AJAX progress indicator
  • 2-Factor Authentication
    Two unique requirements to access a document, application, or more.   Example – A password AND a text message code.   The password is something you know and the text message is on something you have, YOUR phone. Keep in mind that just using a password and a security question, like high school mascot, is NOT 2-Factor Authentication because they are both something you know. It needs to be a variety of something you know, have, something you are (think fingerprint or retina), and somewhere you are.   Passwords alone can be compromised, but 2-Factor Authentication is a great way to stay secure.
  • 2-Step Verification:
    Similar to 2-Factor Authentication, this is a method of requiring an additional layer of access on top of a password. The difference is that 2-Step verification could be a second knowledge-based question (example – What street you grew up on). While better than relying on a password alone, it’s often best to go with 2-Factor for the best security.
  • Advanced Persistent Threats
    A complex threat that remains hidden for an increased amount of time (possibly months) and attempts to steal data without being seen. Advanced Persistent Threats are often created by highly financed groups like nation states and cyber criminals. The main goal is typically not to set off alarms by causing harm, but rather to continue accessing more data by gaining additional device credentials or moving from one device to another. APT's work in several stages, but a common element is reconnaissance of your device through phishing and social engineering.  
  • Adware
    Advertisements that come as a pre-installed application on a device or popup during browsing. Adware can often be pulled from your cookies and online activity. These can either be in the form of annoying popups or sometimes malicious links with hidden downloads.  
  • AES Encryption
    An algorithm that makes data secure through encryption and only readable by authorized parties. Here's an oversimplified example of encryption. You save a file in the cloud with text that says, "THIS IS SENSITIVE DATA". That text is then encrypted into what is called ciphertext and will appear to anyone else who accesses it as 'a8hs0x1411h0Yudi' unless they have the encryption key.   AES is one of many forms of encryption including DES, RSA, and more. The reason for AES' prominence is because it has been standardized by the U.S. Government and National Institute of Technology. You may see different numbers like 128-bit or 256-bit following AES. These are different key sizes. The larger the number, the larger the key, and the stronger the encryption. 
  • Anti-Theft
    Think of Anti-Theft as a way to protect or retrieve devices after they’ve already been stolen. Some solutions may have loud alarms that prevent your phone or laptop from being taken, but most often these tools lock your photos, documents, and applications so they stay private.   Some versions of Anti-Theft provide a find-my-device feature with a map and address or even use the camera as a way to spy on the new owner. Keep an eye out for software that allows for device wipe as a last measure to maintain privacy.
  • Anti-Tracking
    Often found in different anti-virus programs, this is a great way to stay private online and even cut down on advertising clutter. Anti-Trackers can work in a few different ways, but most often prevent websites from monitoring browsing cookies. This means not only is your history and activity not being spied on (Hooray 4 Privacy), but you should see a reduction in those tailored webpage ads. Less ads often means faster loading too!
  • ARP Poisoning
    Assigned to every device is a unique 12 digit MAC address. Think of this like a social security number for computers and mobile devices that never changes. MAC addresses are stored in an ARP table on your router and communicate where to send information. When you access an IP address you are really reaching out to a specific MAC address and a router uses the ARP table to help navigate.   ARP Poisoning attacks work by tricking the ARP table into thinking an IP address goes to a different MAC address than intended. Example - You attempt to send a sensitive email. The email has to go through your router to reach the internet, but because of ARP poisoning the MAC address you think goes to your router actually belongs to an attacker on your network. The attacker receives the email(...)
  • Artificial Intelligence
    This is one of the broader terms in security, but still highly important and constantly evolving. AI isn’t a single tool or product. It’s really more of a method where an application can learn, adapt, and act. This is often seen in machine learning or behavioral analysis, but there are many different tools that fall under AI. Here is an example of how AI keeps you safe.   Artificial Intelligence in an Antivirus solution looks at an email file and determines that when opened it will access sensitive documents and erase them. Even though the code in the file has never been seen before, the AI knows this action is malicious and determines it should block it, notify you, and then submit the code to the cloud for further analysis.
  • Auto-Dialers
    Hidden telephone connections designed to spy on you through your device's microphone. (Not to be confused with trusted auto-dialer software used by sale's organizations).  
  • Autodiscovery Installation
    This process typically entails adding devices for backup and installation through local networks and active directory. As opposed to manual invites through email or command lines, Autodiscovery is more of a plug and play method where computers, servers, and NAS devices are discovered on your behalf.  
  • Automatic
    A fairly straight forward term, automatic backup is the process of files, folders, and more being backed up on your behalf. Some vendors approach this differently based on the specific data applicable (word documents, images, video, etc.). Another differentiator is the ability for file changes and edits to also be backed up automatically. This can go a long way to ensure work is never lost.  
  • Backup Cleanup
    A great way to save storage space. Backup cleanup on its own is really just the ability to reduce wasted storage in the form of duplicated files, unwanted backups, and more. A good management console will make things a lot easier by allowing you to see your backups first hand without having to restore them first. That way, when you go to delete files there's far less chance of error.  
  • Backup Validation
    The process of validation may differ between manufacturers, but more often than not this means your backup is confirmed to match the original data and just as importantly should restore without error. It's best to have that confirmation at the time of backup rather than last minute when you need to restore in a hurry.  
  • Bare Metal
    The ability to recover a backup to a machine that has no current operating system or applications. This comes in handy when you want to restore a desktop or server in its entirety on to new hardware. (Laptop falls off the counter and shatters? No problem, restore the operating system, applications, documents, pictures, and more to a new device as if nothing happened without having to repurchase and download the individual software components.) 
  • Behavior Analysis
    A lot like the name implies, this Antivirus / Intrusion Prevention method looks at behavior characteristics to determine if something is malicious or not. By evaluating what a file, exploit, or application wants to do, even never before seen threats can be stopped preemptively. Here’s an example.    You click on a new application to download. The code has never been seen or evaluated, but through behavioral analysis your Antivirus determines it wants to change administrative settings on your computer. Clearly, this is an unusual behavioral that deviates from the normal activity of an application and must be blocked. ‘Behavioral’ and ‘Anomaly’ are used interchangeably by some vendors and described as slightly different by others. Both evaluate behaviors, but may differ in what(...)
  • BitLocker
    This tool comes standard with Windows PC’s and is used to secure files, passwords, and more through device encryption. When you enter a user password your data becomes unencrypted and clear to read. When you logoff the data is encrypted again.
  • Botnet
    A collection of computers used, often unknowingly, to connect to a single network or device with the purpose of disrupting its services and resources. There are two ways a Botnet can effect you. If you are on the receiving end of an attack, many bots will ping your device or router until all available bandwidth is used up. This will make it impossible to use any internet services until the attack is over (Think, Denial of Service). The other way is if your device is used as a bot (also called a zombie) to attack another device. This will also eat up your computers resources as it will be rapidly sending pings as long as the attacker has control.  
  • Brute Force
    A Brute Force attack is an attempt to guess a password by trying every possible combination. Given enough time and attempts a Brute Force attack will eventually succeed. The best way to thwart Brute Force attempts is by setting lockout times for incorrect password attempts. 
  • Business Email Compromise
    An attempt to steal information or cause harm through email. Business Email Compromises often take the form of phishing or spoofed emails and attempt to gather information from the recipient or trick them into downloading malware. The best way to thwart BECs is to be vigilant when reviewing emails and use good judgement on what information you share or links you open.    
  • Cloud Management
    Think of cloud management as a way to access applications like antivirus, backup, or document management from anywhere. Just as you would log into your bank account or social media from a browser, you can do the same to make sure your devices are protected through a number of different features. Different solutions provide helpful tools like device tracking, parental controls, or online tech support. All of this is made much simpler through cloud management.
  • Cloud Management (Backup)
    A helpful component of cloud management is the ability to assign backups from almost anywhere. Perhaps even more helpful is being able to then manage those backups in the cloud and restore them to a new device at any time. With cloud backups you have less responsibility to safely store data and can easily increase or decrease storage as needed.    
  • Cloud Scanning
    Cloud scanning can mean different things to each security vendor. For antivirus solutions there are typically two common ways it is referenced. One way, is that the actual scanning function takes place in the cloud and not on your device. This means the scan uses far less memory and CPU so you can work without being slowed down too much.   The second way is more about security. When an antivirus solution is connected to the cloud it is able to constantly receive updates on new threats, important patches, and can even submit files from your device for analysis.
  • Compression
    Similar to deduplication, compression removes unnecessary data in your backups and archives to conserve storage space. While the methods of compression may vary, in general, the process of making backups smaller by removing unnecessary bits of data is the same. Keep in mind, compression is a great way to save storage space (and money), but can change your backup and recovery time.  
  • Continuous
    Consider you are working on a document. You save a backup up of that document, but continue to make edits, add text, revisions and more. Continuous backup automatically saves these changes to your backup so any time you recover it, it is the most up to date version.  
  • CPU Load Balancing
    Distributing tasks and processes so as not to overload your computer's CPU or hinder the most important applications. During antivirus scans or backups CPU load balancing may utilize less CPU power for applications not in use so the task at hand can run efficiently.  
  • Cross-Platform Protection
    Protecting the Windows PC or MAC you’re using can sometimes only be half the battle. Even if your device is safeguarded from specific threats for that operating system (like MAC or iOS), you likely still communicate with different ones (Android, PC, Linux). Cross-Platform Protection prevents transferring a threat from one operating system to another whether it be over email, file-share, or more.
  • Cryptojacking
    A malicious threat that uses your computers processing power to mine for digital currency. Often these viruses remain hidden, but the effects can be seen in the form of extremely slow performance or in some cases the hard drive overheating.  
  • Cryptolocker
    A Ransomware variant that infects devices through the use of a Trojan horse to lock files and folders for ransom.
  • Ransomware
    Malware that encrypts files, drives, and more on your device with a key known only to the attacker. To retrieve the key, you are often required to pay a 'ransom' in crypto currency or risk losing all of your data. Some forms of Ransomware may also threaten to publish sensitive data publicly.   Ransomware has become one of the most prominent and common types of attacks. It can best be thwarted by creating safe copies of data and using software that detects Ransomware behavior.  
  • Data Loss Prevention
    The idea is simple, keep sensitive data from being taken off of your device maliciously or by accident. DLP solutions can work in a variety of ways, but most commonly they succeed by scanning for certain words, phrases, or files. Whether a threat actor is attempting to steal your financial records or an in-house worker is downloading product information for personal gain, Data Loss Prevention solutions watch a variety of channels (email, USB, network connections) and immediately flag connections. Where some versions just prevent the data from being taken, others provide a watermark over documents to discourage screenshots.
  • Deduplication
    The process of saving backup space by removing redundant data. Deduplication in its simplest form makes saved data appear smaller by only storing what is necessary. Imagine you save a backup that reads  -  AABCCEEDDD. With deduplication, the data could be stored as ABCED. (Meaning you just saved GB's of storage space).    When you restore the document, deduplication puts the file back together as if nothing changed. The rest of this glossary could be filled with all the nuances that go into real-life deduplication, RAID scenarios, and parity features (it's a bit more complex than the above example). The takeaway is that deduplication, when utilized properly, can be a real money saver. 
  • Denial of Service
    An attack on your computers resources making it unable to provide certain network or application services. Example - If an attacker can send an excessive amount of traffic to your router or device it can use up all potential bandwidth and keep you from accessing the internet.   One common yet highly dangerous version is through a Distributed Denial of Service. (This simply means many devices are targeting you at once. Think, botnet). A successful Distributed Denial of Service attack can shutdown an organization's online operation for an extended period of time. This can be done to cause harm to government operations, help a business competitor thrive, or even to demand a ransom before the attack will subside. (Ransom Distributed Denial of Service
  • Device Control
    There are two reasons you are most likely to use device control. The first, referred to as ‘writing’, is to keep sensitive data from leaving your device. This can be as simple as blocking all downloads to removeable media like USBs (think Data Loss Prevention) or even setting encryption rules for your hard drive, in case it is stolen. The second, ‘reading’, is to prevent malicious threats from harming your device. This most commonly applies to blocking USB connections (thumb drives, smartphones, and more) from downloading malware directly onto your device. Device Control applications typically provide very simple rules that state when a device can / cannot interact with your machine. 
  • Differential
    Here is an example of differential backups.   On Sunday, you save a backup of a word document. You continue to work on that document on Monday, Tuesday, and Wednesday. Each day the new updates are saved to the backup.   On Monday - Monday's updates are saved.  On Tuesday - Monday and Tuesday's updates are saved.   On Wednesday - Monday, Tuesday, and Wednesday's updates are saved.   This continues until next Sunday when you do another full backup.   If you were to recover the document in full on Wednesday the document would need two things - The full backup from Sunday and Wednesday's differential backup (that also includes Tuesday and Monday's work).     Compare this to Incremental backups below.   Differential - Quicker Recovery  Incremental - Quicker(...)
  • Disk Cloning
    Saving a full copy of a computer's hard disk including (operating system, drives, applications, settings, and more). Disk cloning helps in several scenarios, most often for a full restore to a new device or allowing a restore to a previous version of a computer in case a new update or program causes harm.    
  • Disk Encryption
    The process of converting your hard drive disk into scrambled code that can only be read by entering a password. Disk Encryption tools come standard with newer versions of Windows PCs (BitLocker) and Macs (FileVault). Different Antivirus solutions may provide a disk encryption feature that helps you manage these tools. The benefits, are often, to show you are in compliance with certain data regulations and the ability to manage encryption of several devices from a single location.
  • DNS Attacks
    There are several ways a DNS server or DNS services may be attacked. Two of the more common methods are in the form of Denial of Services and DNS spoofing. DNS Denial of Services happen when an organization's internet facing DNS servers are queried rapidly. (These attacks can be quite complex and include a lot of components).   The second common attack, DNS spoofing, is when an attacker is able to coax you into visiting a different IP address than intended. Example, you enter the domain name you wish to enter and are instead sent to the attacker's malicious website.   Keep in mind, unlike most cases of computer viruses, malware, and trojans - DNS attacks are not simple files to block / prevent. These are complex threats that nearly always involve a hands on attacker looking to(...)
  • Event Based
    Automatic backups are helpful to make sure edits, changes, and updates are always saved on your behalf, but you may want to take it a step further and assign specific backup schedules. With Event Based Backups you can set rules based on how you work. A few examples: backup before every major computer update, backup before downloading new applications, backup every time you backup (ok, maybe not that last one, but you get the picture).   
  • Exploits
    A tool that takes advantage of a vulnerability in a device or application.  
  • File Encryption
    This can apply to a file that is at rest (sitting in your hard drive unused) or in-transit (being sent in an email). File Encryption scrambles information into unreadable code until it is unlocked with a key. The most common and accepted form of encryption is AES. You may see different numbers like 128-bit or 256-bit following AES. These are different key sizes. The larger the number, the larger the key, and the stronger the encryption.
  • File-Level
    File-Level Backups are often individual pieces of data (think word documents, pictures, spreadsheets, and more). File-Level Backup is a quick and easy way to save important information, but keep in mind, unlike image-based or system backups you are not backing up entire operating systems or hard drives. This means you can restore specific files to any device, but not a computer or server in its entirety.  
  • Fileless Attacks
    A malicious program, file, or malware that lives only in short-term memory and does not download onto a device's hard drive. This attack is able to evade traditional anti-virus scans that search through common files and drives. Fileless attacks are best prevented through behavioral analysis and exploit blocking.  
  • Firewall
    One of the more universally used terms in security, firewalls are a staple of protecting both devices and networks. One misconception about firewalls is that they are these broad all-in-one tools that block, hunt, and eradicate any and all threats. Well, that is partly true as Firewalls do act as a gate and block both incoming and outgoing traffic. This is either done by rules (no connections from this IP, allow traffic only to this online application, stop access to social media sites) also called a Stateless firewall.   The other approach, Stateful, takes context into consideration. Maybe, you allow connections from your device to unknown IP addresses, but your firewall notices an unordinary amount of traffic from different computers all over the world (a potential botnet(...)
  • Granular
    Recovering a single file or piece of information from a larger backup. Granular Restore allows you to save time and resources by only restoring what you need at the moment, rather than a complete image recovery.  
  • Heuristic Analysis
    This can often be used interchangeably by different Antivirus Solutions. Like Behavior Analysis, Heuristic Analysis evaluates the actions a file or download wants to take. The difference is that Behavior Analysis often looks at the actual execution or action taking place. Heuristic Analysis, on the other hand, looks at the way the code is constructed and compares it to previously seen malware. It also evaluates instructions within the code and essentially determines if they present a risk to your device. The important part is that whether or not a file has been seen before, Heuristic Analysis can determine what it wants to accomplish by the way it is designed.
  • Homoglyph Attacks
    Using a similar looking letter, number, or symbol to spoof a user through phishing emails or fraudulent domains.    Example - An email sent from (That's a zero, fyi) pretending to be from  
  • Host Intrusion Prevention
    Like Antivirus, Host Intrusion Preventions look for malicious activities and attempt to block and eradicate them. Some slight differences are that HIPS may search a larger area; network logs, running processes, memory, and the computer’s core (known as the kernel). Depending on the solution, HIPS may also have additional remediation tools beyond just block and quarantine. Today, these features can also be found in some newer, Next-Gen, Antivirus solutions even if the term Host Intrusion Prevention is not explicitly mentioned.  
  • Image-Based
    A full system backup of the machine. Image-Based backups store everything from the operating system, settings, applications, and drives to individual files and more. The benefit of Image-Based backups is that if a system goes down due to hardware failure you can recover it in its entirety and restore it on new hardware.  
  • Incremental
    Here is an example of incremental backups.   On Sunday, you save a backup of a word document. You continue to work on that document on Monday, Tuesday, and Wednesday. Each day, only the new updates on that day are saved to the backup.   On Monday - Monday's updates are saved.  On Tuesday - Tuesday's updates are saved.   On Wednesday - Wednesday's updates are saved.   This continues until next Sunday when you do another full backup.   If you were to recover the document in full on Wednesday the document would need four things - The full backup from Sunday and Monday's, Tuesday's, and Wednesday's updates.     Compare this to Differential backups above.   Differential - Quicker Recovery  Incremental - Quicker Backup   
  • Insecure Sites
    A site deemed either fraudulent or untrustworthy (not using proper encryption to protect data).    
  • Keyloggers
    Tools or programs that spy on your keystrokes to steal passwords, financial information, and more.  
  • Lateral Movement
    When an attacker moves from one device or application to another in attempt to access more information.  
  • Link Scanning
    A tool to verify if a link leads to a safe or malicious URL. Some Antivirus solutions allow you to simply hover over a link and see if the destination is trustworthy.
  • Log Files
    An overview of activity on your device. Different log files can show network activity, applications in use, or processes occurring. Think of these as historical records or evidence of what’s occurred on your device.
  • Machine Learning
    An algorithm for determining the outcome of a file, application, or more. Machine Learning is most commonly used by building a pattern of events, signatures, malware, trusted files, and more. When an Antivirus solution evaluates something with Machine Learning it essentially cross references it to the algorithm and determines the most likely scenario.   Here’s an oversimplified example. An antivirus company builds up analytics over three years. They see that 75% of files with the signature (code string) ‘525402C2B…’ will attempt to change administrative settings on a computer (not good). The same company also sees that 75% of files that attempt to load Java will try to create a backdoor on the device (also not good). So, when a file is downloaded and Antivirus sees it has the(...)
  • Malware
    A form of software that wants to harm a device or data.
  • Memory Scanner
    Some viruses do not reside in a hard drive, but live only in short term memory (RAM). Often, when a computer conducts a virus scan it looks at files and determines if they are malicious. If a virus uses a running computing process and does not install fully onto your device it is much harder to detect. Memory scanners (often with the help of Behavioral Analysis) are able to catch what are called fileless attacks as they execute.
  • Modern Threats
    A catch-all term for threats that are more complex and able to evade older anti-virus scans. Modern Threats can often refer to Ransomware, Advanced Persistent Threats, Polymorphic Malware (The malware continuously alters itself to stay hidden), or targeted spear-phishing attempts.  
  • Multi-Destination
    Storing backups in different locations. For example, an onsite backup and a second backup in the cloud. Or, two backups in the cloud, but with different providers. Multi-Destination backups can help reduce risk and provide more control over how data is stored and recovered.  
  • On Demand Scan
    The ability to scan a device at any time. Most Antivirus solutions offer quick scans that search common files and local disks. System scans are more in depth and search things like boot sectors and system registries (where more complex viruses may hide). They take more time and resource power, but can be much more effective.
  • Packers
    A tool to compress software like malware or executables into a hard to detect package. There are many forms of packers that function differently and may encrypt malware or change the way its constructed rather than just use compression. In each case the goal is still the same, to keep the malicious program hidden. A great way to stop packers is to utilize real-time protection that blocks executions, no matter what the file or program looks like.  
  • Patch Management
    The process of fixing software vulnerabilities through important updates. It’s important to stay up to date on patches as most often they are released to stop potential security threats known as exploits.
  • Pharming
    Quite similar to a DNS spoofing attack, pharming occurs when an attacker leads you to a website designed to look trustworthy. Example, you go to a webpage that looks exactly like your bank. You enter your username and password into the fake sites login and now the attacker has access to your financial information.  
  • Phishing
    Attempts to scam a user through fraudulent websites, emails, text messages, phone calls and more. Phishing attempts can be large scale (think, daily robo-calls) or highly targeted. Personalized phishing attempts are called Spear-Phishing. When this occurs with a high level executive, say for instance a CEO or politician, you may also hear the term 'Whaling'.   Spear-Phishing attacks are consistently among the most dangerous cyber threats as attackers are very good at making emails look legitimate. By using social media, business websites, and referencing colleagues, attackers are able to send messages that look both safe and urgent.   Check the Outline Trending Page to learn more about the dangers of Phishing.  
  • Port Scanning
    When done through Antivirus or a network tool, this is an easy way to see open connections on your device. Port Scanning helps not only show your network traffic, but what applications are being used and what data is being sent / received. You may hear Port Scanning in a negative way as threat actors also attempt this process to spy on networks. The best defense here is a good offense and understanding your own network’s vulnerabilities before they do.
  • Quarantine
    A safe location to house malware and different viruses before they are released or permanently deleted. Most Antivirus solutions will quarantine a file that appears malicious by removing it from its current location on your device so no further harm can be done. Some solutions may send additional information to the cloud for further analysis before taking next steps.
  • Real-Time Protection
    Blocking malicious threats, the moment they are detected. Think of Real-Time protection like an automated Antivirus scan that is always working. If a file, email, application, or more is started, Real-Time protection will evaluate it and alert you of any potential threats. On-demand scanning is still a good resource to consistently review files or drives, but Real-Time protection is an extremely helpful first line of defense that works on your behalf.
  • Remote Device Wipe
    If your device is lost or stolen and you want to ensure sensitive information cannot be seen, Remote Device Wipe will allow you to erase the entire drive. This feature is most often accessible from a cloud management console on a different desktop or mobile device. (It’s helpful to have your device’s data backed up to the cloud beforehand).
  • Removeable Media Scanning
    On-demand or real-time scanning of CDs, DVDs, USBs, or even mobile devices. (Fun fact, most people plug in USB’s found on the ground out of sheer curiosity. We’d strongly recommend not doing this.)
  • Retention Rules
    A policy or multiple policies on how long data is stored. Retention rules can be based on specific data needs or company / legal rules.  
  • Reverse Incremental
    Similar to Incremental Backups, this process backs up only the most recent edits and updates as they occur. The difference is, now a new full backup is made each time an incremental backup takes place. Here is a simplified example.   Sunday - Full backup of a word doc to the cloud.   Monday - Update #1 is saved in the cloud.  Monday - A full backup is made in the cloud including update #1.   Tuesday - Update #2 is saved in the cloud.   Tuesday - A full backup is made in the cloud including update #2. (Update #1 is already included).   The difference between this process and Incremental backup is that when you restore the data it doesn't need to pull updates from each day because that process already took place and there is a full backup with all recent updates ready(...)
  • Rootkits
    A malicious software that gains root-level access on a device so that it can remove traces of its existence and make administrative level changes. Rootkits can be delivered through malware and exploits or even Advanced Persistent Threats where an attacker is looking to gain complete control and access of a device. There is not sure fire way to prevent Rootkits, but Behavioral Analysis, Exploit Prevention, and continuous patching will help.  
  • Sandbox
    A safe and protected environment to test files, malware samples, and applications. Sandboxes work by letting a program run as intended to see what it wants to accomplish and how threatening it is.
  • Schedule-Based
    Backups set to a specific timeline, often daily, weekly or monthly. Schedule-Based backups are easy to set up and manage. Typically, this entails selecting a preferred day, time, and frequency.  
  • Secure Restore
    Ensuring a backup is malware free before restoring to production. (Production = actual use, not just testing) 
  • Security Policies
    While this can be a vague term, when referenced with Antivirus solutions it often means having different rules for content, applications, and more based on a specific device or user.
  • Signature Analysis
    Comparing files to a repository of known threats (think of this like looking up a mugshot). When a sequence of bytes (known as a signature) matches a previously seen piece of malware, Signature Analysis knows to block the download or action. This is one of the most common forms of virus protection, but it’s important to pair it with Machine Learning, Heuristic Analysis, or Behavior Analysis to prevent unknown (zero-day) threats.
  • Spyware
    There are versions of spyware that are less malicious, like Adware, that attempt to track your online activity for the purpose of sending you tailored ads. Then, there are much more dangerous applications like keyloggers and rootkits that track activity for the purpose of stealing sensitive data and login information. Newer forms of spyware may also attempt to access a device's webcam and microphone to listen in on conversations.  
  • Threat Feed
    A constantly growing collection of security events. Security applications like Antivirus and Anti-Malware use threat feeds from the cloud to provide devices with new updates on malicious behaviors, signatures, machine learning data, and more. A threat feed is often gathered from millions of devices and can include everything from strange behaviors, IP addresses, or information about potential targets.   Here’s an oversimplified example of a threat feed. A computer in California is attacked by an unknown threat. The signature of that threat is fed to the cloud. A device in Florida connected to that cloud receives an update to now block that signature.
  • Traffic Throttling
    Slowing down services / bandwidth to applications or internet usage. This can be automated or done manually for a number of reasons. The most common of which is to give priority to another application in use (say for example an ongoing backup or antivirus scan).  
  • Trojans
    Malicious files or applications that are designed to look trustworthy. Example - Ever visit a webpage and see a popup that says "Antivirus Expired, click here"? These can often be fairly easy to spot, but Trojans can also disguise themselves in more sophisticated ways. Phishing emails are a great way for attackers to send Trojans that may look like trusted word documents, but are carrying a malicious payload. Luckily, a Trojan will not work on its own and needs a user to allow for download. The best way to prevent this from happening is to stay vigilant (AND NOT CURIOUS) when allowing downloads.  
  • UEFI Scanner
    A scan of a device’s firmware and underlying operating system. This particular scan is helpful to find and eradicate rootkits (viruses that make system changes upon bootup).
  • URL Filtering
    Preventing access to certain websites through rules you set up. These can be specific to a single domain name or often by general content categories (Adult, gambling, social media, etc.). Certain security tools will work on your behalf to block malicious URLs if they are deemed fraudulent or untrustworthy.
  • Web Filtering
    Preventing access to certain websites through rules you set up. These can be specific to a single domain name or often by general content categories (Adult, gambling, social media, etc.). Certain security tools will work on your behalf to block malicious URLs if they are deemed fraudulent or untrustworthy.
  • VPN
    A Virtual Private Network is a way to connect a remote device to a network and secure all communication. Think of it like this. When two laptops are on the same Wi-Fi they can communicate securely because the traffic does not have to travel over the public internet. A VPN is a way to recreate that connection through an encrypted tunnel. This is a helpful and secure way to communicate with business devices or simply logging into a bank account.
  • Vulnerability Assessment
    A review of applications, system settings, and more to find potential security threats that can be exploited. Vulnerability Assessments can find anything from outdated / unpatched software to weak passwords and dangerous programs that offer an opening for malware.  
  • Vulnerable Wi-Fi
    A vulnerable or insecure Wi-Fi may not necessarily be malicious. In fact, most vulnerable wi-fi networks occur at local coffee shops. Public wi-fi can be a great thing, but the problem is weak passwords (or ones written on the wall) mean anyone can access the network. If the wi-fi is using an insecure encryption method (often the case) the data you send can be seen quite easily. When using public wi-fi it's good practice NOT to access any sensitive data, like financial sites, without using a VPN.   Another thing to consider is that you may not always be accessing the intended wi-fi. It's not difficult for someone to sit down in a coffee shop, create their own wi-fi network, and give it the very same name as the public one. This means you may be unintentionally connecting to an(...)
  • Web Certificate Checker
    Take a look at the lock symbol next to This symbol certifies that a website domain is registered with a Certificate Authority and its identity is trustworthy. More importantly, it certifies that a site is using encryption to protect information you send / receive. A website that does not have a valid certificate may not provide a secure connection.
  • Windows System State
    Within the Windows System State are several key components that help recover a complete Operating System. These include everything from Boot Files to the System Registry and more. One of the more helpful reasons to backup up the Windows System State is to preserve a safe copy of Active Directory.  
  • Worms
    A virus that works by spreading across computers and continuously copying itself. Worms do not need to be attached to a program (Different from Trojans) and can often be sent through mass emails and vulnerabilities.  
  • XSS (Cross-Site Scripting Attacks)
    A malicious code injection into a trusted website that can be transferred to users through different input fields (like the login portal) or applications (Java). XSS attacks work when an attacker is able to exploit a vulnerability in a website that accepts a malicious script to be stored. Later, when a user visits the site and attempts to access a specific feature, the malicious script is downloaded and the user's device believes it is safe as it comes from the trusted website.  
  • Zero-Day Threats
    Threats that are brand new in the wild and have not been added to any security databases. Zero-Day threats may be an exploit of a recent software vulnerability or a new form of malware. These are best prevented through security tools that do not rely solely on signature analysis (as the signature is entirely new or non-existent) and utilize some form of behavior analysis, heuristic analysis, or machine learning.  
Scroll to Top