See why 9,000+ companies trust Darktrace
Thanks, your request has been received
A member of our team will be in touch with you shortly.

Darktrace Cyber AI Glossary

Explore commonly used cyber security terms


Account Takeover

Account takeover is when a user's profile has been hijacked by a cyber criminal.

Artificial Intelligence

Artificial intelligence (AI) is a vast branch of computer science concerned with a development in software that allows computer systems to perform tasks that imitate human cognitive intelligence.


A botnet attack is a cyber attack that uses a network of compromised computers to conduct malicious activity without the victims knowledge.

Brand Impersonation

Brand impersonation is a form of phishing cyber-attack that aims to solicit sensitive information from victims by posing as a legitimate brand.

Business Email Compromise (BEC)

Business Email Compromise is when a cyber criminal tricks a victim by impersonating a valuable or high-ranking individual within a business.

CEO Fraud

CEO fraud is a form of impersonation where a threat actor will falsify their identity, acting as an executive at an organization, and attempt to communicate with other employees, such as members of the finance department to solicit sensitive information.

Cloud Detection and Response

Cloud detection and response (CDR) refers to the practice of detecting, analyzing, and responding to possible cloud security incidents.

Cloud Email

Cloud email is email that is hosted on a remote server. These servers are accessible by the internet and hosted by a third-party service providers.

Cloud Infrastructure Entitlement Management (CIEM)

A Cloud Infrastructure Entitlement Management (CIEM) solution helps manage entity permissions and entitlements in an organization’s cloud infrastructure.

Cloud Security

Cloud security is the protection of information and services that companies are storing in their cloud-based environments.

Cloud Security Posture Management

CSPM (cloud security posture management) is equal parts a methodology and a technology. It attempts to identify and remediate risks that may surface with various types of cloud environments or infrastructure, such as with IaaS, SaaS, and PaaS.

Content Filtering

The process of screening or restricting content to objectionable content on the web, in the email inbox, or other mediums.


Cryptojacking is the unauthorized use of a computer or device’s processing power to mine cryptocurrencies, often without the owner’s consent or knowledge. Cryptojacking is considered a form of cybercrime.

Cyber Kill Chain

The Cyber Kill Chain is a concept introduced by Lockheed Martin that represents the stages or steps involved in a cyberattack.

Cyber Security

Cyber security is the practice of defending computer systems, networks, cloud infrastructures, and more from cyber-attacks.

Data Security

Data security refers to the practice of protecting digital data from unauthorized access, alteration, or destruction.

Email Data Loss Prevention (DLP)

Email data loss prevention (DLP) is a cyber security concept referring to the reduction of potential risk associated with email activity that comes from the accidental or intentional leakage of valuable information via email.

Email Filtering

Email filtering is a method of email security that involves identifying and sorting emails that are deemed non-productive, spam, or malicious.

Email Security

Email security is the practice of protecting email communication from unauthorized activity.

Email Spam

Email spam is unwanted or unsolicited emails that end up in your email inbox.

Generative AI

Generative AI is an artificial intelligence technology that uses machine learning algorithms to generate content. This can be in the form of text, art, video, images, and more.


Graymail is bulk emails that were originally solicited but are no longer wanted by the recipient. They do not fit the typical definition of spam email.

Incident Response

Incident Response is the immediate steps that an organization will take to deal with a data breach/cyber-attack.

Integrated Cloud Email Security (ICES)

ICES is a type of email security that supplements cloud-based email services, providing email protection against a wide range of threats.

IoT Cyber Security

IoT stands for “Internet of Things.” This refers to physical devices that connect wirelessly to a network. IoT cyber security are the tools and methods that attempt to protect these devices from cyber threats.


Lateral movement in cybersecurity refers to the tactics and techniques that threat actors use to progressively move through a network or system after gaining an initial foothold or access point.

Machine Learning

Machine learning is a branch of artificial intelligence that uses algorithms to teach computers to learn and program themselves in order to classify data or predict future outcomes.


Malware is malicious software that is designed to obtain valuable data or damage and destroy cyber systems.


Phishing is when a threat actor poses as a legitimate email sender in an attempt to get victims to give them sensitive information.


Qakbot is a banking trojan that has multifaceted capabilities which include stealing sensitive financial information, propagating through networks, and acting as a delivery mechanism for other malware.


Ransomware is a combination of the words "ransom" and "software." The word ransomware refers to the downloading of malware and the encryption of valuable documents by a cyber criminal who will hold those documents until a ransom is payed.

SOAR (Security Orchestration, Automation, and Response)

A comprehensive approach and technology stack that combines orchestration, automation, incident response and threat intelligence management to improve the efficiency and effectiveness of an organization’s cybersecurity operations.

Secure Email Gateway (SEG)

A secure email gateway (SEG) or a secure email server (SEC) is a type of email security software that sits between inbound and outbound email communication.

Shared Responsibility Model

The shared responsibility model refers to a framework that establishes the cloud security obligations of a cloud service provider and of the organization which uses those services.

Simple Mail Transfer Protocol (SMTP)

Simple Mail Transfer Protocol (SMTP) is the technical standard protocol used to send and receive emails.


Smishing is the process by which a threat actor sends fraudulent SMS messages in order to get victims to give away sensitive information or download malicious files.

Social Engineering

Social engineering is an attack technique used by cyber-criminals to build trust with and trick their victims into fulfilling a request.

Software-as-a-Service (SaaS)

SaaS is a way to access and use data and work online through an application on the internet.

Spear Phishing

Spear phishing is a more targeted form of "Phishing". Both of which refer to a cyber security threat involving sending fraudulent emails to solicit information while posing as a legitimate sender.


Spoofing is the process by which someone sends a fraudulent message using a false identity in order to solicit sensitive information.

Ten Most Common Types of Cyber Attacks

Learn more about: Malware, Phishing, Spoofing, Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks, Insider Threats, Man-in-the-Middle (MiTM) Attacks, Code Injection Attacks, Supply Chain Attacks, DNS Tunneling, and Brute-force Attacks.

Threat Hunting

Threat hunting involves searching for signs of malicious activities or potential security threats within an organization’s networks, systems, and endpoints.


Vishing is a type of cyber-attack that uses voice or telephone technology to trick targets into revealing sensitive information to attackers.

Web Application Firewall (WAF)

A web application firewall or WAF protects web applications by filtering and monitoring HTTP traffic between web applications and the Internet.


Whaling is a specific form of phishing attack that is used to gain access to networks and information by targeting high ranking members of an organization.


Zero trust is a cyber security paradigm designed for data and resource security amidst the growth of the remote workforce and cloud-based data storage.

Good news for your business.
Bad news for the bad guys.



Cloud-based deployment.
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
For more information, please see our Privacy Notice.
Thanks, your request has been received
A member of our team will be in touch with you shortly.


Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。