We have already discussed some terms in the previous blog. In this blog, we will discuss more terms. If you haven’t read the previous blog, you can read it here.

Threat

A threat is anything that could cause harm to a system, data, or organization. A threat can lead to damage, disruption, or unauthorized access to information systems, data, or networks.

Risk

Risk is the potential for loss, damage, or harm resulting from a threat exploiting a vulnerability in a system, network, or organization. Eg. If a company has an outdated firewall (vulnerability) and is targeted by hackers (threat), there is a risk that sensitive data could be stolen (impact).

Vulnerability

A vulnerability in cybersecurity is a weakness or flaw in a system, application, or network that could be exploited by a threat(Hacker, virus etc) to cause harm. Vulnerabilities create opportunities for attackers to gain unauthorized access, disrupt operations, or steal data.

Vulnerability Assessment

Vulnerability Assessment is to identify, quantify, and prioritize vulnerabilities in a system, application, or network. It focuses on finding potential weaknesses without exploiting them. We use automated scanning tools to detect known vulnerabilities, such as unpatched software, weak passwords, or misconfigurations.

Penetration Testing

This simulates a real attack to determine if the vulnerabilities can be exploited. The goal is to assess the actual security level and see how far an attacker could go if they targeted the organization. In PT, We test and exploit vulnerabilities like a real attacker.

Firewall

A firewall is a security system (which can be hardware or software) that monitors and controls incoming and outgoing network traffic based on predefined security rules.

  • A firewall checks the data packets that come in and out of the network. It decides whether to allow or block the traffic based on security rules.
  • A firewall keeps track of network activity and alerts administrators about suspicious actions.
  • It can block traffic from known malicious IP addresses or prevent certain types of cyberattacks, such as DoS (Denial of Service).

DOS Attack

In DoS (Denial of Service) attack, the attacker attempts to make a computer, network, or service unavailable by overwhelming it with a flood of traffic or requests. The goal is to exhaust the resources of the targeted system so that legitimate users are unable to access the service or information.

DDoS Attack

A DDoS (Distributed Denial of Service) attack is a more advanced form of DoS attack, where multiple systems (often compromised devices or a botnet) are used to launch the attack, making it more difficult to stop since the traffic comes from many different sources.
Threat
Any potential danger that could exploit a vulnerability and cause harm
Risk
The possibility of a threat causing harm to an organization due to weaknesses in its systems or processes.
Vulnerability
A vulnerability is any weakness that could potentially be exploited by a threat
Click Here
Vulnerability Assessment
A Vulnerability Assessment identifies and prioritizes security weaknesses in a system to prevent potential attacks
Penetration Testing
Penetration Testing checks the security of a system by attempting to exploit its weaknesses, as an attacker would.
Firewall
A firewall is like a security guard that filters and monitors network traffic to keep your system safe from threats.
Previous slide
Next slide
Picture of Raghav Rajput

Raghav Rajput

With a strong academic background, including an MCA and CEH certification, I bring over two years of hands-on experience in cybersecurity. In my role, I focus on Android, iOS, and web penetration testing, consistently applying advanced skills to safeguard digital landscapes. Outside of work, I enjoy the intellectual challenge of chess and find relaxation in listening to music, which balances my passion for cybersecurity with personal growth and creativity.

Categorized in:

Cyber Security,

Last Update: November 8, 2024

Tagged in:

, , , , ,