Glossary

Welcome to the Glossary! Whether you're already familiar with some of these terms or you're just becoming acquainted, our top-level glossary is a great resource for learning all of the relevant goods. Scroll through the full list below, search by term, or select by individual letter.
SHOW ALL A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

sanitization

Permanent removal of sensitive data from a document, image or dataset, including any hidden fields. Also known as document sanitization or data sanitization.

Sarbanes-Oxley (SOX)

A United States federal law that addresses financial recordkeeping and reporting. It requires that any publicly traded American or overseas company registered with the Securities and Exchange Commission (SEC) demonstrate strong and transparent internal control over their financial reporting (ICFR). Companies that provide financial services to such firms also fall under SOX compliance obligation. In addition, top executives ultimately are held responsible for the accuracy of the financial data of their organization, under SOX.

secure file transfer (SFT)

Secure file transfer is a data sharing method that uses secure protocols and encryption to safeguard data in transit and at rest.

secure file transfer protocol (Secure FTP)

A secure version of FTP, which facilitates data access and transfer over a Secure Shell (SSH) data stream. What is Enterprise SFTP Software?

secure mail transfer protocol/secure (SMTPs)

A more secure version of SMTP, this is a protocol for sending email messages between servers using TLS, or Transport Layer Security, and formerly SSL.

Secure Shell (SSH)

A cryptographic network protocol for operating network services securely over an unsecured network.

secure shell file transfer protocol (SFTP)

A network protocol that organizations can use to secure and send file transfers over SSH (Secure Shell).

secure sockets layer (SSL)

Secure sockets layers protect connections between web users and websites when using an unsecured network. They ensure that private details like credit card numbers, social security numbers, and login information are sent safely and securely.

security configuration management (SCM)

The management and control of configurations for an information system to enable security and facilitate the management of risk.

 

security information and event management (SIEM)

Software that gives organizations helpful insights into potential security threats across critical business networks. This is possible via centralized collection and analysis of normalized security data pulled from a variety of systems, including antivirus applications, firewalls, and intrusion prevention solutions. Fortra’s Core Security and Powertech product lines deliver SIEM solutions.

security operations center (SOC)

A security operations center is a strategic command center facility for fighting cyberattacks through monitoring, threat analysis, and more. SOC analysts perform around-the-clock monitoring of an organization's network and investigate any potential security incidents.

security orchestration, automation, and response (SOAR)

Security orchestration, automation, and response is a group of software programs that cooperate to assist a company in gathering details about security issues and managing security concerns automatically without relying solely on human effort. These platforms enhance the effectiveness and speed of both physical and digital security tasks. Security orchestration, automation and response is also known as SOAR.

security risk intelligence (SRI)

The ability of an organization to gather information that will successfully identify uncertainties in the workplace.

service level agreement (SLA)

A service level agreement is a formal and enforceable agreement between a service giver and one or more customers that outlines the rules and arrangements for how long the contract will last. It covers when the customer pays for the service, and the provider must provide it as promised. They are also referred to as SLAs.

shadow IT

When a company’s employees use hardware or software, particularly SaaS applications, on the corporate network without the knowledge of the IT team. This puts the organization at risk. 

single pane of glass (SPOG)

Single pane of glass is a term used throughout the IT and management fields relating to a management tool that unifies data or interfaces across several different sources and presents them in a single view.

single sign-on (SSO)

An authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.

site reliability engineering (SRE)

Site reliability engineering is a set of principles and practices that incorporates aspects of software engineering and applies them to IT infrastructure and operations.

software as a service (SaaS)

A software distribution model in which software is licensed on a subscription basis and is centrally hosted. It is a form of cloud computing that gives users access to software that runs on a shared resource online.

spear phishing

A cybercrime that uses emails to carry out targeted attacks against individuals and businesses.

static application security testing (SAST)

Static application security testing is used to secure software by reviewing the source code of the software to identify sources of vulnerabilities.

steganography

The practice of concealing data within a computer file, image, or video.

supervisory control and data acquisition (SCADA)

A system used in manufacturing for acquiring measurements of process variables and machine states, and for performing regulatory or machine control across a process area or work cell.

System and Organization Controls (SOC)

SOC is a suite of reports from the American Institute of CPAs (AICPA) that CPA firms can issue in connection with system-level controls at a service organization. There is a SOC 1, SOC 2, SOC 3, and SOC for Cybersecurity report offering.