Darktrace Cyber AI Glossary

Account takeover is when a user's profile has been hijacked by a cyber criminal.

Artificial intelligence (AI) is a vast branch of computer science concerned with a development in software that allows computer systems to perform tasks that imitate human cognitive intelligence.

A botnet attack is a cyber attack that uses a network of compromised computers to conduct malicious activity without the victims knowledge.

Brand impersonation is a form of phishing cyber-attack that aims to solicit sensitive information from victims by posing as a legitimate brand.

Learn about business email compromise (BEC) attacks, how they can affect your enterprise, and what to do to protect against malicious email behavior. Read more.

CEO fraud is a form of impersonation where a threat actor will falsify their identity, acting as an executive at an organization, and attempt to communicate with other employees, such as members of the finance department to solicit sensitive information.

Learn about cloud detection and response (CDR), its objectives and indicators, and best practices for choosing or deploying a CDR solution. Read more.

Cloud email is email that is hosted on a remote server. These servers are accessible by the internet and hosted by a third-party service providers.

A Cloud Infrastructure Entitlement Management (CIEM) solution helps manage entity permissions and entitlements in an organization’s cloud infrastructure.

Cloud security is the protection of information and services that companies are storing in their cloud-based environments.

CSPM (cloud security posture management) is equal parts a methodology and a technology. It attempts to identify and remediate risks that may surface with various types of cloud environments or infrastructure, such as with IaaS, SaaS, and PaaS.

The process of screening or restricting content to objectionable content on the web, in the email inbox, or other mediums.

Cryptojacking is the unauthorized use of a computer or device’s processing power to mine cryptocurrencies, often without the owner’s consent or knowledge. Cryptojacking is considered a form of cybercrime.

Learn what a Cyber Kill Chain means in cyber security, what key steps are in the model, & how security solutions can apply at stages of the Cyber Kill Chain.

Discover what cyber security is, how typical cyber threats manifest, and how to protect your company's vulnerabilities to ward off cyber attacks. Read more.

Data security refers to the practice of protecting digital data from unauthorized access, alteration, or destruction.

Learn about email data loss prevention (DLP) - how it works, risks of data loss, and how email security can guard against data leaks in your enterprise.

Email filtering is a method of email security that involves identifying and sorting emails that are deemed non-productive, spam, or malicious.

Explore what email security is, why it's important, types of email security and attacks, as well as what to do if your email has been compromised. Learn more.

Read about email spam - how it works, how to identify spam messages, and what you can do to protect your business from the harmful impact of spam mail.

Explore the power of generative AI for cyber security. Learn how self-learning AI works, how it compares to NLP/LLM, and how it can guard against cyber attacks.

Graymail is bulk emails that were originally solicited but are no longer wanted by the recipient. They do not fit the typical definition of spam email.

Incident Response is the immediate steps that an organization will take to deal with a data breach/cyber-attack.

Explore integrated cloud email security (ICES). Learn how it works, its benefits, how it can catch email attacks, & how it differs from secure email gateways.

IoT stands for “Internet of Things.” This refers to physical devices that connect wirelessly to a network. IoT cyber security are the tools and methods that attempt to protect these devices from cyber threats.

Lateral movement in cybersecurity refers to the tactics and techniques that threat actors use to progressively move through a network or system after gaining an initial foothold or access point.

Machine learning is a branch of artificial intelligence that uses algorithms to teach computers to learn and program themselves in order to classify data or predict future outcomes.

Discover what a malware attack is, how the exploitation works, and how you can protect yourself and your business from malicious software. Learn more.

Learn about phishing techniques & how they work, common warning signs of phishing communication, and how to prevent phishing attacks. Discover more here!

Qakbot is a banking trojan that has multifaceted capabilities which include stealing sensitive financial information, propagating through networks, and acting as a delivery mechanism for other malware.

Ransomware is a combination of the words "ransom" and "software." The word ransomware refers to the downloading of malware and the encryption of valuable documents by a cyber criminal who will hold those documents until a ransom is payed.

A comprehensive approach and technology stack that combines orchestration, automation, incident response and threat intelligence management to improve the efficiency and effectiveness of an organization’s cybersecurity operations.

Discover the power of secure email gateways (SEG) or secure email servers (SEC) to protect against malicious email behavior like phishing and spam. Learn more.

The shared responsibility model refers to a framework that establishes the cloud security obligations of a cloud service provider and of the organization which uses those services.

Simple Mail Transfer Protocol (SMTP) is the technical standard protocol used to send and receive emails.

Smishing is the process by which a threat actor sends fraudulent SMS messages in order to get victims to give away sensitive information or download malicious files.

Social engineering is an attack technique used by cyber-criminals to build trust with and trick their victims into fulfilling a request.

SaaS is a way to access and use data and work online through an application on the internet.

Spear phishing is a more targeted form of "Phishing". Both of which refer to a cyber security threat involving sending fraudulent emails to solicit information while posing as a legitimate sender.

Learn about the types of spoofing, who is at risk, consequences of spoofing, and how your organization can stay protected against spoofing attacks. Read more.

Learn more about: Malware, Phishing, Spoofing, Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks, Insider Threats, Man-in-the-Middle (MiTM) Attacks, Code Injection Attacks, Supply Chain Attacks, DNS Tunneling, and Brute-force Attacks.

Threat hunting involves searching for signs of malicious activities or potential security threats within an organization’s networks, systems, and endpoints.

Vishing is a type of cyber-attack that uses voice or telephone technology to trick targets into revealing sensitive information to attackers.

A web application firewall or WAF protects web applications by filtering and monitoring HTTP traffic between web applications and the Internet.

Whaling is a specific form of phishing attack that is used to gain access to networks and information by targeting high ranking members of an organization.

Zero trust is a cyber security paradigm designed for data and resource security amidst the growth of the remote workforce and cloud-based data storage.