Cybersecurity can seem overwhelming for newcomers — full of acronyms, jargon, and technical concepts that often sound mysterious. Whether you’re just starting to learn about online protection, setting up your first antivirus, or diving into malware analysis, understanding the core terminology is essential.
This glossary covers 100 key cybersecurity terms, explained in plain English, to help you confidently navigate the world of online safety.
A method that determines who can view or use resources in a computing environment. Includes authentication (who you are) and authorization (what you’re allowed to do).
Software that automatically displays or downloads advertising material, often bundled with free programs.
A long-term cyberattack in which an intruder gains access to a network and remains undetected for an extended period, often targeting sensitive data.
A sequence of instructions that a computer follows to perform a specific task, such as encryption or password hashing.
Software designed to detect, prevent, and remove malware from computers and networks.
The process of verifying a user’s identity using passwords, biometrics, or security tokens.
Determining what actions or resources a user is permitted to access after authentication.
A copy of data stored separately to prevent loss from system failures or cyberattacks.
A list of known malicious websites, IP addresses, or applications that are blocked from access.
A program that performs automated tasks on the internet; when controlled maliciously, it can become part of a botnet.
A network of compromised computers controlled remotely by attackers to perform coordinated actions such as DDoS attacks or spam distribution.
A hacking method that tries every possible password combination until the correct one is found.
An error or flaw in software code that can lead to security vulnerabilities or crashes.
A trusted organization that issues digital certificates verifying the ownership of encrypted websites.
The protection of data, applications, and systems hosted in cloud computing environments.
A small file stored on a user’s device that remembers information about online activity; can be exploited for tracking or session hijacking.
The science of securing information by transforming it into an unreadable format using encryption.
Any attempt by hackers to damage, steal, or disrupt data, systems, or networks.
Routine practices and steps users take to maintain system health and improve online security (e.g., updates, backups, strong passwords).
An incident in which confidential or protected information is accessed, stolen, or disclosed without authorization.
An attack that floods a website or network with traffic from multiple sources, causing disruption or downtime.
The process of converting encrypted data back into its original form.
The collection of data you leave behind while using the internet.
The system that translates domain names (like malwaretips.com) into IP addresses that computers understand.
A malware infection that occurs when visiting a compromised website, without the user’s consent or knowledge.
The process of converting readable data into ciphertext to protect it from unauthorized access.
Any device (computer, phone, IoT gadget) connected to a network that can be exploited if unsecured.
A cybersecurity professional authorized to test and improve systems by simulating real-world attacks.
A network security system that monitors and filters incoming and outgoing traffic based on security rules.
Software programmed into hardware devices, which can be targeted by malware if outdated.
Techniques used to identify users or systems based on unique attributes, such as browser or device configurations.
Malware that operates entirely in system memory, leaving no trace on the disk.
A network point that acts as an entrance to another network, often secured by firewalls or proxies.
Software that is not outright malicious but can pose risks, such as adware or potentially unwanted programs (PUPs).
The use of hacking to promote political or social causes.
Transforming data into a fixed-length value (hash) used for integrity checks and password storage.
A decoy system set up to attract attackers and study their methods.
Protocols used to transfer data over the web. HTTPS is the secure version, encrypted with SSL/TLS.
When cybercriminals steal personal information to commit fraud or gain unauthorized access.
The process of detecting, responding to, and recovering from cybersecurity incidents.
A security risk originating from employees or individuals within an organization.
Networked smart devices (e.g., cameras, thermostats) that often lack proper security configurations.
The process of removing manufacturer restrictions on devices like iPhones to install unauthorized software.
Malware that records keystrokes to capture sensitive information such as passwords.
A network authentication protocol that uses tickets to verify user identities securely.
A security principle ensuring users have only the minimum access rights necessary to perform their tasks.
Malicious code that triggers when specific conditions are met, such as a date or user action.
Short for “malicious software,” it includes viruses, trojans, ransomware, spyware, and worms.
An attack where the hacker secretly intercepts and alters communication between two parties.
A login process requiring two or more verification methods (e.g., password + SMS code).
A collection of connected devices sharing resources and data.
Dividing a network into smaller sections to limit access and contain breaches.
A random number used once in cryptographic communication to prevent replay attacks.
Software with publicly available source code that can be modified or inspected by anyone.
Information gathered from publicly available sources for security or intelligence analysis.
An update released by software developers to fix bugs or security vulnerabilities.
Simulated attacks performed by ethical hackers to identify security weaknesses.
Fraudulent messages designed to trick users into revealing sensitive data like passwords or credit card details.
The part of malware that performs the malicious action, such as deleting files or stealing data.
A technique where attackers gain higher access rights than intended.
A safe area where antivirus software isolates infected files to prevent spreading.
Malware that encrypts a victim’s files and demands payment for decryption.
Malware that allows attackers to control a victim’s device remotely.
Malware designed to hide its presence and maintain privileged access on a system.
Running programs in an isolated environment to prevent them from harming the system.
Taking over a user’s active web session to impersonate them.
Software that collects and analyzes security logs across an organization.
Manipulating people into revealing confidential information or performing risky actions.
Software that secretly collects user data and transmits it to third parties.
Protocols that encrypt data transferred between a user’s browser and a website.
Information about current and emerging cyber threats that helps improve defense strategies.
Replacing sensitive data (like credit card numbers) with unique, non-sensitive tokens.
Malware disguised as legitimate software that secretly performs malicious tasks.
A trick that uses a fake web address similar to a trusted one to deceive users.
Programs that teach employees or users about safe online practices.
A tool that encrypts internet traffic and hides your IP address for privacy and security.
A self-replicating malicious program that infects other files or systems.
A weakness in software, hardware, or human behavior that can be exploited by attackers.
A firewall that specifically filters and monitors traffic to web applications.
Malware that spreads automatically across networks without human interaction.
Allowing only approved software or connections to run on a device or network.
A security platform that integrates multiple tools (email, endpoints, cloud) for unified threat detection.
A pattern-matching system used by malware researchers to identify and classify malware samples.
A security flaw unknown to the software vendor, often exploited before a patch is released.
A security model that assumes no device or user should be trusted by default, even inside the network.
Cybersecurity terminology can be confusing at first, but knowing these 100 essential terms gives you a strong foundation to understand how digital threats work and how to protect yourself. From antivirus software to zero-day exploits, these concepts form the language of modern online defense.
The more familiar you become with these terms, the more confident and secure you’ll be navigating the digital world.
This glossary covers 100 key cybersecurity terms, explained in plain English, to help you confidently navigate the world of online safety.
A
Access Control
A method that determines who can view or use resources in a computing environment. Includes authentication (who you are) and authorization (what you’re allowed to do).
Adware
Software that automatically displays or downloads advertising material, often bundled with free programs.
Advanced Persistent Threat (APT)
A long-term cyberattack in which an intruder gains access to a network and remains undetected for an extended period, often targeting sensitive data.
Algorithm
A sequence of instructions that a computer follows to perform a specific task, such as encryption or password hashing.
Antivirus
Software designed to detect, prevent, and remove malware from computers and networks.
Authentication
The process of verifying a user’s identity using passwords, biometrics, or security tokens.
Authorization
Determining what actions or resources a user is permitted to access after authentication.
B
Backup
A copy of data stored separately to prevent loss from system failures or cyberattacks.
Blacklist
A list of known malicious websites, IP addresses, or applications that are blocked from access.
Bot
A program that performs automated tasks on the internet; when controlled maliciously, it can become part of a botnet.
Botnet
A network of compromised computers controlled remotely by attackers to perform coordinated actions such as DDoS attacks or spam distribution.
Brute-Force Attack
A hacking method that tries every possible password combination until the correct one is found.
Bug
An error or flaw in software code that can lead to security vulnerabilities or crashes.
C
Certificate Authority (CA)
A trusted organization that issues digital certificates verifying the ownership of encrypted websites.
Cloud Security
The protection of data, applications, and systems hosted in cloud computing environments.
Cookie
A small file stored on a user’s device that remembers information about online activity; can be exploited for tracking or session hijacking.
Cryptography
The science of securing information by transforming it into an unreadable format using encryption.
Cyberattack
Any attempt by hackers to damage, steal, or disrupt data, systems, or networks.
Cyber Hygiene
Routine practices and steps users take to maintain system health and improve online security (e.g., updates, backups, strong passwords).
D
Data Breach
An incident in which confidential or protected information is accessed, stolen, or disclosed without authorization.
DDoS (Distributed Denial of Service)
An attack that floods a website or network with traffic from multiple sources, causing disruption or downtime.
Decryption
The process of converting encrypted data back into its original form.
Digital Footprint
The collection of data you leave behind while using the internet.
DNS (Domain Name System)
The system that translates domain names (like malwaretips.com) into IP addresses that computers understand.
Drive-by Download
A malware infection that occurs when visiting a compromised website, without the user’s consent or knowledge.
E
Encryption
The process of converting readable data into ciphertext to protect it from unauthorized access.
Endpoint
Any device (computer, phone, IoT gadget) connected to a network that can be exploited if unsecured.
Ethical Hacker
A cybersecurity professional authorized to test and improve systems by simulating real-world attacks.
F
Firewall
A network security system that monitors and filters incoming and outgoing traffic based on security rules.
Firmware
Software programmed into hardware devices, which can be targeted by malware if outdated.
Fingerprinting
Techniques used to identify users or systems based on unique attributes, such as browser or device configurations.
Fileless Malware
Malware that operates entirely in system memory, leaving no trace on the disk.
G
Gateway
A network point that acts as an entrance to another network, often secured by firewalls or proxies.
Grayware
Software that is not outright malicious but can pose risks, such as adware or potentially unwanted programs (PUPs).
H
Hacktivism
The use of hacking to promote political or social causes.
Hashing
Transforming data into a fixed-length value (hash) used for integrity checks and password storage.
Honeypot
A decoy system set up to attract attackers and study their methods.
HTTP / HTTPS
Protocols used to transfer data over the web. HTTPS is the secure version, encrypted with SSL/TLS.
I
Identity Theft
When cybercriminals steal personal information to commit fraud or gain unauthorized access.
Incident Response
The process of detecting, responding to, and recovering from cybersecurity incidents.
Insider Threat
A security risk originating from employees or individuals within an organization.
IoT (Internet of Things)
Networked smart devices (e.g., cameras, thermostats) that often lack proper security configurations.
J
Jailbreaking
The process of removing manufacturer restrictions on devices like iPhones to install unauthorized software.
K
Keylogger
Malware that records keystrokes to capture sensitive information such as passwords.
Kerberos
A network authentication protocol that uses tickets to verify user identities securely.
L
Least Privilege
A security principle ensuring users have only the minimum access rights necessary to perform their tasks.
Logic Bomb
Malicious code that triggers when specific conditions are met, such as a date or user action.
M
Malware
Short for “malicious software,” it includes viruses, trojans, ransomware, spyware, and worms.
Man-in-the-Middle (MitM) Attack
An attack where the hacker secretly intercepts and alters communication between two parties.
Multi-Factor Authentication (MFA)
A login process requiring two or more verification methods (e.g., password + SMS code).
N
Network
A collection of connected devices sharing resources and data.
Network Segmentation
Dividing a network into smaller sections to limit access and contain breaches.
Nonce
A random number used once in cryptographic communication to prevent replay attacks.
O
Open Source
Software with publicly available source code that can be modified or inspected by anyone.
OSINT (Open-Source Intelligence)
Information gathered from publicly available sources for security or intelligence analysis.
P
Patch
An update released by software developers to fix bugs or security vulnerabilities.
Penetration Testing
Simulated attacks performed by ethical hackers to identify security weaknesses.
Phishing
Fraudulent messages designed to trick users into revealing sensitive data like passwords or credit card details.
Payload
The part of malware that performs the malicious action, such as deleting files or stealing data.
Privilege Escalation
A technique where attackers gain higher access rights than intended.
Q
Quarantine
A safe area where antivirus software isolates infected files to prevent spreading.
R
Ransomware
Malware that encrypts a victim’s files and demands payment for decryption.
Remote Access Trojan (RAT)
Malware that allows attackers to control a victim’s device remotely.
Rootkit
Malware designed to hide its presence and maintain privileged access on a system.
S
Sandboxing
Running programs in an isolated environment to prevent them from harming the system.
Session Hijacking
Taking over a user’s active web session to impersonate them.
SIEM (Security Information and Event Management)
Software that collects and analyzes security logs across an organization.
Social Engineering
Manipulating people into revealing confidential information or performing risky actions.
Spyware
Software that secretly collects user data and transmits it to third parties.
SSL/TLS
Protocols that encrypt data transferred between a user’s browser and a website.
T
Threat Intelligence
Information about current and emerging cyber threats that helps improve defense strategies.
Tokenization
Replacing sensitive data (like credit card numbers) with unique, non-sensitive tokens.
Trojan Horse
Malware disguised as legitimate software that secretly performs malicious tasks.
U
URL Spoofing
A trick that uses a fake web address similar to a trusted one to deceive users.
User Awareness Training
Programs that teach employees or users about safe online practices.
V
Virtual Private Network (VPN)
A tool that encrypts internet traffic and hides your IP address for privacy and security.
Virus
A self-replicating malicious program that infects other files or systems.
Vulnerability
A weakness in software, hardware, or human behavior that can be exploited by attackers.
W
WAF (Web Application Firewall)
A firewall that specifically filters and monitors traffic to web applications.
Worm
Malware that spreads automatically across networks without human interaction.
Whitelisting
Allowing only approved software or connections to run on a device or network.
X
XDR (Extended Detection and Response)
A security platform that integrates multiple tools (email, endpoints, cloud) for unified threat detection.
Y
YARA Rules
A pattern-matching system used by malware researchers to identify and classify malware samples.
Z
Zero-Day Vulnerability
A security flaw unknown to the software vendor, often exploited before a patch is released.
Zero Trust
A security model that assumes no device or user should be trusted by default, even inside the network.
The Bottom Line
Cybersecurity terminology can be confusing at first, but knowing these 100 essential terms gives you a strong foundation to understand how digital threats work and how to protect yourself. From antivirus software to zero-day exploits, these concepts form the language of modern online defense.
The more familiar you become with these terms, the more confident and secure you’ll be navigating the digital world.
