Word Notes

The resilience discipline of controlled stress test experimentation in continuous integration/continuous delivery environments, CI/CD environments, to uncover systemic weaknesses. CyberWire Glossary link: https://thecyberwire.com/glossary/chaos-engineering Audio reference link: Farnam Street, 2009. Richard Feynman Teaches you the Scientific Method [Website]. Farnam Street. URL https://fs.blog/mental-model-scientific-method/ Learn more about your ad choices. Visit megaphone.fm/adchoices

A mathematical method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true. CyberWire Glossary link: https://thecyberwire.com/glossary/zero-knowledge-proof Audio reference link: Staff, 2022. Zero Knowledge Proofs [Video]. YouTube. URL https://www.youtube.com/watch?v=5qzNe1hk0oY Learn more about your ad choices. Visit megaphone.fm/adchoices

A U.S. law designed to improve the portability and accountability of health insurance coverage. CyberWire Glossary link: https://thecyberwire.com/glossary/hipaa Audio reference link: Dr. Dana Brems, 2021. Doctor reacts to “HIPAA violations” [Video]. YouTube. URL https://www.youtube.com/shorts/Ksk00s8a_IU Learn more about your ad choices. Visit megaphone.fm/adchoices

A qualitative public framework for rating the severity of security vulnerabilities in software. CyberWire Glossary link: https://thecyberwire.com/glossary/common-vulnerability-scoring-system Audio reference link: Peter Silva, 2020. What is Common Vulnerability Scoring System (CVSS) [Video]. YouTube. URL https://www.youtube.com/watch?v=rR63F_lfKf0 Learn more about your ad choices. Visit megaphone.fm/adchoices

A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture. CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD Tony Scott; Will Smith, Gene Hackman Jon Voight [Video]. YouTube. URL https://www.youtube.com/watch?v=n3gy4otg-24 Learn more about your ad choices. Visit megaphone.fm/adchoices

A cyber information-sharing U.S. Government organization designed to foster the public-private partnership. CyberWire Glossary link: https://thecyberwire.com/glossary/joint-cyber-defense-collaborative Audio reference link: Jen Easterly. 2021. CISA Director Addresses the National Technology Security Coalition [Video]. YouTube. URL https://www.youtube.com/watch?v=ucb1FQXqsao Learn more about your ad choices. Visit megaphone.fm/adchoices

Tools that automate the identification and remediation of cloud misconfigurations.  CyberWire Glossary link: https://thecyberwire.com/glossary/cloud-security-posture-management Audio reference link: Josh Whedon. 2005. Serenity [Movie]. IMDb. URL https://www.imdb.com/title/tt0379786/ Learn more about your ad choices. Visit megaphone.fm/adchoices

A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials. CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A branch of the US Department of Commerce whose stated mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/national-institute-of-standards-and-technology⁠ Audio reference link: Center, M.I., 2022. 2022 Meridian Summit: Cultivating Trust in Technology with NIST Director Laurie Locascio [WWW Document]. YouTube. URL ⁠https://www.youtube.com/watch?v=o43Y9Tk8ZVA⁠ (accessed 1.26.23). Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A team responsible for responding to and managing cybersecurity incidents involving computer systems and networks in order to minimize the damage and to restore normal operations as quickly as possible. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/cirt⁠ Audio reference link: Avery, B., 2017. 24 TV May 05 Season4 [WWW Document]. YouTube. URL ⁠https://www.youtube.com/watch?v=Gq_2xPuqI-E&list=PLGHedLavrFoGsea1ZCHBm9-nK5FdM3_Kd&index=10. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A software program installed unintentionally by a user that typically performs tasks not asked for by the installer.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/potentially-unwanted-program⁠ Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL ⁠https://www.youtube.com/watch?v=5L429Iahbww⁠ (accessed 1.6.23). Learn more about your ad choices. Visit megaphone.fm/adchoices

Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/ransomware⁠ Audio reference link: ⁠https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. The name of a wireless access point. CyberWire Glossary ⁠link⁠. Audio reference link: ⁠SSID Management - CompTIA Security+ SY0-401: 1.5⁠, Professor Messer, uploaded August 3rd, 2014. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A U.S. Government specification for data encryption using an asymmetric key algorithm. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/advanced-encryption-standard⁠ Audio reference link: papadoc73. ⁠“Claude Debussy: Clair De Lune.”⁠ YouTube, YouTube, 6 Oct. 2008.  Learn more about your ad choices. Visit megaphone.fm/adchoices

A set of tools designed to safeguard data while in use in motion and at rest.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/data-loss-prevention⁠ Audio reference link: HistoryHeard. “⁠Data Loss Prevention - CompTIA Security+ SY0-501 - 2.1⁠,” Professor Messer, uploaded 20 November 2017 Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A system that translates text-based URLs to their underlying numerical IP addresses. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/domain-name-system-dns⁠ Audio reference link: HistoryHeard. “⁠History Heard: Paul Mockapetris.⁠” YouTube, YouTube, 5 Apr. 2009. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pretexting⁠ Audio reference link: “⁠Batch Pin Hurt Charlize Theron Skin | the Italian Job (2003) Movie Scene.⁠” YouTube, YouTube, 22 Nov. 2016.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/web-application-firewall⁠ Audio reference link: “VCF East 9.1 - Ches' Computer Security Adventures - Bill Cheswick.” YouTube, 29 Dec. 2015, ⁠https://youtu.be/trR1cuBtcPs⁠.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. An IT governance framework developed by ISACA.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/cobit⁠ Audio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” YouTube, YouTube, 24 Aug. 2016, ⁠https://www.youtube.com/watch?v=EYATVkddIyw⁠.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, and network peering with one or more of the big content providers and their associated fiber networks.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/security-service-edge⁠ Audio reference link: Netskope (2022). What is Security Service Edge (SSE). YouTube. Available at: ⁠https://www.youtube.com/watch?v=Z9H84nvgBqw⁠ [Accessed 21 Oct. 2022]. Learn more about your ad choices. Visit megaphone.fm/adchoices