pathway by which a threat actor attempts to exploit vulnerabilities in cryptographic or PKI infrast...
- Что такое Взаимная аутентификация? A security process in which both entities in a communication verify each other's identities, typically using digital cer...
- Что такое Взаимное шифрование транспорта? Encryption mechanism where both endpoints authenticate each other and establish encrypted transport, as defined in NIST ...
- Что такое Виртуальное развертывание патча? The process of applying security controls, such as firewall rules or IPS signatures, to mitigate vulnerabilities without...
- Что такое Виртуальное частное облако? A logically isolated section of a public cloud where organizations can launch resources in a virtual network that they d...
- Что такое Виртуальный частный туннель? A secure, encrypted connection established over a public or untrusted network, forming a logical link that protects data...
- Что такое Владение данными? The formal assignment of authority and accountability for data assets to specific individuals or roles within an organiz...
- Что такое Владение риском? The assignment of accountability and authority for managing identified risks to a specific individual or organizational ...
- Что такое Влияние на бизнес? The effect or consequence an incident, risk, or change has on an organization's operations, assets, individuals, or repu...
- Что такое Влияние на конфиденциальность? The effect of a process, project, or system on the privacy of individuals, often measured and documented through a forma...
- Что такое Внедрение процесса? A technique used by attackers or legitimate tools to inject code into the address space of another process, enabling cod...
- Что такое Возможность обнаружения? Detection Capability is the measure of an organization's ability to identify and recognize cyber threats, malicious acti...
- Что такое Возобновление сессии? A TLS or secure channel mechanism that enables clients and servers to reuse a previously negotiated session state for fa...
- Что такое Восстановление ключа? A controlled process for restoring lost or inaccessible cryptographic keys, typically from a secure backup or escrow, fo...
- Что такое Восстановление после инцидента? The coordinated set of actions taken to restore systems, operations, and services to normal functioning after a security...
- Что такое Восточно-западный мониторинг? Continuous inspection and analysis of lateral (intra-network) data flows within an organization's internal environment t...
- Что такое Временная маркировка пакетов? The process of attaching accurate time information to network packets for logging, monitoring, forensic analysis, and la...
- Что такое Встроенное Обнаружение Угроз? Real-time inspection of network traffic by security appliances placed directly in the data path to identify and block th...
Г
- Что такое Генерация одноразового числа? The process of generating a unique, unpredictable, and usually random number (nonce) used once per cryptographic protoco...
- Что такое Гибридная облачная федерация? The operational model enabling secure interoperability and resource management across multiple private and public cloud ...
- Что такое Гибридное шифрование? A cryptographic approach that combines asymmetric and symmetric encryption to leverage the advantages of both for secure...
- Что такое Горячая линия по этике? A confidential reporting mechanism that allows employees and third parties to report ethical or compliance concerns anon...
- Что такое Готовность к инцидентам? The proactive state of an organization’s people, processes, and technology to efficiently detect, respond to, and recove...
- Что такое Готовность к реагированию? The state of preparedness of personnel, processes, and technology to quickly and effectively respond to cybersecurity in...
- Что такое Граница доверия третьих лиц? A defined security demarcation between an organization’s internal systems and those of third-party entities, used to enf...
Д
- Что такое Дайджест сообщения? A fixed-length, unique output value generated by applying a cryptographic hash function to a message, used for verifying...
- Что такое Данные суверенитета? The concept that digital data is subject to the laws and governance structures within the nation where it is collected o...
- Что такое Движок классификации трафика? A system or module that automatically identifies, categorizes, and labels network traffic based on protocols, applicatio...
- Что такое Движок угроз? An automated software module that aggregates, analyzes, and correlates threat intelligence related to cryptographic or P...
- Что такое Делегирование согласия OAuth? Process by which a resource owner grants a client application delegated access to protected resources, based on explicit...
- Что такое Динамическая инструментализация кода? The process of inserting monitoring hooks or logic into running code to analyze application behavior, detect anomalies, ...
- Что такое Динамический порт-нокинг? A security technique requiring a dynamic, pre-defined sequence of connection attempts to specific ports before granting ...
- Что такое Динамическое оценивание риска? A continuous process that calculates the real-time security risk posed by users, devices, or applications based on behav...
- Что такое Доверенная платформа? A computing environment equipped with hardware and software components (e.g., TPM, secure boot) designed to ensure integ...
- Что такое Доказательство смягчения? Documented proof that specific technical or administrative actions have effectively addressed and reduced the risk of cr...
- Что такое Доказательство устранения? Documented proof that a PKI or cryptographic vulnerability or deficiency has been addressed and corrective actions were ...
- Что такое Документация по политике? The comprehensive collection and maintenance of all written policies, procedures, and standards governing security, risk...
- Что такое Документирование инцидента? The detailed and systematic recording of all relevant information, actions, decisions, and evidence related to a cyberse...
- Что такое Документирование оповещений? The detailed recording of all relevant information about a security alert, including source, analysis, actions, and outc...
- Что такое Доступ по требованию? A privileged access management method that grants users temporary, time-bound, and auditable access rights to critical s...
Ж
- Что такое Жизненный цикл машинной идентификации? The complete set of processes for creating, managing, renewing, and retiring machine identities (e.g., certificates, key...
- Что такое Жизненный цикл оповещения? The sequence of phases that a security alert undergoes, from initial detection and triage through investigation, escalat...
- Что такое Журналирование активности в облаке? The process of capturing, storing, and analyzing logs of user actions, system events, and resource access within cloud e...
- Что такое Журналирование событий безопасности? The systematic recording of security-related activities, alerts, and incidents within systems or networks to support det...
З
- Что такое Загрязнение параметров HTTP? A web security vulnerability where multiple HTTP parameters with the same name are sent in a single request, potentially...
- Что такое Закрытие инцидента? The formal completion and documentation of all response activities for a security incident, ensuring lessons learned and...
- Что такое Закрытый ключ? A confidential cryptographic key in an asymmetric key pair, used to sign or decrypt data, and must be kept secret to mai...
- Что такое Запись привилегированных сессий? The logging and monitoring of all actions performed during privileged sessions, such as administrative or root access, t...
- Что такое Запрос токена? A formal operation in which a client requests an authentication or authorization token from an identity provider or secu...
- Что такое Защита метаданных экземпляра? A security control that prevents unauthorized access to the metadata service of virtual machine or container instances, ...
- Что такое Защита от вмешательства на конечных точках? A security feature that prevents unauthorized users or malware from disabling, modifying, or bypassing endpoint security...
- Что такое Защита от воспроизведения шифротекста? A security mechanism that detects and blocks the reuse of captured ciphertext to prevent replay attacks in encrypted com...
- Что такое Защита от захвата аккаунта? Security measures designed to detect and prevent unauthorized access to user accounts, including the use of MFA, behavio...
- Что такое Защита от захвата сессии? Countermeasures and controls implemented to detect, prevent, and respond to session hijacking attacks, such as session f...
- Что такое Защита от повторного воспроизведения сессии? Controls and mechanisms designed to prevent attackers from capturing and reusing legitimate session tokens or data packe...
- Что такое Защита от подбора учетных данных? Measures and technologies to detect, block, and mitigate automated login attempts using stolen or reused username-passwo...
- Что такое Защита от угроз API? A set of security mechanisms designed to detect, block, and mitigate malicious activity targeting application programmin...
- Что такое Зеркалирование облачного трафика? A cloud-native capability that duplicates network traffic to analysis tools for monitoring, threat detection, and compli...
- Что такое Злоумышленник? An individual, group, or entity with the intent, capability, and opportunity to exploit vulnerabilities in cryptographic...
- Что такое Злоупотребление бизнес-логикой? The exploitation of legitimate business logic in applications to gain unauthorized advantages, often bypassing technical...
- Что такое Значение nonce? A randomly or pseudo-randomly generated number used only once in a cryptographic communication to prevent replay attacks...
- Что такое Зона недоверенных интерфейсов? A designated network segment where interfaces connect to untrusted networks or devices, typically requiring strict secur...
- Что такое Зрелость контроля? A measure of how well an internal control is designed, implemented, and operating as intended to mitigate risk and meet ...
И
- Что такое Идентификатор издателя? A unique value or distinguished name that identifies the Certificate Authority (CA) or entity that issues a digital cert...
- Что такое Избыточное раскрытие данных? A security weakness where APIs expose more data than necessary to clients, increasing the risk of sensitive information ...
- Что такое Извлечение ключа? The process of obtaining a cryptographic key from a hardware or software source, typically for backup, migration, or for...
- Что такое Изоляционное сдерживание хоста? A network defense strategy to restrict or cut off network access for a compromised or suspicious host to prevent lateral...
- Что такое Изоляция гостевой ОС? The practice of isolating virtual machines (guests) from each other and from the host system to prevent unauthorized acc...
- Что такое Изоляция между арендаторами? Security controls that strictly separate data, processes, and resources among different tenants in multi-tenant cloud or...
- Что такое Изоляция при реагировании на инцидент? The process of isolating or restricting the impact of an active security incident to prevent further spread, as describe...
- Что такое Изоляция привилегированных сессий? The separation and monitoring of administrative sessions from standard user sessions to prevent misuse of privileged acc...
- Что такое Изоляция среды выполнения контейнера? A set of controls and configurations that ensure each running container is logically and physically separated from other...
- Что такое Изоляция хоста? The process of removing a compromised or suspicious host from the network to prevent lateral movement and further compro...
- Что такое Имитация атаки? A controlled emulation of cyberattacks against systems, networks, or people to assess security posture, validate defense...
- Что такое Имитация противника? Adversary Simulation is a controlled security exercise that emulates realistic cyber attacks by mimicking the tactics, t...
- Что такое Импорт ключа? The process of securely bringing a cryptographic key into a software or hardware cryptographic module, typically in comp...
- Что такое Имя субъекта? The distinguished name (DN) in a digital certificate that uniquely identifies the certificate holder or entity, as speci...
- Что такое Инвентаризация активов? A comprehensive list of all information assets within an organization, including hardware, software, data, and supportin...
- Что такое Инвентаризация активов? A comprehensive, up-to-date record of all hardware, software, certificates, cryptographic modules, and other PKI-relevan...
- Что такое Индикатор риска? A measurable signal or metric used to identify, quantify, or monitor risks affecting cryptographic or PKI assets, suppor...
- Что такое Инжиниринг обнаружения? The discipline of designing, implementing, and tuning security monitoring rules, analytics, and automation to identify t...
- Что такое Инспекция зашифрованного трафика? A process that enables the examination of encrypted network traffic to detect threats, enforce policies, and prevent dat...
- Что такое Интеграция службы аттестации? The process of connecting systems to trusted attestation services that validate the integrity and security posture of cl...
- Что такое Интеллект конечных угроз? The real-time collection and analysis of threat indicators and adversary tactics from endpoint devices to enhance detect...
- Что такое Интроспекция токена OAuth? A protocol mechanism defined in RFC 7662 that allows resource servers to query an authorization server about the status ...
- Что такое Инфраструктура PKI? A system of hardware, software, policies, and procedures needed to create, manage, distribute, use, store, and revoke di...
- Что такое Исключение из патча? A formally documented decision to temporarily or permanently not apply a specific patch to a PKI or cryptographic system...
- Что такое Исключение из политики? A formally approved, documented deviation from an established security policy, typically granted on a temporary basis wi...
- Что такое Исследование эксплойтов? The investigative process of analyzing, discovering, and documenting methods by which vulnerabilities in PKI or cryptogr...
- Что такое Источник маршрута BGP? The original source Autonomous System (AS) that advertises a specific IP prefix into the global BGP routing table, valid...
К
- Что такое Канал командного управления? A communications channel used by attackers or malware to issue instructions to compromised hosts, or by defenders for au...
- Что такое Картирование данных? The structured process of identifying, documenting, and connecting the flow of data elements across systems, application...
- Что такое Картирование процессов? A systematic technique for visually documenting and analyzing business or IT processes, their sequence, stakeholders, in...
- Что такое Картирование процессов? A structured method of visually documenting and analyzing processes, including their steps, controls, and responsible pa...
- Что такое Каталог угроз? A structured and curated inventory of recognized PKI or cryptographic threats, attack vectors, and related mitigation st...
- Что такое Категоризация активов? The process of classifying PKI and cryptographic assets based on value, criticality, sensitivity, and role within the or...
- Что такое Категоризация инцидентов? Incident Categorization is the process of classifying security events or incidents based on type, severity, impact, and ...
- Что такое Квантовая стойкость? The property of cryptographic algorithms to withstand attacks by quantum computers, typically achieved by using post-qua...
- Что такое Классификация активов? The process of categorizing cryptographic, PKI, and related assets based on sensitivity, criticality, and regulatory req...
- Что такое Классификация безопасности? The categorization of data or assets based on sensitivity, value, and required level of protection, typically in alignme...
- Что такое Классификация данных? The process of categorizing data based on its sensitivity, value, and the impact to the organization if disclosed, alter...
- Что такое Классификация данных? The systematic process of categorizing information based on sensitivity, criticality, and regulatory requirements to det...
- Что такое Ключ издателя? The private key held by a Certificate Authority (CA) or issuer used to sign digital certificates and assert trust in a P...
- Что такое Ключ субъекта? The cryptographic public key associated with the subject of a digital certificate, used to verify signatures or encrypt ...
- Что такое Кодекс поведения? A formal set of ethical and behavioral guidelines that define acceptable and unacceptable actions for personnel within a...
- Что такое Коллизия хеша? An event where two different inputs produce the same output hash value from a cryptographic hash function, undermining d...
- Что такое Комитет по управлению? A formal group of executives and stakeholders responsible for overseeing information security, compliance, and risk mana...
- Что такое Коммуникация по инцидентам? The timely and coordinated exchange of information about an incident’s status, impact, and response among internal teams...
- Что такое Компрометация учетных данных? The unauthorized disclosure or leak of authentication credentials or cryptographic secrets (such as private keys or cert...
- Что такое Контейнер ключей? A logical or physical storage area used to hold cryptographic keys, often protected by access controls and used in softw...
- Что такое Контекст уязвимости? The operational, environmental, and architectural conditions under which a cryptographic or PKI vulnerability may be pre...
- Что такое Контроль безопасности? The ongoing supervision and review of security policies, controls, and processes to ensure effective risk management and...
- Что такое Контроль выдачи себя за пользователя? Mechanisms and safeguards that prevent or detect unauthorized use of a legitimate user's identity within a system or app...
- Что такое Контроль доступа к хранилищу? Policies and mechanisms that restrict and monitor access to data storage systems, ensuring only authorized users or appl...
- Что такое Контроль за соблюдением? Ongoing supervision and review of an organization's compliance with laws, regulations, policies, and contractual obligat...
- Что такое Контроль Защиты Границы? Security mechanisms (e.g., firewalls, gateways) deployed at network perimeters to monitor and filter inbound and outboun...
- Что такое Контроль канонизации ввода? Processes that convert various possible input formats to a standard, canonical form before validation, helping to preven...
- Что такое Контроль конфиденциального логирования? Procedures and mechanisms to ensure that confidential or regulated information is never written to logs, reducing the ri...
- Что такое Контроль местонахождения данных? Policies and technical mechanisms that ensure organizational data is stored, processed, and managed in specific legal or...
- Что такое Контроль соответствия? A specific policy, process, or technical measure implemented to ensure an organization meets applicable legal, regulator...
- Что такое Контроль уровня интерфейса? A security control that enforces policy, filtering, or access restrictions at a specific network interface, segmenting a...
- Что такое Контроль эфемерных экземпляров? Security controls and automation for governing short-lived, temporary compute instances to prevent persistence, limit at...
- Что такое Контрольная сумма ключа? A value derived from a cryptographic key using a checksum or hash algorithm, used to verify the integrity or correctness...
- Что такое Контрольный процесс? A series of coordinated actions and procedures implemented to manage and mitigate risk by enforcing policies and securit...
- Что такое Координация реагирования? The structured management and collaboration among teams and stakeholders to ensure efficient containment, eradication, a...
- Что такое Координация реагирования? Response Coordination is the organized management of communication, task allocation, and resource deployment among stake...
- Что такое Корневая причина? The fundamental underlying reason or origin of a security incident, breach, or operational failure, identified through s...
- Что такое Корневое хранилище? A trusted repository of root CA certificates used by operating systems and applications to validate the trustworthiness ...
- Что такое Корневой сертификат? A self-signed digital certificate that identifies a trusted Certificate Authority (CA) at the apex of a certification ch...
- Что такое Корневой удостоверяющий центр? The top-level Certificate Authority (CA) in a PKI hierarchy whose root certificate is self-signed and serves as the ulti...
- Что такое Корректирующее действие? Steps taken to eliminate the cause of a detected security incident, restore affected systems, and strengthen defenses to...
- Что такое Корреляция облачной активности? The process of linking and analyzing disparate cloud events, logs, and telemetry to detect patterns indicative of threat...
- Что такое Корреляция оповещений? Alert Correlation is the process of analyzing and linking related security alerts from different sources or systems to i...
- Что такое Корреляция событий? The process of analyzing and combining related security events from multiple sources to identify patterns indicative of ...
- Что такое Корреляция угроз? The analytical process of aggregating and comparing multiple data points from diverse sources to identify relationships ...
- Что такое Кран видимости сети? A hardware or virtual device that creates a copy of network traffic for out-of-band monitoring, analytics, and security ...
- Что такое Криптоаналитическая атака? A method of attacking cryptographic systems by analyzing the algorithms and ciphertexts to extract secret keys or plaint...
- Что такое Криптокомплаенс? Adherence to laws, regulations, and standards that govern cryptographic practices, algorithm usage, and key management, ...
- Что такое Криптопроцессор? A hardware device or chip specifically designed to perform cryptographic operations such as encryption, decryption, sign...
- Что такое Кураторство данных? The assignment of responsibility for the management, oversight, and protection of data assets to designated individuals ...
Л
- Что такое Ландшафт угроз? The evolving set of potential threats, adversary capabilities, and attack vectors relevant to cryptographic and PKI ecos...
- Что такое Логирование инцидентов? The systematic recording of incident details, timelines, actions taken, and outcomes to ensure transparency, facilitate ...
- Что такое Локализация инцидента? The actions taken to limit the impact of a security incident by isolating affected systems, preventing lateral movement,...
М
- Что такое Маршрутизируемое развертывание IPsec? An implementation of IPsec that leverages routing protocols to establish secure tunnels between network endpoints, suppo...
- Что такое Матрица рисков? A graphical tool that maps risk likelihood and impact to prioritize mitigation and support risk management decisions.
- Что такое Межарендный доступ? The mechanism by which users, services, or applications are granted permission to access resources across different isol...
- Что такое Мера по устранению? A specific corrective step taken to address a vulnerability, nonconformity, or security finding in cryptographic or PKI ...
- Что такое Меры по предотвращению выхода из гипервизора? A set of security controls and techniques that prevent or detect attempts by virtual machines to break out of hypervisor...
- Что такое Метрика экспозиции? A quantitative value representing the degree of risk, visibility, or attack surface present in PKI or cryptographic asse...
- Что такое Минимизация данных? The principle and practice of limiting personal or sensitive data collection, processing, and retention to only what is ...
- Что такое Митигирующий контроль? A technical or procedural safeguard implemented to reduce the likelihood or impact of cryptographic or PKI-related risks...
- Что такое Многофакторная аутентификация? A security mechanism requiring users to present two or more independent forms of evidence (factors) to verify their iden...
- Что такое Моделирование атаки? The process of emulating real-world cyberattacks against cryptographic infrastructure or PKI environments to evaluate de...
- Что такое Моделирование путей атаки? The systematic mapping and simulation of possible routes an adversary might take to compromise assets, used to assess ri...
- Что такое Моделирование угроз? A structured methodology to identify, analyze, and address potential threats and vulnerabilities in information systems ...
- Что такое Моделирование угроз? A structured process for identifying, prioritizing, and evaluating potential threats and vulnerabilities to an organizat...
- Что такое Моделирование угроз? A structured process to identify, categorize, and prioritize potential threats to cryptographic systems or PKI deploymen...
- Что такое Модель управления? A documented structure that defines roles, responsibilities, decision-making processes, and authority for managing infor...
- Что такое Модуль доверенной платформы? A hardware security chip designed to securely store cryptographic keys, certificates, and perform integrity checks to en...
- Что такое Мониторинг безопасности? Continuous observation, collection, and analysis of security events and data across information systems to detect threat...
- Что такое Мониторинг доступа к учетным данным? The process of continuously tracking, analyzing, and alerting on access to credentials (passwords, tokens, secrets) in o...
- Что такое Мониторинг злоупотреблений API? Continuous observation and analysis of API traffic to detect misuse patterns, abuse, or automated attacks, such as scrap...
- Что такое Мониторинг целостности хоста? Continuous assessment of a host system’s files, processes, and configurations to detect unauthorized changes, tampering,...
Н
- Что такое Наблюдательный совет? A governing committee or group responsible for strategic direction, oversight, and monitoring of the organization’s risk...
- Что такое Набор шифров? A named set of cryptographic algorithms used to negotiate security settings in network protocols like TLS, including key...
- Что такое Назначение VLAN карантина? The process of isolating endpoints identified as compromised or non-compliant by assigning them to a dedicated VLAN with...
- Что такое Назначение ключа? A certificate extension that defines the allowed cryptographic operations for the associated key, such as digital signat...
- Что такое Нарушение политики? An act or omission that breaches or contradicts an established organizational policy, potentially leading to disciplinar...
- Что такое Нарушение политики безопасности? Any action or event that contravenes an established information security policy or standard, triggering investigation or...
- Что такое Нарушение потока аутентификации? A security flaw in authentication workflows allowing users to bypass, disrupt, or abuse login and identity verification ...
- Что такое Нарушение управления доступом? A critical security flaw where access restrictions are incorrectly implemented, enabling users to perform actions or acc...
- Что такое Нарушенная схема авторизации? A security flaw where access control logic is incomplete or inconsistent, enabling unauthorized users to gain access to ...
- Что такое Нарушенное криптографическое хранение? A vulnerability where sensitive data is improperly encrypted, decrypted, or stored using weak cryptographic algorithms, ...
- Что такое Настольное учение? A discussion-based incident response simulation where team members review and role-play their actions and decisions for ...
- Что такое Небезопасная десериализация? A vulnerability where untrusted or tampered data is deserialized without proper validation, potentially leading to remot...
- Что такое Небезопасный прямой объект? A vulnerability where applications expose internal object references, such as file or database keys, directly to users w...
- Что такое Недостаточность контроля? A weakness in the design or operation of a control that prevents it from effectively mitigating risk or achieving compli...
- Что такое Недостаточный аудит-трек? A deficiency in logging or tracking system activities that undermines the ability to reconstruct security events, invest...
- Что такое Неправильная конфигурация безопасности? A common vulnerability where systems, servers, or applications are deployed with insecure default settings, incomplete c...
- Что такое Неправильная обработка ошибок? Failure to securely process or sanitize application errors, leading to information disclosure or security bypass opportu...
- Что такое Неправильное ограничение скорости? A security weakness where APIs or web services do not sufficiently restrict the frequency or volume of requests, allowin...
- Что такое Неправильное совместное использование ресурсов? A security risk where system resources are shared without proper isolation or access controls, leading to unintended dat...
- Что такое Неправильное управление кэшем? Failure to configure cache settings securely, leading to the unintended storage or exposure of sensitive data in shared ...
- Что такое Неправильное хранение секретов? A vulnerability where sensitive secrets, such as API keys or passwords, are stored in insecure locations, such as plaint...
- Что такое Неправильный механизм выхода? A logout process that fails to fully invalidate all session tokens and authentication artifacts, allowing potential sess...
- Что такое Неправильный учёт активов? A failure to maintain a complete, accurate, and up-to-date list of all hardware, software, and cloud assets, leading to ...
- Что такое Непреднамеренное раскрытие информации? The accidental or unauthorized exposure of sensitive data due to flawed application logic, misconfigurations, or insuffi...
- Что такое Непрерывность бизнеса? A holistic management process that identifies potential threats and ensures organizational resilience by planning for co...
- Что такое Непрерывный контроль соответствия? The ongoing process of automatically assessing systems, configurations, and user activities to ensure adherence to regul...
- Что такое Непрерывный мониторинг? Ongoing real-time observation and analysis of security controls and risks to ensure timely detection of threats and comp...
О
- Что такое Облачная разведка угроз? The process of gathering, analyzing, and operationalizing information about cloud-specific threats, adversary tactics, a...
- Что такое Облачный SIEM? A Security Information and Event Management platform built specifically for cloud architectures, offering elastic scalab...
- Что такое Обнаружение DNS-туннелирования? The process of monitoring and identifying covert data exfiltration or command-and-control channels hidden within DNS que...
- Что такое Обнаружение активов? The process of identifying and cataloging all PKI, cryptographic, or supporting assets within an organizational environm...
- Что такое Обнаружение аномалий? Anomaly Detection is the process of identifying unusual patterns, events, or activities in datasets, logs, or network tr...
- Что такое Обнаружение атаки повторной передачи? A security mechanism to identify and block attempts where valid data transmissions are maliciously repeated or delayed, ...
- Что такое Обнаружение и реагирование на конечных точках? A cybersecurity solution that monitors, detects, and responds to threats on endpoint devices in real time, integrating t...
- Что такое Обнаружение инвентаря активов? The process of systematically identifying, cataloging, and updating all IT and OT assets within an organization's enviro...
- Что такое Обнаружение инцидента? The process of identifying and confirming security events indicating unauthorized activity or compromise of cryptographi...
- Что такое Обнаружение инцидентов? The process of identifying potential or actual security incidents in an IT environment by monitoring logs, events, and n...
- Что такое Обнаружение конечных точек API? The process of identifying available API endpoints, often through automated tools or by analyzing documentation and appl...
- Что такое Обнаружение латеральных путей? The process of identifying unauthorized lateral movement within a network, typically by monitoring for abnormal access o...
- Что такое Обнаружение отклонения конфигурации? The automated identification of unintended changes in system configurations from an approved baseline, used to prevent p...
- Что такое Обнаружение подбора учетных данных? The identification and mitigation of automated attacks in which attackers use lists of compromised credentials to gain u...
- Что такое Обнаружение подделки данных? Mechanisms and monitoring used to detect unauthorized or malicious modification of data in storage, transit, or processi...
- Что такое Обнаружение скрытых каналов? The identification and monitoring of unauthorized communication channels that exploit legitimate network protocols or re...
- Что такое Обнаружение статических секретов? The process of identifying hardcoded or unchanging secrets such as API keys or passwords within source code or binaries.
- Что такое Обнаружение теневого ИТ? The process of identifying unauthorized or unmanaged IT systems, applications, or services within an organization, typic...
- Что такое Обнаружение эксплойта? The process of identifying and alerting on attempted or successful exploitation of vulnerabilities in cryptographic, PKI...
- Что такое Обогащение оповещений? The process of adding contextual information to security alerts, such as asset details, user context, or threat intellig...
- Что такое Обработка данных? The processes and procedures for collecting, processing, storing, transmitting, and disposing of data in a secure and co...
- Что такое Обработка инцидента? The comprehensive process of managing a cybersecurity incident from initial detection through analysis, containment, era...
- Что такое Обработка инцидентов? A structured set of procedures used by security teams to address, manage, and resolve cybersecurity incidents, including...
- Что такое Обработка исключений? The systematic process of identifying, logging, resolving, and reporting deviations from expected information security o...
- Что такое Обработка предварительных запросов? The process of managing HTTP preflight requests (OPTIONS method) sent by browsers to check CORS permissions before the a...
- Что такое Обучение безопасности? Instructional activities designed to equip personnel with the knowledge and skills to recognize, prevent, and respond to...
- Что такое Обучение осведомлённости? Education provided to personnel to raise awareness about security risks, threats, and safe practices, often as part of c...
- Что такое Обход ограничения скорости? A technique or vulnerability where attackers evade rate limiting controls to send more requests than intended, potential...
- Что такое Обёртывание безсерверной функции? The security practice of encapsulating serverless functions within wrappers or middleware to enforce policy, perform inp...
- Что такое Обёртывание ключа? The process of encrypting one cryptographic key with another key to securely transport or store keys, typically used for...
- Что такое Ограничение аудитории JWT? A security control ensuring a JWT token is only accepted by the intended recipients (audiences), preventing token reuse ...
- Что такое Ограничение привилегированных API? Controls that limit access to sensitive API endpoints or functions to only those users or services with explicit privile...
- Что такое Ограничение скорости API? A security control mechanism that restricts the number of API requests from a user or client within a specified timefram...
- Что такое Окно эксплуатации? The period between public disclosure of a cryptographic or PKI vulnerability and the application of effective remediatio...
- Что такое Окно экспозиции? The time period during which cryptographic or PKI assets remain susceptible to exploitation due to the existence of unpa...
- Что такое Онлайн-ответчик? A network service that provides real-time certificate status information, typically using the Online Certificate Status ...
- Что такое Онлайн-статус? In cryptography/PKI, refers to the real-time validity of a digital certificate or credential as determined by protocols ...
- Что такое Операции безопасности? All coordinated activities performed in a Security Operations Center (SOC) to monitor, detect, investigate, and respond ...
- Что такое Операции киберобмана? Deliberate use of decoys, traps, and misinformation within an organization's environment to detect, divert, and analyze ...
- Что такое Оповещение о неправильной конфигурации ресурса? Automated notification generated when a cloud resource, such as storage or compute, is configured in a way that exposes ...
- Что такое Оповещение о повышении привилегий? The process of generating real-time alerts whenever a user or process attempts to gain higher-level access than authoriz...
- Что такое Оповещение об эксфильтрации данных? The real-time detection and notification of unauthorized attempts to transfer sensitive or regulated data out of protect...
- Что такое Оркестрация адаптивного реагирования? The automated coordination and execution of security responses that dynamically adjust based on incident severity and co...
- Что такое Оркестрация безопасности? The automated coordination and integration of security tools, processes, and workflows to accelerate response and improv...
- Что такое Откат патча? The process of reverting cryptographic or PKI system components to a previous version when a deployed patch introduces i...
- Что такое Открытый ключ? The openly distributed cryptographic key in an asymmetric key pair, used to verify digital signatures or encrypt data fo...
- Что такое Отметка времени? The process of recording the exact date and time that a digital document or transaction was created or signed, often wit...
- Что такое Отслеживание инцидентов? The systematic process of recording, updating, and monitoring security incidents throughout their lifecycle to ensure ac...
- Что такое Отслеживание исправлений? The process of monitoring and documenting the status and effectiveness of actions taken to correct identified vulnerabil...
- Что такое Отслеживание устранения? The ongoing process of monitoring and managing corrective actions taken to resolve identified security or compliance iss...
- Что такое Отчет об исправлении? A formal document detailing the corrective actions taken to address identified cryptographic or PKI vulnerabilities, inc...
- Что такое Отчетность по рискам? The process of collecting, analyzing, and communicating information about risk exposures, controls, and mitigation activ...
- Что такое Отчетность по соответствию? The process of preparing and delivering evidence-based reports to demonstrate adherence to regulatory, legal, and contra...
- Что такое Охват сканирования? The extent to which cryptographic systems, PKI components, and related assets are included in vulnerability or configura...
- Что такое Охота на сетевые угрозы? The proactive process of searching for hidden threats or adversaries within network traffic using behavioral analytics, ...
- Что такое Оценка безопасности? A systematic evaluation of the security posture of systems, networks, and processes to identify vulnerabilities, threats...
- Что такое Оценка воздействия? A systematic analysis of the consequences that an identified risk or incident could have on business operations, assets,...
- Что такое Оценка доверия устройству? A security metric that evaluates the trustworthiness of a device based on hardware, software, configuration, compliance ...
- Что такое Оценка компрометации? Compromise Assessment is the comprehensive evaluation of an organization’s systems, networks, and data to identify evide...
- Что такое Оценка контролей? A systematic assessment of technical and procedural security controls in cryptographic and PKI environments to determine...
- Что такое Оценка контроля? A formal evaluation of the design and effectiveness of security controls to determine whether they are operating as inte...
- Что такое Оценка поставщика? A structured evaluation of third-party providers’ security, compliance, and risk management practices prior to and durin...
- Что такое Оценка пробелов? A structured review that compares current security controls and practices against required standards or frameworks to id...
- Что такое Оценка риска? The process of quantifying and prioritizing risks by assigning numerical or qualitative values based on likelihood, impa...
- Что такое Оценка риска? The quantitative or qualitative assignment of a value to a risk, based on the likelihood and impact of vulnerabilities w...
- Что такое Оценка рисков? The process of assessing the potential impact and likelihood of identified risks to determine their significance and gui...
- Что такое Оценка серьёзности? A standardized scale or categorization of the impact and urgency of vulnerabilities or incidents affecting cryptographic...
- Что такое Оценка состояния устройства? The evaluation of a device's security state, such as patch levels, configurations, and presence of security controls, be...
- Что такое Оценка угроз? A structured process for identifying, evaluating, and prioritizing potential threats to an organization's assets, operat...
- Что такое Оценка угроз? A structured process for identifying, analyzing, and prioritizing potential threats to an organization's assets, operati...
- Что такое Оценка уязвимостей? A systematic process for identifying, classifying, and evaluating vulnerabilities in information systems, cryptographic ...
- Что такое Оценка штрафа? The formal process of determining and imposing financial or legal penalties for non-compliance with regulatory or contra...
- Что такое Оценка эксплойта? The evaluation of identified vulnerabilities in cryptographic or PKI assets to determine the likelihood and potential im...
- Что такое Ошибка конфигурации безопасности? A failure to implement correct or secure settings in cryptographic, PKI, or network assets, resulting in exposure to exp...
П
- Что такое Паддинг подписи? A method of formatting a message or hash before digital signature creation, used to prevent certain attacks and ensure c...
- Что такое Панель рисков? A real-time interface that aggregates, visualizes, and monitors PKI or cryptographic risks, vulnerabilities, and remedia...
- Что такое Панель соответствия? A real-time visualization tool that aggregates and displays the status of cryptography and PKI controls, risks, incident...
- Что такое Пара ключей? A set of two mathematically linked cryptographic keys, typically consisting of a public key for encryption/verification ...
- Что такое Перечисление атак? The process of systematically identifying and cataloging all possible attack vectors and threat actors relevant to a cry...
- Что такое Перспективная секретность? A cryptographic property ensuring that the compromise of long-term keys does not compromise past session keys, providing...
- Что такое Пивотинг угрозной разведки? The analytic process of using one indicator (such as an IP, domain, or hash) as a starting point to discover related thr...
- Что такое Пиннинг сертификатов? A security technique that restricts which certificates are considered valid for a particular service or domain, by stori...
- Что такое Пиннинг сертификатов облака? A security technique that restricts applications or devices to accept only specific trusted certificates or public keys ...
- Что такое План исправления? A documented set of actions, responsibilities, and timelines designed to resolve identified cryptographic or PKI vulnera...
- Что такое План мониторинга? A documented approach outlining processes, tools, and responsibilities for continuously observing and assessing security...
- Что такое План реагирования? A documented strategy outlining procedures, roles, responsibilities, and communications for responding to cybersecurity ...
- Что такое План снижения рисков? A documented strategy detailing specific actions and controls to reduce the likelihood or impact of identified risks.
- Что такое План устранения? A formal strategy that outlines actions, responsibilities, and timelines to correct identified security or compliance de...
- Что такое План устранения? A documented set of actions designed to eliminate the root cause and effects of a security incident, restore affected sy...
- Что такое Планирование устойчивости? The strategic process of designing and implementing measures to ensure an organization can adapt, recover, and continue ...
- Что такое Платформа защиты рабочих нагрузок? A cloud-native security solution that provides visibility and real-time protection for workloads—such as virtual machine...
- Что такое Плейбук охоты на угрозы? A documented, repeatable procedure outlining hypothesis-driven threat hunting steps, data sources, detection logic, and ...
- Что такое Плейбук по безопасности? A documented set of repeatable incident response procedures and decision trees tailored to specific threat scenarios or ...
- Что такое Поверхность атаки? The sum of all points in a cryptographic or PKI environment where an unauthorized user could attempt to enter data, extr...
- Что такое Повтор атаки? The process of re-enacting a recorded or theoretical attack vector against PKI or cryptographic systems to test detectio...
- Что такое Повтор атаки? A controlled reproduction of a previously observed or simulated attack scenario targeting cryptographic or PKI assets, u...
- Что такое Повторная сборка IP-фрагментов? The process of reconstructing fragmented IP packets into their original form for delivery, inspection, or security analy...
- Что такое Подавление оповещений? The intentional filtering or silencing of specific security alerts to reduce noise from false positives and allow focus ...
- Что такое Подделка ресурсов API? The unauthorized modification or manipulation of API resources, typically by altering request parameters or payloads to ...
- Что такое Подписанное утверждение? A digital statement or claim, such as an authentication response or attribute, that is cryptographically signed to ensur...
- Что такое Подтверждение ключа? A cryptographic process where parties confirm to each other that they possess the same secret key, usually as a final st...
- Что такое Подчинённый УЦ? A Certificate Authority (CA) that is certified and authorized by a root or higher-level CA to issue digital certificates...
- Что такое Покрытие тестами? The extent to which cryptographic or PKI system components, use cases, and controls are validated by automated or manual...
- Что такое Политика безопасности бессерверных решений? A set of security controls and guidelines specifically designed to protect serverless computing architectures by restric...
- Что такое Политика белого списка приложений? A security control that restricts the execution of software to only pre-approved applications, preventing unauthorized o...
- Что такое Политика брандмауэра хоста? A defined set of rules and configurations that control inbound and outbound network traffic at the individual host or VM...
- Что такое Политика выдачи? A formal document or set of rules that defines the procedures and requirements for issuing digital certificates within a...
- Что такое Политика изоляции рабочих нагрузок? A security policy that enforces strict logical and sometimes physical separation of workloads to prevent unauthorized ac...
- Что такое Политика карантина конечных точек? A formalized set of procedures and controls for isolating endpoints exhibiting signs of compromise or non-compliance fro...
- Что такое Политика карантина конечных устройств? A defined set of rules for isolating endpoints that exhibit suspicious or non-compliant behavior to prevent them from ac...
- Что такое Политика микросегментации? A granular security approach that divides networks into isolated segments at the workload or application level, enforcin...
- Что такое Политика Микросегментации? A set of rules that define fine-grained network zones and enforce isolation between workloads to limit lateral movement.
- Что такое Политика подписи? A set of technical and procedural requirements governing the creation, validation, and management of digital signatures ...
- Что такое Политика сертификата? A set of rules and practices that indicates the applicability of a certificate to a particular community or class of app...
- Что такое Политика совместного использования ресурсов? A set of security rules and access controls governing how digital resources such as data, storage, and APIs are shared a...
- Что такое Политика управления учетными данными? A formal set of rules and procedures for creating, storing, rotating, and revoking authentication credentials to ensure ...
- Что такое Политика условного доступа? A security rule that grants or blocks access to resources based on specific conditions such as user location, device pos...
- Что такое Политика хранения? A documented set of rules defining how long information or records must be retained to comply with regulatory, legal, or...
- Что такое Политика-ориентированное исправление? Automated or manual corrective actions triggered by predefined policies to mitigate detected security incidents or confi...
- Что такое Политическая инстанция? An entity within a PKI or trust framework responsible for defining, governing, and maintaining security and operational ...
- Что такое Политическая структура? A structured set of overarching policies, standards, and guidelines that governs how information security, compliance, a...
- Что такое Положение безопасности облака? The overall security status and configuration of cloud services, assets, and workloads in accordance with organizational...
- Что такое Положение в области безопасности? The overall status of an organization’s cybersecurity policies, controls, capabilities, and readiness to detect, prevent...
- Что такое Попытка эксплуатации? An unauthorized action or sequence initiated by a threat actor to actively test or leverage a cryptographic or PKI vulne...
- Что такое Поставщик управляемой безопасности? An external organization that delivers outsourced security monitoring, management, and incident response services for cl...
- Что такое Построение цепочки? The process of assembling a complete, ordered set of certificates from an end-entity certificate up to a trusted root, v...
- Что такое Потеря данных? The unintended or unauthorized destruction, corruption, or loss of data, potentially resulting in business disruption or...
- Что такое Предварительно согласованный ключ? A symmetric key distributed to and shared by parties before communication begins, commonly used in VPNs, Wi-Fi WPA2-PSK,...
- Что такое Предотвращение вторжений на хост? A security solution deployed on host systems to proactively detect, block, and log malicious activity, such as exploits ...
- Что такое Предотвращение выхода из контейнера? Security controls and mechanisms implemented to prevent processes within a container from breaching isolation boundaries...
- Что такое Предотвращение Латерального Передвижения? Techniques and controls designed to detect and stop an adversary’s efforts to move laterally within a network after init...
- Что такое Предотвращение повторного использования токена? Security controls and techniques that ensure tokens, such as authentication or session tokens, cannot be reused by attac...
- Что такое Предотвращение потери данных? A suite of technologies and policies designed to detect, monitor, and prevent the unauthorized transmission or disclosur...
- Что такое Предотвращение распространения секретов? The implementation of processes and tools to prevent sensitive secrets—such as API keys, credentials, and certificates—f...
- Что такое Предотвращение утечки токенов? Measures and controls implemented to prevent authentication or authorization tokens from being inadvertently exposed, in...
- Что такое Предотвращение эксплуатации? A set of technical and procedural controls to proactively prevent exploitation of vulnerabilities in cryptographic and P...
- Что такое Привязка токена? A security mechanism where cryptographic tokens are cryptographically bound to a TLS connection, ensuring that tokens ca...
- Что такое Привязка токена сессии? A security mechanism that cryptographically ties a session token to a specific user device or connection context, preven...
- Что такое Применение бизнес-правил? Implementation and monitoring of business logic controls within applications to prevent unauthorized or unintended actio...
- Что такое Применение лимита API? A control that limits the number of API requests a client or application can make within a specific time frame to preven...
- Что такое Применение политик на конечных устройствах? The application of security controls to endpoints (e.g., laptops, mobiles) to ensure compliance with organizational secu...
- Что такое Применение политики? The process of ensuring that policies, standards, and procedures are implemented and followed within the organization, w...
- Что такое Применение политики сегментации? The application and monitoring of access control policies that govern traffic between network segments to minimize unaut...
- Что такое Принудительное выполнение на стороне клиента? Reliance on client-side logic to enforce security controls, which can be bypassed or manipulated, undermining the intend...
- Что такое Принудительное завершение сессии? Policy and technical controls to ensure user sessions automatically expire after a defined period of inactivity, minimiz...
- Что такое Принудительное применение API-шлюза? Operational policy and control enforcement at the API gateway layer, ensuring only validated and authorized API traffic ...
- Что такое Принудительное применение заголовков безопасности? The application of mandatory HTTP response headers (such as CSP, HSTS, X-Frame-Options) to protect web applications from...
- Что такое Принудительное применение квот API? The process of applying limits to the number of API requests allowed for each user, application, or key, to prevent reso...
- Что такое Принудительное применение политики CORS? The process of strictly applying Cross-Origin Resource Sharing (CORS) policies to control which origins can interact wit...
- Что такое Принудительное связывание токенов? A security control requiring the cryptographic binding of authentication tokens to specific TLS sessions or client devic...
- Что такое Принудительное соблюдение наименьших привилегий? The continuous process of restricting user, process, or system access rights to the minimum necessary to perform authori...
- Что такое Принудительное соблюдение области действия токена? The process of restricting token privileges to the minimum necessary set of actions or resources, ensuring that access t...
- Что такое Принудительное соблюдение схемы API? The practice of validating incoming and outgoing API requests and responses against a defined schema to prevent structur...
- Что такое Принудительное управление доступом к сети? The application of technical controls to regulate and restrict user, device, or service access to network resources, enf...
- Что такое Принятие риска? A formal decision to acknowledge and accept the consequences of a specific risk, typically documented and approved by au...
- Что такое Принятие риска? The formal decision to tolerate a known risk in cryptographic or PKI systems, typically documented through risk manageme...
- Что такое Приоритезация рисков? The process of ranking identified risks based on their likelihood, potential impact, and organizational risk appetite to...
- Что такое Приоритезация рисков? The structured process of ranking risks to cryptographic and PKI systems based on likelihood, impact, and exposure, to g...
- Что такое Приоритезация уязвимостей? The process of ranking discovered cryptographic and PKI vulnerabilities according to risk, exploitability, business impa...
- Что такое Приоритизация инцидентов? The classification and ranking of security incidents based on risk, severity, and potential business impact to determine...
- Что такое Приоритизация оповещений? The process of ranking and categorizing security alerts based on risk, relevance, and organizational impact, to enable e...
- Что такое Пробел в безопасности? A missing or insufficient security control in cryptographic or PKI systems that exposes assets to risk, noncompliance, o...
- Что такое Проверка безопасной загрузки? A cryptographic process that ensures only trusted, signed firmware and software are loaded during system startup, preven...
- Что такое Проверка исправления? The process of confirming that actions taken to correct cryptographic or PKI vulnerabilities are effective and that affe...
- Что такое Проверка исходного адреса? The process of verifying that the source IP address of a packet is legitimate and not spoofed, typically enforced at net...
- Что такое Проверка клиентского сертификата? A process that verifies the authenticity and trustworthiness of client certificates during mutual TLS connections, enabl...
- Что такое Проверка контроля? An assessment of security controls to determine their effectiveness, adequacy, and proper implementation within the orga...
- Что такое Проверка недостаточной энтропии? Failure to verify that cryptographic functions use sources of randomness with adequate entropy, increasing the risk of p...
- Что такое Проверка патча? The process of confirming through controlled testing that a security patch applied to cryptographic modules or PKI compo...
- Что такое Проверка патчей? The process of confirming that applied patches to cryptographic, PKI, or related systems have been correctly installed, ...
- Что такое Проверка подписи JWT? The process of validating the cryptographic signature of a JSON Web Token (JWT) to ensure its integrity and authenticity...
- Что такое Проверка соответствия? The formal process of testing and confirming that systems, processes, and controls meet regulatory, contractual, and pol...
- Что такое Проверка соответствия? The systematic confirmation that cryptographic, PKI, and supporting systems conform to relevant standards, policies, and...
- Что такое Проверка срока действия токена? The process of checking the expiration date and time of authentication or authorization tokens to ensure that expired to...
- Что такое Проверка уникальности числа при повторе? A security mechanism that ensures a unique nonce value is included and validated in each request or transaction, protect...
- Что такое Проверка целостности маршрута? A set of mechanisms that verify the authenticity and correctness of network routing information to prevent route hijacki...
- Что такое Проверка цепочки? The process of verifying each certificate in a chain from the end entity up to the root CA, ensuring all links are trust...
- Что такое Проверка цепочки DNSSEC? The process of verifying each link in the DNSSEC signature chain from root to record to ensure domain name authenticity ...
- Что такое Проверка эксплойта? The process of confirming, through controlled testing, that a discovered vulnerability in a cryptographic or PKI system ...
- Что такое Программно-определяемый периметр? A cybersecurity framework that dynamically creates one-to-one network connections between users and resources using iden...
- Что такое Продление сертификата? The process of issuing a new certificate for an entity before the expiration of the current certificate, maintaining con...
- Что такое Производная ключа? A cryptographic process for generating one or more secret keys from a shared secret or password using a deterministic fu...
- Что такое Прокси завершения TLS? A network device or service that decrypts incoming TLS traffic at the network edge, forwarding unencrypted traffic inter...
- Что такое Прокси с учётом идентичности? A security proxy that enforces access controls and authentication based on user or device identity before allowing acces...
- Что такое Протокол удалённой аттестации? A cryptographic protocol that enables a verifier to remotely validate the integrity and trustworthiness of a device or s...
- Что такое Протокол федерации идентификации? A standardized mechanism allowing multiple organizations or domains to securely share and validate user identities using...
- Что такое Профилирование аномального трафика? The identification and categorization of network traffic patterns that deviate from established baselines to detect pote...
- Что такое Процесс проверки HMAC? A procedure using Hash-based Message Authentication Code (HMAC) to verify data integrity and authenticity during transmi...
- Что такое Процесс расследования? A structured series of analytical steps undertaken by security teams to determine the scope, cause, and impact of a cybe...
- Что такое Процесс устранения? Remediation Workflow is a structured, documented process for addressing and resolving identified security issues or inci...
- Что такое Путь атаки? A sequence or route by which a threat actor progresses through vulnerabilities, misconfigurations, or controls in crypto...
Р
- Что такое Рабочий процесс инцидента? A structured sequence of tasks and escalation steps followed during the lifecycle of a security incident, from detection...
- Что такое Рабочий процесс реагирования? A formalized, step-by-step sequence of procedures and roles that guide the incident response process from detection thro...
- Что такое Рабочий процесс устранения? A formalized sequence of steps for resolving cryptographic or PKI vulnerabilities, including assignment, tracking, verif...
- Что такое Развертывание патчей? The distribution and installation of security updates to cryptographic or PKI-related systems to remediate vulnerabiliti...
- Что такое Развертывание Сети Обмана Honeynet? The setup of a network of decoy systems and services designed to lure, detect, and analyze attacker behavior.
- Что такое Разглашение конфиденциальных данных? A risk where confidential or regulated data is unintentionally disclosed through insecure APIs, weak encryption, or impr...
- Что такое Разглашение чувствительных функций? A flaw where critical application functions, such as admin features or payment operations, are accessible to unauthorize...
- Что такое Разделение обязанностей? A risk management control principle that divides critical tasks and privileges among multiple individuals to reduce oppo...
- Что такое Раздельное туннелирование VPN? A VPN configuration that allows some traffic to be routed through the secure VPN tunnel while other traffic accesses the...
- Что такое Рамки доверия? A formal structure of policies, roles, rules, and standards that define how trust is established, maintained, and evalua...
- Что такое Рамки подотчетности? A structured set of responsibilities, roles, and processes that ensure individuals and teams are answerable for security...
- Что такое Рамки прямой секретности? A cryptographic protocol property ensuring that compromise of long-term keys does not compromise past session keys, as r...
- Что такое Рамки соответствия? An integrated system of standards, guidelines, and procedures designed to help an organization meet all relevant legal, ...
- Что такое Раскрытие уязвимостей? The process by which security vulnerabilities are reported to the relevant organization, vendor, or public, typically fo...
- Что такое Распределённая сеть обмана? A security architecture that uses distributed decoys, honeypots, and lures throughout the network or cloud to detect, de...
- Что такое Распространение CRL? The mechanism and locations for making Certificate Revocation Lists (CRLs) available to PKI participants to check the re...
- Что такое Расследование инцидента? A systematic process of collecting, analyzing, and documenting evidence to determine the cause, impact, and scope of a s...
- Что такое Расследование оповещения? The process of analyzing and validating security alerts to determine their legitimacy, scope, and required response acti...
- Что такое Расследование оповещения? The structured process of examining the source, context, and impact of a security alert to determine its validity, root ...
- Что такое Реагирование на инцидент? Coordinated activities by security personnel to mitigate, contain, and resolve identified threats or incidents in accord...
- Что такое Реагирование на инциденты? The structured approach to managing and addressing cybersecurity incidents, with processes for detection, containment, e...
- Что такое Реагирование на инциденты? A coordinated approach to addressing and managing the aftermath of a security breach or cyberattack, with the aim of lim...
- Что такое Реагирование на инциденты в облаке? A structured approach to managing and mitigating security incidents in cloud environments, including preparation, detect...
- Что такое Реагирование на фишинг? Coordinated actions taken to detect, contain, and mitigate phishing attacks, including user notification, credential res...
- Что такое Регуляторная проверка? A systematic evaluation of processes, policies, and controls to ensure alignment with applicable regulatory requirements...
- Что такое Регуляторное соответствие? The degree to which organizational controls, processes, and policies conform to laws, regulations, and relevant industry...
- Что такое Регуляторный разрыв? Any deficiency or mismatch between current organizational controls, policies, or processes and those required by relevan...
- Что такое Регуляторный риск? The potential for losses or legal penalties resulting from non-compliance with laws, regulations, or mandatory standards...
- Что такое Реестр атак? A comprehensive, regularly updated list or database of all known attack techniques, tools, or vectors relevant to crypto...
- Что такое Реестр рисков? A central repository listing identified organizational risks, their likelihood, impact, mitigation actions, and responsi...
- Что такое Режим обратной связи шифра? A block cipher mode of operation (CFB) that turns a block cipher into a self-synchronizing stream cipher, providing conf...
- Что такое Резервное копирование ключа? The secure process of creating a protected copy of a cryptographic key, enabling recovery if the original is lost or dam...
- Что такое Результат сканирования? The output or findings generated by automated or manual scans of PKI or cryptographic systems for vulnerabilities, compl...
- Что такое Рецертификация доступа? A formal process to periodically review and validate user access rights to systems and data to ensure only authorized pe...
- Что такое Риск третьих лиц? The exposure to potential harm or loss resulting from external vendors, suppliers, contractors, or service providers who...
- Что такое Ротация ключей? The scheduled process of replacing cryptographic keys with new keys to limit the period a compromised key can be misused...
- Что такое ротация ключей? The scheduled or event-driven replacement of cryptographic keys in a system to reduce exposure from key compromise and e...
- Что такое Ротация ключей API? The operational practice of periodically replacing and invalidating existing API keys to minimize the risk of key compro...
- Что такое Руководящий обзор? A formal evaluation conducted by senior management to assess the adequacy and effectiveness of security, compliance, and...
С
- Что такое Самооценка контроля? Short for 'Control Self-Assessment'—an internal process where departments evaluate the design and effectiveness of their...
- Что такое Самоподписанный сертификат? A digital certificate that is signed by the same entity whose identity it certifies, rather than by a trusted Certificat...
- Что такое Сбор доказательств? The systematic process of gathering digital artifacts, logs, devices, or other data relevant to a security incident, fol...
- Что такое Сдерживание вредоносного ПО? Malware Containment is the set of actions and controls enacted to isolate and prevent the spread of malicious software w...
- Что такое Сегментация Виртуальной Сети? The division of a physical network into multiple logical networks using virtualization techniques to isolate traffic and...
- Что такое Сегментация на основе ролей? A network security practice dividing network resources or data access based on user or device roles, enforcing least pri...
- Что такое Сегментация облачной сети? The practice of dividing cloud-based network environments into distinct, isolated segments to enforce security boundarie...
- Что такое Сегментация облачной сети? The process of dividing a cloud network into isolated segments or zones to control traffic flow and limit lateral moveme...
- Что такое Сегментация сети? The practice of dividing a computer network into subnetworks, each being a network segment, to improve security, perform...
- Что такое Сегментированный транзит микросервисов? A network architecture approach in which communications between microservices are isolated into distinct, secured segmen...
- Что такое Сегрегация плоскости данных? The separation of the data forwarding path from management and control planes within network infrastructure to improve s...
- Что такое Сенсор сбора потоков? A network device or software agent that passively gathers, aggregates, and forwards network flow records (such as NetFlo...
- Что такое Сервер политик NAC? A core component of network access control (NAC) systems, responsible for evaluating endpoint posture, enforcing securit...
- Что такое Сервис изоляции браузера? A security mechanism that isolates end-users’ web browsing activity from the endpoint or corporate network by running br...
- Что такое Сервис изоляции браузера? A security control that runs browser sessions in isolated, remote containers or sandboxes to protect endpoints from web-...
- Что такое Сервис токенизации? A security process or managed solution that replaces sensitive data elements with non-sensitive equivalents (tokens), of...
- Что такое Сервис управления ключами? A centralized service or system that creates, stores, rotates, and manages cryptographic keys used for securing data at ...
- Что такое Сертификат устройства? A digital certificate issued to a device (such as a server, router, or IoT component) to authenticate its identity withi...
- Что такое Сертификат УЦ? A digital certificate issued to a Certificate Authority, used to sign and validate other digital certificates within a P...
- Что такое Сессионный билет? A data structure issued by a server to a client in TLS to enable stateless session resumption by encapsulating keying ma...
- Что такое Сессионный ключ? A temporary symmetric key used for a single communication session, providing confidentiality and integrity for exchanged...
- Что такое Сетевой каркас безопасности микросервисов? A distributed security framework that provides consistent identity, policy enforcement, and encrypted communication acro...
- Что такое Симметричный ключ? A cryptographic key used in symmetric encryption where the same key is used for both encryption and decryption operation...
- Что такое Симуляция угроз? The practice of emulating real-world attacks on cryptographic or PKI infrastructure to test defenses, validate response ...
- Что такое Симуляция эксплуатации? A controlled emulation of exploit attempts against cryptographic or PKI vulnerabilities to assess system resilience and ...
- Что такое Система контроля? A structured set of governance, risk, and compliance (GRC) policies, processes, and controls aligned to industry standar...
- Что такое Сканирование контейнерных образов? The process of automatically analyzing container images for vulnerabilities, malware, and policy violations before deplo...
- Что такое Сканирование на соответствие? An automated scan of cryptographic or PKI systems to verify conformity with regulatory and industry requirements.
- Что такое Сканирование оценки компрометации? A security scan that evaluates systems for indicators of compromise (IoCs), persistent threats, or policy violations, as...
- Что такое Сканирование сети? The systematic identification and cataloging of networked assets, hosts, and services, including cryptographic and PKI i...
- Что такое Сканирующий движок? A dedicated software module or appliance that performs automated vulnerability, compliance, or configuration scans on cr...
- Что такое Слабость контроля? A flaw, gap, or insufficient strength in technical or procedural controls that may allow threats to compromise cryptogra...
- Что такое Служба регистрации? A trusted PKI component that manages requests for digital certificates, validates identity, and issues or renews certifi...
- Что такое Случайное распределение эфемерных портов? A technique where ephemeral (temporary) TCP/UDP ports are assigned randomly to reduce the risk of port prediction attack...
- Что такое Случайный оракул? A theoretical black box model that responds to every unique query with a truly random response, used as an idealized com...
- Что такое Смена сертификата? The managed transition from an expiring or old certificate to a new certificate in a way that minimizes service interrup...
- Что такое Смягчение атак повторной передачи? Security controls implemented to detect and prevent replay attacks, where previously valid data transmissions are malici...
- Что такое Смягчение открытых перенаправлений? Security controls that detect and prevent web applications from redirecting users to untrusted external URLs, reducing t...
- Что такое Смягчение последствий инцидента? Targeted actions taken to reduce the immediate and long-term impact of a security incident, including containment, eradi...
- Что такое Снижение зоны поражения? Limiting the potential impact of a security breach by isolating assets and implementing controls that constrain the effe...
- Что такое Снижение риска? The application of technical, administrative, or physical controls in cryptographic and PKI environments to lower the li...
- Что такое Снижение риска эксплуатации? Technical and procedural controls implemented to reduce or eliminate the risk of exploitation of vulnerabilities in cryp...
- Что такое Снижение устойчивых угроз? A set of proactive and reactive controls aimed at detecting, containing, and eradicating advanced persistent threats (AP...
- Что такое Соблюдение политики? The degree to which organizational personnel follow established internal policies, procedures, and standards.
- Что такое Согласование ключа? A cryptographic protocol that enables two or more parties to establish a shared secret key over an insecure channel, com...
- Что такое Соль (значение)? A random value added to data, typically passwords, before hashing to ensure that identical inputs produce different hash...
- Что такое Сообщение об инцидентах? The formal process of documenting and communicating the details of a cybersecurity incident to relevant stakeholders, re...
- Что такое Сообщение об инциденте? The formal process of documenting and communicating information about detected security incidents to relevant stakeholde...
- Что такое Сообщение об инциденте? The formal communication process for notifying internal or external authorities about detected security incidents, as re...
- Что такое Соответствие нормативным требованиям? Adherence to laws, regulations, and standards applicable to the organization's operations and information security pract...
- Что такое Сопоставление идентичности ресурсов? The process of associating digital resources (such as VMs, APIs, or storage objects) with unique, verifiable identities ...
- Что такое Сопоставление контролей? The process of linking controls to regulatory, policy, or framework requirements to demonstrate compliance and facilitat...
- Что такое Сопоставление контролей? The process of aligning cryptographic or PKI controls with regulatory frameworks, standards, or organizational requireme...
- Что такое Сопоставление политик? The process in PKI where certificate policies from one CA are mapped to equivalent policies in another, allowing interop...
- Что такое Сопоставление федеративных идентичностей? A process that links user identities from external or partner identity providers to local systems, enabling single sign-...
- Что такое Сохранение доказательств? The controlled process of securing, documenting, and protecting digital or physical evidence to maintain integrity for i...
- Что такое Список контроля доступа? A table or data structure used to specify permissions attached to system objects, defining which users or processes are ...
- Что такое Список отозванных JWT? A security control that maintains a list of invalidated JSON Web Tokens (JWTs), preventing previously issued tokens from...
- Что такое Список эксплойтов? An authoritative and frequently updated catalog of all known exploits that could target cryptographic or PKI assets, inc...
- Что такое Срок действия? The designated timeframe during which a cryptographic certificate or key is considered valid and trusted for use, after ...
- Что такое Срок службы ключа? The maximum period that a cryptographic key is allowed to be active and used for cryptographic operations before mandato...
- Что такое Срок устранения? The maximum time allowed to fully address a vulnerability or nonconformity in PKI or cryptographic environments, as defi...
- Что такое Статический анализ кода? The process of automatically analyzing source code or binaries for security vulnerabilities, coding errors, or policy vi...
- Что такое Статус обновлений? The documented and regularly updated record of the deployment, verification, and compliance of cryptographic or PKI-rela...
- Что такое Статус отзыва? The current validity state of a digital certificate, indicating whether it has been revoked by the issuing certificate a...
- Что такое Статус отзыва? The current validity state of a digital certificate as determined by a recognized Certificate Authority (CA), typically ...
- Что такое Стратегия безопасности? A high-level plan that defines how an organization will protect its information assets, meet regulatory obligations, and...
- Что такое Стратегия Многоуровневой Защиты? An approach that uses multiple, overlapping security controls at different layers (network, application, endpoint) to pr...
- Что такое Стратегия ограничения API? A structured approach to limit the number of API requests made by a client or IP within a specified timeframe, preventin...
- Что такое Стратегия сдерживания? A set of planned actions and measures taken to limit the spread and impact of a cybersecurity incident, preventing furth...
- Что такое Стратегия смягчения? A structured approach involving technical, administrative, or procedural controls to reduce the likelihood or impact of ...
- Что такое Строгая транспортировка MTA? An email security policy (MTA-STS) that enforces strict encrypted transport (typically via TLS) between Mail Transfer Ag...
- Что такое Субъект данных? An individual whose personal data is collected, held or processed by a data controller or processor as defined by privac...
- Что такое Схема подписи? A cryptographic algorithm for creating and verifying digital signatures, specifying mathematical processes and key struc...
- Что такое Сценарий атаки? A detailed narrative describing a potential attack vector or sequence of actions that a threat actor may use to exploit ...
Т
- Что такое Тегирование облачных ресурсов? The process of assigning metadata labels to cloud resources to facilitate access management, cost allocation, compliance...
- Что такое Тестирование безопасности? The process of evaluating cryptographic, PKI, and supporting systems for compliance with security requirements, through ...
- Что такое Тестирование на проникновение? An authorized and controlled simulated attack on cryptographic and PKI systems, conducted to identify exploitable vulner...
- Что такое Тестирование учетных данных? The process of validating the strength, configuration, and authenticity of credentials used within cryptographic or PKI ...
- Что такое Толерантность к риску? The amount and type of risk an organization is willing to accept in pursuit of its objectives, as defined in risk manage...
- Что такое Точка принятия политических решений? A logical component in access control architectures (e.g., ABAC, RBAC) that evaluates access requests against policy rul...
- Что такое Триаж оповещений? The systematic process of evaluating, prioritizing, and categorizing security alerts based on severity, credibility, and...
- Что такое Триаж событий? The process of rapidly classifying, prioritizing, and assigning security events for investigation based on impact, sever...
У
- Что такое Уведомление о безопасности? The formal process of communicating significant security events or incident statuses to designated stakeholders or regul...
- Что такое Уведомление о конфиденциальности? A formal document that informs individuals about how their personal data is collected, used, stored, and protected by th...
- Что такое Уведомление о нарушении? The formal process of informing affected parties, regulators, and other stakeholders about a confirmed data breach, in a...
- Что такое Уведомление о риске? A formal alert generated to inform stakeholders of emerging or realized PKI or cryptographic risks, often automated with...
- Что такое Уведомление об инциденте? The act of formally informing stakeholders, management, or regulatory bodies about a detected or ongoing security incide...
- Что такое Уведомление об угрозе? Official communication to stakeholders regarding the discovery or presence of a specific cyber threat, often required by...
- Что такое Удалённая изоляция браузера? A security technique in which a user’s web browsing session is executed on a remote server, isolating all web content fr...
- Что такое Уклонение от обхода обнаружения? Techniques used by threat actors to evade or bypass security detection mechanisms such as IDS, IPS, or endpoint protecti...
- Что такое Уполномоченный по валидации? A trusted service or entity that provides real-time or historical status information about digital certificates, typical...
- Что такое Управление изменениями? A formal process used to ensure that all modifications to systems, processes, or documents are introduced in a controlle...
- Что такое Управление инцидентами? A structured process for identifying, assessing, responding to, and recovering from security incidents to minimize impac...
- Что такое Управление инцидентами? The process of documenting, tracking, and resolving security incidents or investigations within a structured platform, e...
- Что такое Управление инцидентами? A coordinated set of processes and tools for identifying, assessing, responding to, tracking, and resolving security inc...
- Что такое Управление исключениями? A formal process for documenting, assessing, approving, and monitoring deviations from standard policies or controls, en...
- Что такое Управление ключами? The set of processes and mechanisms for generating, distributing, storing, using, rotating, archiving, and destroying cr...
- Что такое Управление ключами? The set of processes and mechanisms used for the secure generation, distribution, storage, rotation, and destruction of ...
- Что такое Управление патчами? A formal process for the identification, acquisition, testing, and deployment of patches to correct vulnerabilities in c...
- Что такое Управление пользователями? The process of creating, managing, and assigning user accounts and privileges within an organization's IT systems in acc...
- Что такое Управление правами инфраструктуры? A process and toolset for discovering, controlling, and auditing permissions and access rights across cloud and hybrid i...
- Что такое Управление привилегированными идентичностями? A security discipline and toolset focused on discovering, controlling, and monitoring accounts with elevated access righ...
- Что такое Управление регистрацией устройств? The process of registering and configuring devices to ensure compliance with security policies before granting access to...
- Что такое Управление ролями? The process of defining, assigning, and controlling user roles and associated privileges within systems to enforce least...
- Что такое Управление сертификатами устройств? The process of issuing, deploying, renewing, and revoking digital certificates used to authenticate and secure devices w...
- Что такое Управление соответствием? The coordinated set of processes and controls designed to ensure adherence to legal, regulatory, and internal policy req...
- Что такое Управляемое обнаружение и реагирование? A managed security service that provides continuous threat monitoring, detection, investigation, and active response to ...
- Что такое Уровень повреждённого объекта? A critical API vulnerability where improper access controls allow attackers to manipulate or access objects belonging to...
- Что такое Уровень повреждённой функции? An API vulnerability where improper function-level authorization allows attackers to access or execute functions beyond ...
- Что такое Усталость от оповещений? Alert Fatigue is a condition in which security analysts become desensitized or overwhelmed due to excessive or repetitiv...
- Что такое Устаревание версии API? The process and risk associated with retiring or deprecating old API versions, often resulting in unsupported endpoints ...
- Что такое Устойчивая архитектура DNS? A DNS infrastructure designed for high availability, redundancy, and resistance to attacks or failures, ensuring continu...
- Что такое Уязвимость актива? A weakness in a cryptographic, PKI, or related system asset that could be exploited by a threat actor to compromise conf...
Ф
- Что такое Федеративное сопоставление идентификации? A process that links a user’s identity and credentials across multiple trusted identity providers, enabling Single Sign-...
- Что такое Фильтрация вектора доступа? A network defense technique that restricts or monitors traffic based on access vectors such as protocol, port, and direc...
- Что такое Фильтрация исходящего трафика? The process of monitoring and controlling outgoing network traffic to block unauthorized, malicious, or policy-violating...
- Что такое Форензик-анализ? The scientific examination and investigation of digital devices, logs, or data to identify, collect, preserve, and analy...
- Что такое Форензика конечных точек? The process of acquiring and preserving digital evidence from cloud or on-premises endpoints in a manner consistent with...
- Что такое Форензический анализ? The application of specialized techniques to collect, preserve, and analyze digital evidence from information systems fo...
Х
- Что такое Хартия безопасности? A formal document that defines the scope, authority, and responsibilities of the security function within an organizatio...
- Что такое Хранение данных? The set of policies and procedures governing how long organizational data must be kept, archived, or deleted in complian...
- Что такое Хранение логов? The process and policy of securely retaining security event and audit logs for a defined period to ensure availability f...
- Что такое Хранилище доверия? A repository of trusted root and intermediate certificates used by applications and systems to verify the authenticity o...
- Что такое Хронология инцидента? A detailed chronological record of all events, actions, and system states related to a security incident, used for inves...
Ц
- Что такое Цель контроля? A specific statement of the desired result or purpose that a control is intended to achieve, forming the basis for asses...
- Что такое Центр слияния индикаторов? A centralized facility or platform that aggregates, correlates, and analyzes cybersecurity indicators (such as IOCs) fro...
- Что такое Цепочка атаки? A sequence of steps or techniques used by threat actors to exploit cryptographic or PKI weaknesses, progressing from ini...
- Что такое Цепочка сертификатов? An ordered sequence of certificates, from an end-entity certificate up to the root authority, each certifying the next i...
- Что такое Цепочка сертификатов? An ordered sequence of certificates from the end-entity certificate to a trusted root certificate, used to establish tru...
- Что такое Цепочка хранения доказательств? A formal process documenting the chronological handling, transfer, and control of digital evidence, ensuring its integri...
- Что такое Цепочка эксплойтов? The sequential use of multiple exploits to bypass security mechanisms and gain unauthorized access to cryptographic or P...
- Что такое Цифровая криминалистика? The discipline of identifying, preserving, analyzing, and documenting digital evidence from electronic devices to suppor...
- Что такое Цифровой конверт? A mechanism in cryptography where a message is encrypted with a symmetric key and the symmetric key is then encrypted wi...
Ч
- Что такое Частота сканирования? The rate at which cryptographic assets or PKI-enabled systems are scanned or assessed for vulnerabilities, exposures, or...
- Что такое Чрезмерное предоставление полномочий? A security misconfiguration where a user or entity is assigned more access rights than necessary, violating the principl...
Ш
- Что такое Шаблон сертификата? A predefined configuration for certificate attributes and extensions, used by CAs to automate and standardize certificat...
- Что такое Шифрование облачного хранилища? The use of cryptographic techniques to protect data stored in cloud environments, ensuring confidentiality and integrity...
- Что такое Шифрование сервисной сетки? End-to-end encryption of communications between services within a service mesh architecture, typically using mutual TLS ...
- Что такое Шифрование сетевой ткани? Encryption mechanisms applied to the entire data path within a network fabric, ensuring confidentiality and integrity of...
- Что такое Шлюз безопасности API? A dedicated service or device that provides centralized security controls for APIs, including authentication, authorizat...
- Что такое Шлюз облачного шифрования? A security appliance or service that encrypts sensitive data before it is transferred to cloud services, ensuring confid...
- Что такое Шлюз службы honeypot? A dedicated network gateway or proxy that directs traffic to and from honeypot resources, isolating deceptive assets fro...
- Что такое Шлюз удалённого доступа? A secured network device or service that brokers and controls remote user access to internal organizational resources, e...
Э
- Что такое Эксплойт массового присваивания? A vulnerability where an attacker assigns values to object properties that should not be directly set by the user, often...
- Что такое Экспозиция угрозы? The degree to which a PKI or cryptographic system is vulnerable or visible to potential threat actors, based on controls...
- Что такое Экспозиция эксплойта? The state in which PKI or cryptographic systems are vulnerable to a known exploit, due to unpatched or misconfigured com...
- Что такое Эллиптическая кривая? A type of algebraic curve used in public-key cryptography, providing strong security with smaller key sizes; the basis o...
- Что такое Эмуляция противника? The simulation of real-world attacker behaviors and techniques in a controlled environment to test and improve detection...
- Что такое Эскалация инцидента? The formal process of transferring a detected security incident to higher-level personnel or specialized teams for furth...
- Что такое Эскалация оповещения? The process of forwarding a security alert to higher-level analysts or decision makers when the event exceeds the curren...
- Что такое Эскалация привилегий? An attack or exploit in which a user or application gains higher access rights or privileges than intended by system pol...
- Что такое Эскалация привилегий? The process by which a threat actor gains unauthorized elevated access rights within cryptographic or PKI systems.
- Что такое Эскалация случая? The process of transferring a security incident or case to a higher-level team or authority due to severity, complexity,...
- Что такое Эскроу ключей? A key management process in which cryptographic keys are held in escrow by a trusted third party, enabling recovery unde...
- Что такое Эфемерный ключ? A cryptographic key generated for temporary use in a single session or operation, after which it is discarded and not re...
Ю
- Что такое Юридическое соответствие? The state of adhering to all applicable laws, regulations, and legal obligations relevant to an organization's business ...
- Что такое Юридическое хранение? A directive to preserve all forms of relevant information when litigation or investigation is reasonably anticipated.
Я
- Что такое Язык разметки утверждений безопасности? An XML-based framework (SAML) for exchanging authentication and authorization data between security domains, commonly us...
- Что такое Якорение цепочки? The process of ensuring that a certificate chain terminates at a trusted root certificate authority (trust anchor), as r...
- Что такое Якорь доверия? A trusted entity (typically a root certificate authority) whose public key is used as the ultimate basis for validating ...
Learn All Cybersecurity English Terms Free
Master every term with native pronunciation, IPA transcriptions and career quizzes. 100% free, forever.
Download Free for iOS