Glossary of web security terms

Server stack with locked cloud and a hand holding a defence sheld

Glossary of web security terms

Server stack with locked cloud and a hand holding a defence sheld

Glossary of web security terms

Server stack with locked cloud and a hand holding a defence sheld

Cyber attacks & threats

Malware

Short for "malicious software," these are harmful programs designed to damage or disrupt systems, steal data, or spy on users.

Phishing

A tactic used by attackers to trick people into giving away sensitive information, like passwords or credit card numbers, by pretending to be a trustworthy source, often through email.

SQL injection

A type of attack where hackers insert malicious code into a website's database query, potentially allowing them to view, change, or delete data.

Cross-Site Scripting (XSS)

A vulnerability that allows attackers to inject malicious scripts (pieces of code) into web pages viewed by other users, potentially leading to stolen information or the spread of malware.

Denial of Service (DoS) attack

An attack intended to shut down a website or service, making it unavailable to users, usually by overwhelming it with traffic.

Ransomware

A type of malware that locks users out of their systems or data until a ransom is paid to the attacker.

Botnet

A network of infected computers, controlled by a hacker, that can be used to carry out attacks, such as sending spam emails or launching Denial of Service attacks.

Social engineering

The art of manipulating people into giving up confidential information, often through psychological tricks rather than technical hacking.

Back to top

Back to top

Back to top

Security measures & tools

Encryption

The process of scrambling data into a code so that only authorised people can read it, keeping your information safe from prying eyes.

Firewall

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between your network and potential threats.

Two-Factor Authentication (2FA)

An extra layer of security requiring not just a password and username but also something that only the user has on them, like a physical token or a code sent to their phone.

SSH keys

SSH keys consist of a public key and a corresponding private key. The public key is shared with the server, while the private key is kept secret and used to authenticate your identity. Using SSH keys is more secure than using passwords because they are much harder to crack.

SSL/TLS (Secure Sockets Layer/Transport Layer Security)

Protocols used to encrypt data being transmitted over the internet, ensuring that any information sent between your website and its visitors remains private.

Back to top

Back to top

Back to top

Security maintenance & response

Data breach

An incident where unauthorised individuals gain access to sensitive data, such as personal information, financial records, or confidential business details.

Patch

An update released by software developers to fix vulnerabilities or bugs in their software, often improving security and performance.

Back to top

Back to top

Back to top

Yellow background with wavy top

Articles, tips and knowledge delivered straight to your inbox

Yellow background with wavy top

Articles, tips and knowledge delivered straight to your inbox

Yellow background with wavy top

Articles, tips and knowledge delivered straight to your inbox