vulnerabilities - Concepts

Explore concepts tagged with "vulnerabilities"

Total concepts: 12

Concepts

Penetration Testing - Authorized simulated attacks on systems to identify security vulnerabilities before malicious actors do.
Confused Deputy - A security vulnerability where a trusted program is tricked into misusing its authority on behalf of an attacker.
Privilege Escalation - Exploiting vulnerabilities to gain higher access levels than originally authorized.
Cross-Site Scripting - An attack that injects malicious scripts into web pages viewed by other users
SQL Injection - An attack that inserts malicious SQL code into application queries to manipulate databases
Patch Management - The process of identifying, acquiring, testing, and installing software updates to fix security vulnerabilities.
Cross-Site Request Forgery - An attack that tricks users into performing unwanted actions on websites where they're authenticated
Zero-Day Vulnerability - A software vulnerability unknown to the vendor, exploitable before a patch is available
Backdoor - A hidden method of bypassing normal authentication to gain unauthorized access to a system
Security Debt - The accumulated risk from deferred security practices, unpatched vulnerabilities, and shortcuts in security implementation.
Vulnerability Assessment - The systematic process of identifying, quantifying, and prioritizing security weaknesses in systems.
Prompt Injection - A security vulnerability where malicious input causes an AI model to ignore its original instructions and follow attacker-supplied directives instead.