Cybersecurity Maturity Model Certification (CMMC)

The U.S. Department of Defense’s unified standard for implementing cybersecurity across the defense industrial base (DIB), which includes over 300,000 companies in the supply chain.

cyberthreat protection (CTP)

In general, the solutions that defend systems and networks from cyberattack.

data access governance (DAG)

An auditing, compliance, and governance framework for unstructured data and critical applications that provides comprehensive data collection, analysis, categorization and remediation workflows, and reporting.

data classification (DC)

This industry term refers to securing sensitive data against accidental and inadvertent loss. Fortra’s Titus and Boldon James product lines deliver data classification solutions.    

data exfiltration

The unauthorized removal of data from a dataset. Fortra’s Clearswift product line delivers Data Loss Prevention solutions. See also DLP.

data loss prevention (DLP)

A set of tools and processes used to ensure sensitive data is not lost, misused, or accessed by unauthorized users. Fortra’s Clearswift and Digital Guardian product lines deliver Data Loss Prevention solutions.

decryption

The process of taking encoded or encrypted text or other data and converting it back into text that a human or the computer can read and understand.

demilitarized zone (DMZ)

In IT, this is the neutral network that resides between a company’s private network and the internet containing potential dangers.

deprovisioning (DEPO)

Deprovisioning means removing a user’s ability to use programs, systems, and information in a network. It is the opposite of provisioning, which gives access to these things. Both actions are part of managing the cycle of a user’s time in a system, like when they start or stop using it or when their job changes in a company. Deprovisioning is essential for security because it helps keep important data safe within the organization. It is also commonly known as DEPO.

DevOps

A change in IT culture, focusing on rapid IT service delivery through the adoption of Agile, lean practices in the context of a system-oriented approach.

digital rights management (DRM)

A broad term that describes how organizations control the publication and use of digital assets. Fortra’s Vera provides a digital rights management solution.

digital risk protection (DRP)

An operational process that combines intelligence, detection, and response to mitigate attacks across the external digital risk landscape.

distributed denial of service (DDoS)

A common form of cyberattack that disrupts the normal functioning of a website, often targeting government, retail, financial, or media organizations.

document management (DM)

The process of electronically capturing, managing, and distributing documents and forms on-premises or in the cloud. Fortra’s Document Management product line helps organizations go paperless with document solutions that automate key business processes.

domain-based message authentication, reporting, and conformance (DMARC)

An email authentication protocol used to prevent spoofing. 

domainkeys identified mail (DKIM)

A technique that uses a domain name to digitally “sign” emails, so recipients are confident in the sender and know the message hasn’t been altered in transit.

dynamic application security testing (DAST)

A procedure that actively investigates running applications with penetration tests to detect possible security vulnerabilities.

electronic data interchange (EDI)

A flat file format that B2B trading partners use to send and receive business transactions. Both parties must agree on a transaction set before files are exchanged. Each transaction set corresponds with a number and type of document.

email security

Solutions that comprise all the technology and policies designed to protect email content and communications against cyberattacks. Fortra’s Agari, PhishLabs, and Clearswift product lines deliver email security solutions.  

email spam

Unsolicited junk mail sent in bulk to mass audiences, often with the purpose of spreading viruses or getting recipients to take an action that is harmful.

email spoofing

When a fraudster forges an email header ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or trusted outside vendor.

encryption

A method of encoding data to make it unusable or unreadable until it’s decrypted by an authorized party with keys (symmetric or asymmetric) which can read or access the data.

end user (n.) end-user (adj.)

The person using a software application as part of their daily job.

endpoint detection and response (EDR)

An integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities.

endpoint protection platform (EPP)

A solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.

extended detection & response (XDR)

SaaS capabilities that integrate and simplify security solutions into a holistic approach to protect endpoints, servers, email, and other corporate IT infrastructure.

external penetration testing

Also known as an external network pen test, it is designed to test the effectiveness of perimeter security controls to prevent and detect attacks as well as identifying weaknesses in internet-facing assets such as web, mail and FTP servers.

Federal Information Security Management Act (FISMA)

Signed into law in 2002, this law requires security guidelines be implemented to help protect and reduce the security risk of sensitive federal data. It requires all federal agencies to protect and support their operations by developing, documenting, and implementing a comprehensive information security plan. All agencies within the U.S. federal government, as well as some state agencies, and any private sector organization in a contractual relationship with the government, are bound by these FISMA compliance regulations.

file integrity monitoring (FIM)

Technology that monitors and detects changes in files that may indicate a cyberattack. Fortra’s Tripwire product line delivers file integrity monitoring solutions.     

file transfer protocol (FTP)

A standard network protocol used for the transfer of computer files between a client and server on a computer network.

firewall as a service (FWaaS)

Firewall as a Service

Fortra’s Agari

A Fortra product line that protects the workforce from inbound business email compromise, supply chain fraud, spear phishing, and account takeover-based attacks, reducing business risk and restoring trust to the inbox. Fortra’s Agari is part of the Email Security and Anti-Phishing Suite.

Fortra’s Agari DMARC Protection (DMP)

A Fortra product that automates DMARC email authentication and enforcement to prevent brand abuse and protect customers from costly phishing attacks.

Fortra’s Agari Phishing Defense (APD)

A Fortra product that stops phishing, BEC, and other identity deception attacks that trick employees into harming their business.

Fortra’s Agari Phishing Response (APR)

A Fortra product that is purpose-built for Microsoft Office 365 to automate the process of phishing incident response, remediation, and breach containment.

Fortra’s Alert Logic

A Fortra product line that offers managed detection and response (MDR) services. Alert Logic works as a seamless extension of security teams, augmenting existing cybersecurity resources and technology to safeguard on-premises, cloud, SaaS, and hybrid infrastructures. Fortra’s Alert Logic is part of the Managed Detection and Response service.