🔐 Cybersecurity Glossary
Over 265 professional cybersecurity terms in English & Arabic — your comprehensive reference for the cybersecurity world
265 terms
16 categories
47 frameworks
All
🏛 Governance & Strategy 35
⚖ Risk Management 17
🔑 Identity & Access 14
🌐 Network Security 16
🔒 Data Protection 11
⚡ Threat & Attack 22
🚨 Incident Response 13
☑ Compliance & Audit 12
🔐 Cryptography 11
☁ Cloud Security 9
💻 Application Security 11
§ Privacy & Data Law 12
🛡 Security Operations 17
♻ Business Continuity 9
🇸🇦 Saudi Regulations 14
🛡️ Platform Tools 1
NCA_ECC (122)
SAMA_CSF (76)
PCI_DSS (47)
ISO_27001 (39)
PDPL (34)
NIST_CSF (29)
Array (25)
NCA ECC (20)
SAMA CSF (20)
NCA_CSCC (14)
22 terms
⚡ Advanced Persistent Threat
APT
التهديد المتقدم المستمر
A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
⚡ Brute Force Attack
هجوم القوة الغاشمة
An attack method that uses trial and error to guess passwords, login credentials, or encryption keys.
⚡ Business Email Compromise
BEC
اختراق البريد الإلكتروني للأعمال
A sophisticated scam targeting organizations that regularly perform wire transfers, exploiting compromised executive email accounts.
⚡ Credential Stuffing
حشو بيانات الاعتماد
An automated attack that uses stolen username/password pairs from data breaches to attempt logins on other services.
⚡ Cross-Site Scripting
XSS
البرمجة عبر المواقع
A web security vulnerability that allows attackers to inject client-side scripts into web pages viewed by other users.
⚡ Cryptojacking
التعدين الخبيث
The unauthorized use of someone else's computing resources to mine cryptocurrency.
⚡ Deepfake
التزييف العميق
AI-generated synthetic media used to impersonate individuals through manipulated audio, video, or images.
⚡ Distributed Denial of Service
DDoS
هجوم حجب الخدمة الموزع
An attack that overwhelms a target system with traffic from multiple sources, making it unavailable to legitimate users.
⚡ Fileless Malware
البرمجيات الخبيثة بدون ملفات
Malicious code that operates entirely in memory without writing files to disk, making it harder to detect by traditional antivirus.
⚡ Indicators of Attack
IoA
مؤشرات الهجوم
Proactive indicators that identify attacker behavior patterns in real-time, before damage occurs.
⚡ Insider Threat
التهديد الداخلي
A security risk that originates from within the organization, typically from current or former employees or business associates.
⚡ Malware
البرمجيات الخبيثة
Software specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
⚡ Man-in-the-Middle Attack
MITM
هجوم الوسيط
An attack where the attacker secretly relays and possibly alters communications between two parties who believe they are directly communicating.
⚡ MITRE ATT&CK
إطار MITRE ATT&CK
A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations of cyberattacks.
⚡ Phishing
التصيد الاحتيالي
A social engineering attack that uses deceptive emails, websites, or messages to trick individuals into revealing sensitive information.
⚡ Ransomware
برامج الفدية
Malicious software that encrypts victim's files and demands payment for the decryption key.
⚡ Social Engineering
SE
الهندسة الاجتماعية
The psychological manipulation of people into performing actions or divulging confidential information.
⚡ Spear Phishing
التصيد الموجه
A targeted phishing attack directed at specific individuals or organizations using personalized information to increase credibility.
⚡ SQL Injection
SQLi
حقن SQL
A code injection technique used to attack data-driven applications by inserting malicious SQL statements into entry fields.
⚡ Supply Chain Attack
هجوم سلسلة التوريد
An attack that targets the less-secure elements in a supply chain to compromise the final target.
⚡ Watering Hole Attack
هجوم حفرة الماء
An attack strategy where the threat actor infects websites frequently visited by the target group to compromise their systems.
⚡ Zero-Day Vulnerability
0-Day
ثغرة يوم الصفر
A software security vulnerability that is unknown to the vendor and for which no patch or fix is available.