Knowledge Base

Cybersecurity Glossary

Clear definitions of the terms, frameworks, and techniques that matter in adversarial exposure validation, threat-informed defense, and security operations.

Security Testing

Security Testing

Adversarial Exposure Validation (AEV)

Adversarial Exposure Validation is a security testing approach that measures how exposed an organization is to real attacker behavior by safely validating exploitable paths, weak controls, and detection gaps.

Read definition →
Security Testing

Automated Penetration Testing

Automated penetration testing uses software-driven attack workflows to identify exploitable weaknesses and validate parts of an attack path without requiring every step to be executed manually by a human tester.

Read definition →
Security Testing

Continuous Automated Red Teaming (CART)

Continuous Automated Red Teaming is an automated security testing model that repeatedly emulates realistic adversary behavior to measure how well an organization detects, blocks, and responds to attacks over time.

Read definition →
Security Testing

Security Control Validation

Security control validation is the process of verifying that preventive, detective, and response controls work as intended against relevant attack techniques.

Read definition →
Security Testing

Penetration Testing

Penetration testing is an authorized security assessment in which testers attempt to exploit weaknesses in systems, applications, or processes to identify real security risk.

Read definition →
Security Testing

Penetration Testing as a Service (PTaaS)

Penetration Testing as a Service is a delivery model that combines penetration testing expertise with an ongoing platform for collaboration, tracking, retesting, and reporting.

Read definition →
Security Testing

Breach and Attack Simulation (BAS)

Breach and Attack Simulation is an advanced security testing approach that uses automation to continuously simulate real-world attack techniques against an organization's infrastructure, providing ongoing validation of security controls.

Read definition →
Security Testing

Security Validation

Security validation is the ongoing practice of testing, measuring, and verifying that an organization's security controls, tools, and processes are functioning correctly and effectively against real-world threats.

Read definition →

Security Concepts

Security Concepts

Continuous Threat Exposure Management (CTEM)

Continuous Threat Exposure Management is a continuous program for discovering, validating, prioritizing, and reducing the security exposures that matter most to the business.

Read definition →
Security Concepts

Exposure Assessment Platform (EAP)

An Exposure Assessment Platform is a security platform that combines exposure discovery, prioritization, and validation data to help teams understand which weaknesses are most likely to lead to compromise.

Read definition →
Security Concepts

Attack Path

An attack path is the sequence of weaknesses, access points, and privilege transitions an attacker can use to move from an initial foothold to a high-value objective.

Read definition →
Security Concepts

Cyber Asset Attack Surface Management (CAASM)

Cyber Asset Attack Surface Management is the practice of unifying asset data from many systems so security teams can see what they own, what is exposed, and where control gaps exist across the environment.

Read definition →
Security Concepts

Cyber Risk Quantification (CRQ)

Cyber risk quantification is the process of translating cybersecurity exposure into measurable business impact, often using financial, operational, or loss-based models.

Read definition →
Security Concepts

Dwell Time

Dwell time is the amount of time an attacker remains in an environment before being detected, contained, or removed.

Read definition →
Security Concepts

External Attack Surface Management (EASM)

External Attack Surface Management is the practice of continuously discovering and monitoring internet-facing assets and exposures that attackers can see from outside the organization.

Read definition →
Security Concepts

Security Posture Management

Security posture management is the continuous process of measuring, improving, and governing an organization's overall security condition across assets, controls, identities, and exposures.

Read definition →
Security Concepts

Cyber Resilience

Cyber resilience is an organization's ability to anticipate, withstand, respond to, and recover from cyber incidents while continuing critical operations.

Read definition →
Security Concepts

Attack Surface

An organization's attack surface is the complete set of vulnerabilities, entry points, and exposure points through which a threat actor can attempt to gain unauthorized access to systems, data, or networks.

Read definition →
Security Concepts

Attack Surface Management (ASM)

Attack Surface Management is the continuous, automated process of discovering, inventorying, classifying, assessing, and monitoring all external-facing assets and exposure points across an organization's digital footprint.

Read definition →
Security Concepts

Security Posture

Security posture refers to the overall cybersecurity strength and readiness of an organization — encompassing the collective state of its networks, information, systems, data, processes, and people.

Read definition →
Security Concepts

Vulnerability Management

Vulnerability management is the ongoing, systematic process of discovering, evaluating, prioritizing, and addressing security vulnerabilities across an organization's technology ecosystem.

Read definition →

Security Operations

Security Operations

Mean Time to Detect (MTTD)

Mean time to detect is the average amount of time it takes an organization to identify suspicious or malicious activity after it begins.

Read definition →
Security Operations

MTTD and MTTR

MTTD and MTTR are security operations metrics that measure how quickly a team detects malicious activity and how quickly it responds to or remediates the issue.

Read definition →
Security Operations

Detection Engineering

Detection engineering is the systematic discipline of creating, testing, deploying, and maintaining detection logic that identifies malicious or suspicious activity within an organization's environment.

Read definition →
Security Operations

Endpoint Detection and Response (EDR)

EDR (Endpoint Detection and Response) is a security solution that continuously monitors endpoint devices to detect suspicious activity, investigate threats, and enable rapid incident response.

Read definition →
Security Operations

Extended Detection and Response (XDR)

XDR is a security platform that unifies detection, investigation, and response across endpoints, network, email, cloud, and identity through correlated data and integrated workflows.

Read definition →
Security Operations

Incident Response

Incident response is the organized approach to addressing and managing the aftermath of a cybersecurity incident, with the goals of limiting damage, reducing recovery time and costs, and learning from the event.

Read definition →
Security Operations

Security Operations Center (SOC)

A Security Operations Center (SOC) is a centralized unit staffed by security analysts and engineers who continuously monitor, detect, investigate, and respond to cybersecurity incidents.

Read definition →
Security Operations

SIEM

SIEM (Security Information and Event Management) is a security solution that collects, aggregates, and analyzes log and event data across an organization's IT environment to detect threats, support investigations, and enable compliance reporting.

Read definition →
Security Operations

SOAR

SOAR (Security Orchestration, Automation and Response) is a security technology category that enables organizations to collect security data from multiple sources and automate incident analysis and response through orchestrated workflows.

Read definition →

Threat Emulation

Threat Analysis

Attack Techniques

Frameworks

Compliance Frameworks

Threat Types

Security Architecture