Table of Contents
RFC 4949 Internet Security Glossary Definitions H
Return to RFC 4949 Internet Security Glossary Definitions, RFC 4949 Internet Security Glossary, RFC 4949 Internet Security Glossary Bibliography, Cybersecurity, Awesome Security
RFC 4949: RFC 4949 Internet Security Glossary Definitions Symbols | start, RFC 4949 Internet Security Glossary Definitions A | A, RFC 4949 Internet Security Glossary Definitions B | B, RFC 4949 Internet Security Glossary Definitions C | C, RFC 4949 Internet Security Glossary Definitions D | D, RFC 4949 Internet Security Glossary Definitions E | E, RFC 4949 Internet Security Glossary Definitions F | F, RFC 4949 Internet Security Glossary Definitions G | G, RFC 4949 Internet Security Glossary Definitions H | H, RFC 4949 Internet Security Glossary Definitions I | I, RFC 4949 Internet Security Glossary Definitions J | J, RFC 4949 Internet Security Glossary Definitions K | K, RFC 4949 Internet Security Glossary Definitions L | L, RFC 4949 Internet Security Glossary Definitions M | M, RFC 4949 Internet Security Glossary Definitions N | N, RFC 4949 Internet Security Glossary Definitions O | O, RFC 4949 Internet Security Glossary Definitions P | P, RFC 4949 Internet Security Glossary Definitions Q | Q, RFC 4949 Internet Security Glossary Definitions R | R, RFC 4949 Internet Security Glossary Definitions S | S, RFC 4949 Internet Security Glossary Definitions T | T, RFC 4949 Internet Security Glossary Definitions U | U, RFC 4949 Internet Security Glossary Definitions V | V, RFC 4949 Internet Security Glossary Definitions W | W, RFC 4949 Internet Security Glossary Definitions X | X, RFC 4949 Internet Security Glossary Definitions Y | Y, RFC 4949 Internet Security Glossary Definitions Z | Z (navbar_rfc4949)
([[Fair Use]] [[Source]]: [[RFC 4949])
- H field
(D) See: Deprecated Usage under “Handling Restrictions field”.
([[Fair Use]] [[Source]]: [[RFC 4949])
1a. (I) /verb/ To work on something, especially to program a computer. (See: hacker.)
1b. (I) /verb/ To do some kind of mischief, especially to play a prank on, or penetrate, a system. (See: hacker, cracker.)
2. (I) /noun/ An item of completed work, or a solution for a problem, that is non-generalizable, i.e., is very specific to the application area or problem being solved.
Tutorial: Often, the application area or problem involves computer programming or other use of a computer. Characterizing something as a hack can be a compliment, such as when the solution is minimal and elegant; or it can be derogatory, such as when the solution fixes the problem but leaves the system in an unmaintainable state.
See [Raym] for several other meanings of this term and also definitions of several derivative terms.
([[Fair Use]] [[Source]]: [[RFC 4949])
1. (I) Someone with a strong interest in computers, who enjoys learning about them, programming them, and experimenting and otherwise working with them. (See: hack. Compare: adversary, cracker, intruder.)
Usage: This first definition is the original meaning of the term (circa 1960); it then had a neutral or positive connotation of “someone who figures things out and makes something cool happen”.
Shirey Informational Page 138]
RFC 4949 Internet Security Glossary, Version 2 August 2007
2. (O) “An individual who spends an inordinate amount of time working on computer systems for other than professional purposes.” [NCSSG]
3. (D) Synonym for “cracker”.
Deprecated Usage: Today, the term is frequently (mis)used (especially by journalists) with definition 3.
([[Fair Use]] [[Source]]: [[RFC 4949])
1. (I) /verb/ Perform processing operations on data, such as receive and transmit, collect and disseminate, create and delete, store and retrieve, read and write, and compare. (See: access.)
2. (I) /noun/ An online pseudonym, particularly one used by a cracker; derived from citizens' band radio culture.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A type of access control other than (a) the rule-based protections of mandatory access control and (b) the id[[entity-based protections of discretionary access control; usually involves administrative security.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A 16-bit field that specifies a control and release marking in the security option (option type 130) of IP's datagram header format. The valid field values are alphanumeric digraphs assigned by the U.S. Government, as specified in RFC 791.
Deprecated Abbreviation: IDOCs SHOULD NOT use the abbreviation “H field” because it is potentially ambiguous. Instead, use “Handling Restrictions field”.
([[Fair Use]] [[Source]]: [[RFC 4949])
- handshake
(I) Protocol dialogue between two systems for identifying and authenticating themselves to each other, or for synchronizing their operations with each other.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) /TLS/ The TLS Handshake Protocol consists of three parts (i.e., subprotocols) that enable peer entities to agree upon security parameters for the record layer, authenticate themselves to each other, instantiate negotiated security parameters, and report error conditions to each other. [R4346]
Shirey Informational Page 139]
RFC 4949 Internet Security Glossary, Version 2 August 2007
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) To protect a system by configuring it to operate in a way that eliminates or mitigates known vulnerabilities. Example: [RSCG]. (See: default account.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) The material physical components of an information system. (See: firmware, software.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) /threat action/ See: secondary definitions under “corruption”, “exposure”, and “incapacitation”.
([[Fair Use]] [[Source]]: [[RFC 4949])
See: token.
([[Fair Use]] [[Source]]: [[RFC 4949])
(D) Synonym for “hash result” or “hash function”.
Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts in a potentially misleading way. A hash result is not a “code”, and a hash function does not “encode” in any sense defined by this glossary. (See: hash value, message digest.)
([[Fair Use]] [[Source]]: [[RFC 4949])
1. (I) A function H that maps an arbitrary, variable-length bit string, s, into a fixed-length string, h = H(s) (called the “hash result”). For most computing applications, it is desirable that given a string s with H(s) = h, any change to s that creates a different string s' will result in an unpredictable hash result H(s') that is, with high probability, not equal to H(s).
2. (O) “A (mathematical) function which maps values from a large (possibly very large) domain into a smaller range. A 'good' hash function is such that the results of applying the function to a (large) set of values in the domain will be evenly distributed (and apparently at random) over the range.” [X509]
Tutorial: A hash function operates on variable-length input (e.g., a message or a file) and outputs a fixed-length output, which typically is much shorter than most input values. If the algorithm is “good” as described in the “O” definition, then the hash function may be a candidate for use in a security mechanism to detect accidental changes in data, but not necessarily for a mechanism to detect changes made by active wiretapping. (See: Tutorial under “checksum”.)
Shirey Informational Page 140]
RFC 4949 Internet Security Glossary, Version 2 August 2007
Security mechanisms require a “cryptographic hash function” (e.g., MD2, MD4, MD5, SHA-1, Snefru), i.e., a good hash function that also has the one-way property and one of the two collision-free properties: - “One-way property”: Given H and a hash result h = H(s), it is hard (i.e., computationally infeasible, “impossible”) to find s. (Of course, given H and an input s, it must be relatively easy to compute the hash result H(s).) - “Weakly collision-free property”: Given H and an input s, it is hard (i.e., computationally infeasible, “impossible”) to find a different input, s', such that H(s) = H(s'). - “Strongly collision-free property”: Given H, it is hard to find any pair of inputs s and s' such that H(s) = H(s').
If H produces a hash result N bits long, then to find an s' where H(s') = H(s) for a specific given s, the amount of computation required is O(2**n); i.e., it is necessary to try on the order of 2 to the power n values of s' before finding a collision. However, to simply find any pair of values s and s' that collide, the amount of computation required is only O(2**(n/2)); i.e., after computing H(s) for 2 to the power n/2 randomly chosen values of s, the probability is greater than 1/2 that two of those values have the same hash result. (See: birthday attack.)
([[Fair Use]] [[Source]]: [[RFC 4949])
1. (I) The output of a hash function. (See: hash code, hash value. Compare: hash value.)
2. (O) “The output produced by a hash function upon processing a message” (where “message” is broadly defined as “a digital representation of data”). [DSG]
Usage: IDOCs SHOULD avoid the unusual usage of “message” that is seen in the “O” definition.
([[Fair Use]] [[Source]]: [[RFC 4949])
(D) Synonym for “hash result”.
Deprecated Term: IDOCs SHOULD NOT use this term for the output of a hash function; the term could easily be confused with “hashed value”, which means the input to a hash function. (See: hash code, hash result, message digest.)
([[Fair Use]] [[Source]]: [[RFC 4949])
- HDM
(O) See: Hierarchical Development Methodology.
Shirey Informational Page 141]
RFC 4949 Internet Security Glossary, Version 2 August 2007
([[Fair Use]] [[Source]]: [[RFC 4949])
(O) A methodology, language, and integrated set of software tools developed at SRI International for specifying, coding, and verifying software to produce correct and reliable programs. [Cheh]
([[Fair Use]] [[Source]]: [[RFC 4949])
- hierarchical PKI
(I) A PKI architecture based on a certification hierarchy. (Compare: mesh PKI, trust-file PKI.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) The process of generating configuration data and issuing public-key certificates to build and operate a certification hierarchy. (See: certificate management.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(D) Synonym for “certification hierarchy”.
Deprecated Term: IDOCs SHOULD NOT use this term; it mixes concepts in a potentially misleading way. (See: certification hierarchy, trust, web of trust.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(O) “An oxymoron,” said Lt. Gen. William H. Campbell, former U.S. Army chief information officer, speaking at an Armed Forces Communications and Electronics Association conference.
Usage: IDOCs that use this term SHOULD state a definition for it because the term mixes concepts and could easily be misunderstood.
([[Fair Use]] [[Source]]: [[RFC 4949])
- hijack attack
(I) A form of active wiretapping in which the attacker seizes control of a previously established communication association. (See: man-in-the-middle attack, pagejacking, piggyback attack.)
([[Fair Use]] [[Source]]: [[RFC 4949])
- HIPAA
(N) Health Information Portability and Accountability Act of 1996, a U.S. law (Public Law 104-191) that is intended to protect the privacy of patients' medical records and other health information in all forms, and mandates security for that information, including for its electronic storage and transmission.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A keyed hash [R2104] that can be based on any iterated cryptographic hash (e.g., MD5 or SHA-1), so that the cryptographic strength of HMAC depends on the properties of the selected cryptographic hash. (See: [R2202, R2403, R2404].)
Shirey Informational Page 142]
RFC 4949 Internet Security Glossary, Version 2 August 2007
Derivation: Hash-based MAC. (Compare: CMAC.)
Tutorial: Assume that H is a generic cryptographic hash in which a function is iterated on data blocks of length B bytes. L is the length of the of hash result of H. K is a secret key of length L ⇐ K ⇐ B. The values IPAD and OPAD are fixed strings used as inner and outer padding and defined as follows: IPAD = the byte 0x36 repeated B times, and OPAD = the byte 0x5C repeated B times. HMAC is computed by H(K XOR OPAD, H(K XOR IPAD, inputdata)).
HMAC has the following goals: - To use available cryptographic hash functions without modification, particularly functions that perform well in software and for which software is freely and widely available. - To preserve the original performance of the selected hash without significant degradation. - To use and handle keys in a simple way. - To have a well-understood cryptographic analysis of the strength of the mechanism based on reasonable assumptions about the underlying hash function. - To enable easy replacement of the hash function in case a faster or stronger hash is found or required.
([[Fair Use]] [[Source]]: [[RFC 4949])
- honey pot
(N) A system (e.g., a web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders, like honey is attractive to bears. (See: entrapment.)
Usage: It is likely that other cultures use different metaphors for this concept. Therefore, to avoid international misunderstanding, an IDOC SHOULD NOT use this term without providing a definition for it. (See: Deprecated Usage under “Green Book”.)
([[Fair Use]] [[Source]]: [[RFC 4949])
1. (I) /general/ A computer that is attached to a communication subnetwork or internetwork and can use services provided by the network to exchange data with other attached systems. (See: end system. Compare: server.)
2. (I) /IPS/ A networked computer that does not forward IP packets that are not addressed to the computer itself. (Compare: router.)
Derivation: As viewed by its users, a host “entertains” them, providing Application-Layer services or access to other computers attached to the network. However, even though some traditional peripheral service devices, such as printers, can now be
Shirey Informational Page 143]
RFC 4949 Internet Security Glossary, Version 2 August 2007
independently connected to networks, they are not usually called hosts.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) See: Hypertext Markup Language.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) See: Hypertext Transfer Protocol.
([[Fair Use]] [[Source]]: [[RFC 4949])
- https
(I) When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. (Compare: S-HTTP.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) /threat action/ See: secondary definitions under “corruption”, “exposure”, and “incapacitation”.
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption. Examples: digital envelope, MSP, PEM, PGP. (Compare: superencryption.)
Tutorial: Asymmetric algorithms require more computation than equivalently strong symmetric ones. Thus, asymmetric encryption is not normally used for data confidentiality except to distribute a symmetric key in a hybrid encryption scheme, where the symmetric key is usually very short (in terms of bits) compared to the data file it protects. (See: bulk key.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) In hypertext or hypermedia, an information object (such as a word, a phrase, or an image, which usually is highlighted by color or underscoring) that points (i.e., indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link (e.g., by selecting the object with a mouse pointer and then clicking).
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A generalization of hypertext; any media that contain hyperlinks that point to material in the same or another data object.
Shirey Informational Page 144]
RFC 4949 Internet Security Glossary, Version 2 August 2007
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A computer document, or part of a document, that contains hyperlinks to other documents; i.e., text that contains active pointers to other text. Usually written in HTML and accessed using a web browser. (See: hypermedia.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A platform-independent system of syntax and semantic]s ([[RFC 1866) for adding characters to data files (particularly text files) to represent the data's structure and to point to related data, thus creating hypertext for use in the World Wide Web and other applications. (Compare: XML.)
([[Fair Use]] [[Source]]: [[RFC 4949])
(I) A TCP-based, Application-Layer, client-server, Internet protocol (RFC 2616) that is used to carry data requests and responses in the World Wide Web. (See: hypertext.)
Fair Use Sources
Access Control, Access Control List, Access Management, Account Lockout, Account Takeover, Active Defense, Active Directory Security, Active Scanning, Advanced Encryption Standard, Advanced Persistent Threat, Adversarial Machine Learning, Adware, Air Gap, Algorithmic Security, Anomaly Detection, Anti-Malware, Antivirus Software, Anti-Spyware, Application Blacklisting, Application Layer Security, Application Security, Application Whitelisting, Arbitrary Code Execution, Artificial Intelligence Security, Asset Discovery, Asset Management, Asymmetric Encryption, Asymmetric Key Cryptography, Attack Chain, Attack Simulation, Attack Surface, Attack Vector, Attribute-Based Access Control, Audit Logging, Audit Trail, Authentication, Authentication Protocol, Authentication Token, Authorization, Automated Threat Detection, AutoRun Malware, Backdoor, Backup and Recovery, Baseline Configuration, Behavioral Analysis, Behavioral Biometrics, Behavioral Monitoring, Biometric Authentication, Black Hat Hacker, Black Hat Hacking, Blacklisting, Blockchain Security, Blue Team, Boot Sector Virus, Botnet, Botnet Detection, Boundary Protection, Brute Force Attack, Brute Force Protection, Buffer Overflow, Buffer Overflow Attack, Bug Bounty Program, Business Continuity Plan, Business Email Compromise, BYOD Security, Cache Poisoning, CAPTCHA Security, Certificate Authority, Certificate Pinning, Chain of Custody, Challenge-Response Authentication, Challenge-Handshake Authentication Protocol, Chief Information Security Officer, Cipher Block Chaining, Cipher Suite, Ciphertext, Circuit-Level Gateway, Clickjacking, Cloud Access Security Broker, Cloud Encryption, Cloud Security, Cloud Security Alliance, Cloud Security Posture Management, Code Injection, Code Review, Code Signing, Cold Boot Attack, Command Injection, Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Compromised Account, Computer Emergency Response Team, Computer Forensics, Computer Security Incident Response Team, Confidentiality, Confidentiality Agreement, Configuration Baseline, Configuration Management, Content Filtering, Continuous Monitoring, Cross-Site Request Forgery, Cross-Site Request Forgery Protection, Cross-Site Scripting, Cross-Site Scripting Protection, Cross-Platform Malware, Cryptanalysis, Cryptanalysis Attack, Cryptographic Algorithm, Cryptographic Hash Function, Cryptographic Key, Cryptography, Cryptojacking, Cyber Attack, Cyber Deception, Cyber Defense, Cyber Espionage, Cyber Hygiene, Cyber Insurance, Cyber Kill Chain, Cyber Resilience, Cyber Terrorism, Cyber Threat, Cyber Threat Intelligence, Cyber Threat Intelligence Sharing, Cyber Warfare, Cybersecurity, Cybersecurity Awareness, Cybersecurity Awareness Training, Cybersecurity Compliance, Cybersecurity Framework, Cybersecurity Incident, Cybersecurity Incident Response, Cybersecurity Insurance, Cybersecurity Maturity Model, Cybersecurity Policy, Cybersecurity Risk, Cybersecurity Risk Assessment, Cybersecurity Strategy, Dark Web Monitoring, Data at Rest Encryption, Data Breach, Data Breach Notification, Data Classification, Data Encryption, Data Encryption Standard, Data Exfiltration, Data Governance, Data Integrity, Data Leakage Prevention, Data Loss Prevention, Data Masking, Data Mining Attacks, Data Privacy, Data Protection, Data Retention Policy, Data Sanitization, Data Security, Data Wiping, Deauthentication Attack, Decryption, Decryption Key, Deep Packet Inspection, Defense in Depth, Defense-in-Depth Strategy, Deidentification, Demilitarized Zone, Denial of Service Attack, Denial-of-Service Attack, Device Fingerprinting, Dictionary Attack, Digital Certificate, Digital Certificate Management, Digital Forensics, Digital Forensics and Incident Response, Digital Rights Management, Digital Signature, Disaster Recovery, Disaster Recovery Plan, Distributed Denial of Service Attack, Distributed Denial-of-Service Attack, Distributed Denial-of-Service Mitigation, DNS Amplification Attack, DNS Poisoning, DNS Security Extensions, DNS Spoofing, Domain Hijacking, Domain Name System Security, Drive Encryption, Drive-by Download, Dumpster Diving, Dynamic Analysis, Dynamic Code Analysis, Dynamic Data Exchange Exploits, Eavesdropping, Eavesdropping Attack, Edge Security, Email Encryption, Email Security, Email Spoofing, Embedded Systems Security, Employee Awareness Training, Encapsulation Security Payload, Encryption, Encryption Algorithm, Encryption Key, Endpoint Detection and Response, Endpoint Protection Platform, Endpoint Security, Enterprise Mobility Management, Ethical Hacking, Ethical Hacking Techniques, Event Correlation, Event Logging, Exploit, Exploit Development, Exploit Framework, Exploit Kit, Exploit Prevention, Exposure, Extended Detection and Response, Extended Validation Certificate, External Threats, False Negative, False Positive, File Integrity Monitoring, File Transfer Protocol Security, Fileless Malware, Firmware Analysis, Firmware Security, Firewall, Firewall Rules, Forensic Analysis, Forensic Investigation, Formal Methods in Security, Formal Verification, Fraud Detection, Full Disk Encryption, Fuzz Testing, Fuzz Testing Techniques, Gateway Security, General Data Protection Regulation, General Data Protection Regulation Compliance, Governance Risk Compliance, Governance, Risk, and Compliance, Gray Hat Hacker, Gray Hat Hacking, Group Policy, Group Policy Management, Hacker, Hacking, Hardware Security Module, Hash Collision Attack, Hash Function, Hashing, Health Insurance Portability and Accountability Act, Health Insurance Portability and Accountability Act Compliance, Heartbleed Vulnerability, Heuristic Analysis, Heuristic Detection, High-Availability Clustering, Honeynet, Honeypot, Honeypot Detection, Host-Based Intrusion Detection System, Host Intrusion Prevention System, Host-Based Intrusion Prevention System, Hypervisor Security, Identity and Access Management, Identity Theft, Incident Handling, Incident Response, Incident Response Plan, Incident Response Team, Industrial Control Systems Security, Information Assurance, Information Security, Information Security Management System, Information Security Policy, Information Systems Security Engineering, Insider Threat, Integrity, Intellectual Property Theft, Interactive Application Security Testing, Internet of Things Security, Intrusion Detection System, Intrusion Prevention System, IP Spoofing, ISO 27001, IT Security Governance, Jailbreaking, JavaScript Injection, Juice Jacking, Key Escrow, Key Exchange, Key Management, Keylogger, Kill Chain, Knowledge-Based Authentication, Lateral Movement, Layered Security, Least Privilege, Lightweight Directory Access Protocol, Log Analysis, Log Management, Logic Bomb, Macro Virus, Malicious Code, Malicious Insider, Malicious Software, Malvertising, Malware, Malware Analysis, Man-in-the-Middle Attack, Mandatory Access Control, Mandatory Vacation Policy, Mass Assignment Vulnerability, Media Access Control Filtering, Message Authentication Code, Mobile Device Management, Multi-Factor Authentication, Multifunction Device Security, National Institute of Standards and Technology, Network Access Control, Network Security, Network Security Monitoring, Network Segmentation, Network Tap, Non-Repudiation, Obfuscation Techniques, Offensive Security, Open Authorization, Open Web Application Security Project, Operating System Hardening, Operational Technology Security, Packet Filtering, Packet Sniffing, Pass the Hash Attack, Password Cracking, Password Policy, Patch Management, Penetration Testing, Penetration Testing Execution Standard, Perfect Forward Secrecy, Peripheral Device Security, Pharming, Phishing, Physical Security, Piggybacking, Plaintext, Point-to-Point Encryption, Policy Enforcement, Polymorphic Malware, Port Knocking, Port Scanning, Post-Exploitation, Pretexting, Preventive Controls, Privacy Impact Assessment, Privacy Policy, Privilege Escalation, Privilege Management, Privileged Access Management, Procedure Masking, Proactive Threat Hunting, Protected Health Information, Protected Information, Protection Profile, Proxy Server, Public Key Cryptography, Public Key Infrastructure, Purple Teaming, Quantum Cryptography, Quantum Key Distribution, Ransomware, Ransomware Attack, Red Teaming, Redundant Array of Independent Disks, Remote Access, Remote Access Trojan, Remote Code Execution, Replay Attack, Reverse Engineering, Risk Analysis, Risk Assessment, Risk Management, Risk Mitigation, Role-Based Access Control, Root of Trust, Rootkit, Salami Attack, Sandbox, Sandboxing, Secure Coding, Secure File Transfer Protocol, Secure Hash Algorithm, Secure Multipurpose Internet Mail Extensions, Secure Shell Protocol, Secure Socket Layer, Secure Sockets Layer, Secure Software Development Life Cycle, Security Assertion Markup Language, Security Audit, Security Awareness Training, Security Breach, Security Controls, Security Event Management, Security Governance, Security Incident, Security Incident Response, Security Information and Event Management, Security Monitoring, Security Operations Center, Security Orchestration, Security Policy, Security Posture, Security Token, Security Vulnerability, Segmentation, Session Fixation, Session Hijacking, Shoulder Surfing, Signature-Based Detection, Single Sign-On, Skimming, Smishing, Sniffing, Social Engineering, Social Engineering Attack, Software Bill of Materials, Software Composition Analysis, Software Exploit, Software Security, Spear Phishing, Spoofing, Spyware, SQL Injection, Steganography, Supply Chain Attack, Supply Chain Security, Symmetric Encryption, Symmetric Key Cryptography, System Hardening, System Integrity, Tabletop Exercise, Tailgating, Threat Actor, Threat Assessment, Threat Hunting, Threat Intelligence, Threat Modeling, Ticket Granting Ticket, Time-Based One-Time Password, Tokenization, Traffic Analysis, Transport Layer Security, Transport Security Layer, Trapdoor, Trojan Horse, Two-Factor Authentication, Two-Person Control, Typosquatting, Unauthorized Access, Unified Threat Management, User Behavior Analytics, User Rights Management, Virtual Private Network, Virus, Vishing, Vulnerability, Vulnerability Assessment, Vulnerability Disclosure, Vulnerability Management, Vulnerability Scanning, Watering Hole Attack, Whaling, White Hat Hacker, White Hat Hacking, Whitelisting, Wi-Fi Protected Access, Wi-Fi Security, Wi-Fi Protected Setup, Worm, Zero-Day Exploit, Zero Trust Security, Zombie Computer
Cybersecurity: DevSecOps - Security Automation, Cloud Security - Cloud Native Security (AWS Security - Azure Security - GCP Security - IBM Cloud Security - Oracle Cloud Security, Container Security, Docker Security, Podman Security, Kubernetes Security, Google Anthos Security, Red Hat OpenShift Security); CIA Triad (Confidentiality - Integrity - Availability, Authorization - OAuth, Identity and Access Management (IAM), JVM Security (Java Security, Spring Security, Micronaut Security, Quarkus Security, Helidon Security, MicroProfile Security, Dropwizard Security, Vert.x Security, Play Framework Security, Akka Security, Ratpack Security, Netty Security, Spark Framework Security, Kotlin Security - Ktor Security, Scala Security, Clojure Security, Groovy Security;
, JavaScript Security, HTML Security, HTTP Security - HTTPS Security - SSL Security - TLS Security, CSS Security - Bootstrap Security - Tailwind Security, Web Storage API Security (localStorage Security, sessionStorage Security), Cookie Security, IndexedDB Security, TypeScript Security, Node.js Security, NPM Security, Deno Security, Express.js Security, React Security, Angular Security, Vue.js Security, Next.js Security, Remix.js Security, PWA Security, SPA Security, Svelts.js Security, Ionic Security, Web Components Security, Nuxt.js Security, Z Security, htmx Security
Python Security - Django Security - Flask Security - Pandas Security,
Database Security (Database Security on Kubernetes, Database Security on Containers / Database Security on Docker, Cloud Database Security - DBaaS Security, Concurrent Programming and Database Security, Functional Concurrent Programming and Database Security, Async Programming and Databases Security, MySQL Security, Oracle Database Security, Microsoft SQL Server Security, MongoDB Security, PostgreSQL Security, SQLite Security, Amazon RDS Security, IBM Db2 Security, MariaDB Security, Redis Security (Valkey Security), Cassandra Security, Amazon Aurora Security, Microsoft Azure SQL Database Security, Neo4j Security, Google Cloud SQL Security, Firebase Realtime Database Security, Apache HBase Security, Amazon DynamoDB Security, Couchbase Server Security, Elasticsearch Security, Teradata Database Security, Memcached Security, Infinispan Security, Amazon Redshift Security, SQLite Security, CouchDB Security, Apache Kafka Security, IBM Informix Security, SAP HANA Security, RethinkDB Security, InfluxDB Security, MarkLogic Security, ArangoDB Security, RavenDB Security, VoltDB Security, Apache Derby Security, Cosmos DB Security, Hive Security, Apache Flink Security, Google Bigtable Security, Hadoop Security, HP Vertica Security, Alibaba Cloud Table Store Security, InterSystems Caché Security, Greenplum Security, Apache Ignite Security, FoundationDB Security, Amazon Neptune Security, FaunaDB Security, QuestDB Security, Presto Security, TiDB Security, NuoDB Security, ScyllaDB Security, Percona Server for MySQL Security, Apache Phoenix Security, EventStoreDB Security, SingleStore Security, Aerospike Security, MonetDB Security, Google Cloud Spanner Security, SQream Security, GridDB Security, MaxDB Security, RocksDB Security, TiKV Security, Oracle NoSQL Database Security, Google Firestore Security, Druid Security, SAP IQ Security, Yellowbrick Data Security, InterSystems IRIS Security, InterBase Security, Kudu Security, eXtremeDB Security, OmniSci Security, Altibase Security, Google Cloud Bigtable Security, Amazon QLDB Security, Hypertable Security, ApsaraDB for Redis Security, Pivotal Greenplum Security, MapR Database Security, Informatica Security, Microsoft Access Security, Tarantool Security, Blazegraph Security, NeoDatis Security, FileMaker Security, ArangoDB Security, RavenDB Security, AllegroGraph Security, Alibaba Cloud ApsaraDB for PolarDB Security, DuckDB Security, Starcounter Security, EventStore Security, ObjectDB Security, Alibaba Cloud AnalyticDB for PostgreSQL Security, Akumuli Security, Google Cloud Datastore Security, Skytable Security, NCache Security, FaunaDB Security, OpenEdge Security, Amazon DocumentDB Security, HyperGraphDB Security, Citus Data Security, Objectivity/DB). Database drivers (JDBC Security, ODBC), ORM (Hibernate Security, Microsoft Entity Framework), SQL Operators and Functions Security, Database IDEs (JetBrains DataSpell Security, SQL Server Management Studio Security, MySQL Workbench Security, Oracle SQL Developer Security, SQLiteStudio),
Programming Language Security ((1. Python Security, 2. JavaScript Security, 3. Java Security, 4. C Sharp Security | Security, 5. CPP Security | C++ Security, 6. PHP Security, 7. TypeScript Security, 8. Ruby Security, 9. C Security, 10. Swift Security, 11. R Security, 12. Objective-C Security, 13. Scala Security, 14. Golang Security, 15. Kotlin Security, 16. Rust Security, 17. Dart Security, 18. Lua Security, 19. Perl Security, 20. Haskell Security, 21. Julia Security, 22. Clojure Security, 23. Elixir Security, 24. F Sharp Security | Security, 25. Assembly Language Security, 26. Shell Script Security / bash Security, 27. SQL Security, 28. Groovy Security, 29. PowerShell Security, 30. MATLAB Security, 31. VBA Security, 32. Racket Security, 33. Scheme Security, 34. Prolog Security, 35. Erlang Security, 36. Ada Security, 37. Fortran Security, 38. COBOL Security, 39. Lua Security, 40. VB.NET Security, 41. Lisp Security, 42. SAS Security, 43. D Security, 44. LabVIEW Security, 45. PL/SQL Security, 46. Delphi/Object Pascal Security, 47. ColdFusion Security, 49. CLIST Security, 50. REXX);
OS Security, Mobile Security: Android Security - Kotlin Security - Java Security, iOS Security - Swift Security; Windows Security - Windows Server Security, Linux Security (Ubuntu Security, Debian Security, RHEL Security, Fedora Security), UNIX Security (FreeBSD Security), IBM z Mainframe Security (RACF Security), Passwords (Windows Passwords, Linux Passwords, FreeBSD Passwords, Android Passwords, iOS Passwords, macOS Passwords, IBM z/OS Passwords), Password alternatives (Passwordless, Personal Access Token (PAT), GitHub Personal Access Token (PAT), Passkeys), Hacking (Ethical Hacking, White Hat, Black Hat, Grey Hat), Pentesting (Red Team - Blue Team - Purple Team), Cybersecurity Certifications (CEH, GIAC, CISM, CompTIA Security Plus, CISSP), Mitre Framework, Common Vulnerabilities and Exposures (CVE), Cybersecurity Bibliography, Cybersecurity Courses, Firewalls, CI/CD Security (GitHub Actions Security, Azure DevOps Security, Jenkins Security, Circle CI Security), Functional Programming and Cybersecurity, Cybersecurity and Concurrency, Cybersecurity and Data Science - Cybersecurity and Databases, Cybersecurity and Machine Learning, Cybersecurity Glossary (RFC 4949 Internet Security Glossary), Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics (navbar_security - see also navbar_aws_security, navbar_azure_security, navbar_gcp_security, navbar_k8s_security, navbar_docker_security, navbar_podman_security, navbar_mainframe_security, navbar_ibm_cloud_security, navbar_oracle_cloud_security, navbar_database_security, navbar_windows_security, navbar_linux_security, navbar_macos_security, navbar_android_security, navbar_ios_security, navbar_os_security, navbar_firewalls, navbar_encryption, navbar_passwords, navbar_iam, navbar_pentesting, navbar_privacy, navbar_rfc)
Request for Comments (RFC): List of RFCs, GitHub RFCs, Awesome RFCs, (navbar_rfc - see also navbar_network_security, navbar_security, navbar_networking)
Cloud Monk is Retired ( for now). Buddha with you. © 2025 and Beginningless Time - Present Moment - Three Times: The Buddhas or Fair Use. Disclaimers
SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.