🔐 Cybersecurity Glossary

Security Assertion Markup Language — an XML-based standard for exchanging authentication and authorization data between parties.

The digital transformation component of Saudi Vision 2030 that drives cybersecurity requirements across all sectors.

The boundaries of a compliance assessment defining which systems, processes, and locations are included in the evaluation.

A cloud architecture model that combines network security functions with WAN capabilities to support dynamic secure access.

DNS configurations and protocols that protect against DNS hijacking, spoofing, and cache poisoning attacks.

A solution that monitors emails sent and received to prevent unwanted email including spam, phishing, and malware.

A unified security design that addresses the necessities and potential risks involved in a certain scenario and specifies when and where to apply security controls.

A business model in which a service provider integrates security services into a corporate infrastructure on a subscription basis.

An educational program designed to reduce human cybersecurity risks by teaching employees to recognize and respond to threats.

A minimum set of security controls required for a system or organization to operate safely.

The set of responsibilities exercised by the board and executive management to provide strategic direction and oversight of cybersecurity.

A comprehensive structure of policies, procedures, and controls that establishes accountability and oversight for cybersecurity activities across an organization. It defines roles, responsibilities, and decision-making processes to ensure security objectives align with business goals and regulatory requirements.

A comprehensive security solution that provides real-time analysis of security alerts and events generated by network hardware and applications. It collects, aggregates, correlates, and analyzes log data to detect threats, support compliance reporting, and enable rapid incident response.

A comprehensive solution that provides real-time analysis of security alerts generated by applications and network hardware. SIEM systems collect, aggregate, and analyze log data from across an organization's IT infrastructure to identify security threats, ensure compliance, and support incident investigation and forensics.

Quantifiable measurements used to track and evaluate the effectiveness of an organization's security program.

A centralized unit that deals with security issues on an organizational and technical level, responsible for continuous monitoring, detection, analysis, and response to cybersecurity incidents using a combination of technology solutions and human expertise.

A stack of compatible tools that allows organizations to collect security data and automate responses to low-level threats.

A formal document that defines the rules, guidelines, and practices for managing and protecting an organization's information assets.

An objective, quantifiable measure of an organization's cybersecurity posture generated by independent security rating platforms.

A cross-functional leadership body responsible for providing strategic direction and oversight of the cybersecurity program.

An email authentication protocol that allows domain owners to specify which mail servers are authorized to send emails on behalf of their domain. SPF helps prevent email spoofing by enabling receiving servers to verify that incoming mail from a domain comes from an authorized IP address.

Security practices and controls specific to serverless computing architectures like AWS Lambda, Azure Functions.

An authentication scheme that allows a user to log in with a single ID to gain access to multiple related but independent systems.

A process of identifying open-source software components and their known vulnerabilities in application codebases.

An approach to networking that uses software-based controllers to direct traffic on the network and communicate with hardware infrastructure.

A targeted phishing attack directed at specific individuals or organizations using personalized information to increase credibility.

A code injection technique used to attack data-driven applications by inserting malicious SQL statements into entry fields.

A digital certificate that authenticates a website identity and enables encrypted connections between a web server and browser.

A document that lists all ISO 27001 Annex A controls and indicates whether each is applicable, implemented, or excluded with justification.

A security testing method that analyzes source code, bytecode, or binary code for vulnerabilities without executing the program.

An attack that targets the less-secure elements in a supply chain to compromise the final target.