Cybersecurity 101:
The Fundamentals of Cybersecurity

Cybersecurity is becoming increasingly important in today’s world. CrowdStrike is providing explanations, examples and best practices on fundamental principles of a variety of cybersecurity topics. If you're looking for information on endpoint protection, cloud security, types of cyber attacks and more, you’ve come to the right place – welcome to Cybersecurity 101!

a
Active Directory Federation Service (AD FS)Read Post >

Active Directory Federation Service (AD FS) is a single sign on (SSO) feature developed by Microsoft that provides authenticated access to any domain, device, web application or system within the organization’s active directory (AD).

Advanced Persistent Threat (APT)Read Post >

An advanced persistent threat (APT) is a sophisticated, sustained cyberattack in which an intruder establishes an undetected presence in a network in order to steal sensitive data over a prolonged period of time.

b
BotnetsRead Post >

A botnet is a network of compromised computers that are supervised by a command and control (C&C) channel.

c
Cloud Access Security Broker (CASB)Read Post >

A cloud access security broker (CASB) is a security check point between cloud network users and cloud-based applications that manages and enforces all data security policies and practices, including authentication, authorization, alerts and encryption.

Cloud EncryptionRead Post >

Cloud encryption is the process of transforming data from its original plain text format to an unreadable format before it is transferred to and stored in the cloud.

Cloud SecurityRead Post >

Cloud security is the collective term for the strategy and solutions that protect a cloud infrastructure, and any service or application hosted within its environment, from cyber threats.

Cloud Security AssessmentRead Post >

A cloud security assessment is an evaluation that tests and analyzes an organization’s cloud infrastructure to ensure the organization is protected from a variety of security risks and threats.

CybersecurityRead Post >

Cybersecurity is the act of defending digital assets, including networks, systems, computers and data, from cyberattacks.

d
Dark WebRead Post >

The dark web is a subsect of the internet where users can access unindexed web content anonymously through a variety of encryption techniques.

DevSecOpsRead Post >

DevSecOps—short for Development Security Operations—is the practice of incorporating security continuously throughout the application development lifecycle.

e
EndpointRead Post >

An endpoint is any device that can be connected to a network. Common examples of endpoints include computers, laptops, mobile phones, tablets and servers.

Endpoint Detection and Response (EDR)Read Post >

Endpoint Detection and Response (EDR) is defined as a solution that records and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems.

Endpoint SecurityRead Post >

Endpoint security, or endpoint protection, is the cybersecurity approach to defending endpoints – such as desktops, laptops, and mobile devices – from malicious activity.

f
Fileless MalwareRead Post >

Fileless malware is a type of malicious activity that uses native, legitimate tools built in to a system to execute a cyber attack. Unlike traditional malware, fileless malware does not require an attacker to install any code on a target’s system, making it hard to detect.

h
HoneypotsRead Post >

A honeypot is a cybersecurity mechanism that leverages a manufactured attack target to lure cybercriminals away from legitimate targets, and also gathers intelligence about the identity, methods and motivations of adversaries.

i
Incident Response (IR)Read Post >

Incident response (IR) is the systematic approach taken by an organization to prepare for, detect, contain, and recover from a cybersecurity breach.

l
Lateral MovementRead Post >

Lateral movement refers to the techniques that a cyberattacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets.

m
MalwareRead Post >

Malware (malicious software) is a term used to describe any program or code that is created with the intent to do harm to a computer, network, or server.

Malware AnalysisRead Post >

Malware analysis is the process of understanding the behavior and purpose of a suspicious file or URL to help detect and mitigate potential threats.

Man in the Middle AttacksRead Post >

A man-in-the-middle (MITM) attack is a type of cyberattack in which a third party infiltrates a conversation between a network user and a web application.

Mobile MalwareRead Post >

Mobile malware is malicious software designed to target mobile devices. Click here to read about the different types and distribution methods.

n
Next-Gen Antivirus (NGAV)Read Post >

Next-Generation Antivirus (NGAV) uses a combination of artificial intelligence, behavioral detection, machine learning algorithms, and exploit mitigation, so known and unknown threats can be anticipated and immediately prevented.

NTLM ExplainedRead Post >

Windows New Technology LAN Manager (NTLM) is a suite of security protocols offered by Microsoft to authenticate users’ identity and protect the integrity and confidentiality of their activity.

p
Patch ManagementRead Post >

Patch management is the process of identifying and deploying software updates, or “patches,” to a variety of endpoints, including computers, mobile devices, and servers.

Penetration TestingRead Post >

Penetration testing, or pen testing, is the simulation of real-world attacks in order to test an organization’s detection and response capabilities. 

PhishingRead Post >

Phishing is a type of cyber attack that uses email, SMS, phone, or social media to entice a victim to share sensitive information — such as passwords or account numbers — or to download a malicious file that will install viruses on their computer or phone.

r
RansomwareRead Post >

Ransomware is a type of malware that denies access to your system and personal information, and demands a payment (ransom) to get your access back.

Ransomware as a Service (RaaS)Read Post >

Ransomware as a Service (RaaS) is a business model used by ransomware developers, in which they lease ransomware variants in the same way that legitimate software developers lease SaaS products.

Red Team vs Blue TeamRead Post >

A red team/blue team exercise is a cybersecurity assessment technique that uses simulated attacks to gauge the strength of the organization’s existing security capabilities and identify areas of improvement in a low-risk environment.

s
Security Operations Center (SOC)Read Post >

A security operations center, or SOC, is the collective term for the people, processes and technologies responsible for monitoring, analyzing and maintaining an organization’s information security.

Spear-PhishingRead Post >

Spear-phishing is a targeted attack that uses fraudulent emails, texts and phone calls in order to steal a specific person's sensitive information.

SpoofingRead Post >

In the cybersecurity world, spoofing is the act of disguising communication or activity from an unknown source and presenting it as a familiar or trusted source.

SpywareRead Post >

Spyware is a type of unwanted, malicious software that infects a computer or other device and collects information about a user’s web activity without their knowledge or consent.

t
Threat HuntingRead Post >

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

Threat IntelligenceRead Post >

Threat intelligence is data that is collected, processed, and analyzed to understand a threat actor's motives, targets, and attack behaviors.

Types of MalwareRead Post >

While there are many different variations of malware, there are several types that you are more likely to encounter.

v
Vulnerability ManagementRead Post >

Vulnerability management is the ongoing, regular process of identifying, assessing, reporting on, managing and remediating security risks to keep all systems and assets in a network protected.

w
Whaling AttacksRead Post >

A whaling attack is a social engineering attack against a specific executive or senior employee with the purpose of stealing money or information, or gaining access to the person’s computer in order to execute further attacks.

z
Zero Trust SecurityRead Post >

Zero Trust is a security concept that requires all users to be authenticated and authorized before being granted access to applications and data.

Zero Trust StrategyRead Post >

In this post, we'll outline a framework for a true Zero Trust model that adheres to industry best practices while specifically avoiding the potential pitfalls.

Zero-Day AttacksRead Post >

A zero-day exploit is an unknown security vulnerability or software flaw that hackers can specifically target with malicious code.

Back to Top