Glossary

An access control model that grants permissions based on a combination of user, resource, and environmental attributes.

The process of restricting or granting access to systems, applications, and data based on defined policies.

Microsoft's directory service used to manage users, devices, and permissions across a corporate network.

A risk-based login method that adjusts verification requirements based on the context of each access attempt.

The practice of protecting application programming interfaces from unauthorized access, abuse, and data exposure.

The process of verifying that a user or system is who or what it claims to be before granting access.

The process of determining what actions or resources an authenticated user is permitted to access.

The monitoring and analysis of user and device behavior patterns to detect anomalies that may indicate a security threat.

A method of verifying identity using unique physical or behavioral characteristics such as fingerprints, facial recognition, or voice patterns.

A security incident in which unauthorisedWhat is a Breach? individuals gain access to protected systems, networks, or data.

A security tool that sits between users and cloud services to monitor activity, enforce policies, and protect data.

IAM solutions designed specifically to manage the identities and access of external customers rather than internal employees.

The process of adhering to laws, regulations, and internal policies that govern how organizations protect data and manage security risk.

A policy framework that grants or blocks access to resources based on real-time conditions such as device health, location, and risk level.

A widely used privileged access management platform used to secure, manage, and monitor accounts with elevated permissions.

The practice of protecting systems, networks, applications, and data from digital attacks, unauthorized access, and damage.

Technologies and policies that prevent sensitive data from being shared, transferred, or accessed without proper authorization.

Centralized systems that store, organize, and provide access to information about users, devices, and resources within a network.

An EU regulation requiring financial entities to ensure the resilience of their ICT systems and manage technology-related risks effectively.

A real-time access control approach that evaluates policies at the moment of each request rather than relying on pre-assigned static permissions.

A security solution that continuously monitors and records endpoint activity to detect, investigate, and respond to suspicious behavior and threats that traditional antivirus often misses.

The practice of protecting end-user devices such as laptops, smartphones, and tablets from cyber threats.

The process of defining, assigning, reviewing, and revoking the specific permissions that users hold across systems and applications.

A trust relationship between separate identity systems that allows users to authenticate once and access resources across multiple organizations or platforms.

An open authentication standard that enables secure passwordless login using biometrics or hardware security keys.

An integrated framework for managing organizational governance, enterprise risk, and regulatory compliance in a coordinated way.

A U.S. federal law that establishes standards for protecting sensitive patient health information from unauthorized disclosure or misuse.

A framework of policies and technologies that ensures the right people access the right resources at the right time.

A discipline that combines identity lifecycle management with access governance to ensure users have appropriate access and that access is regularly reviewed.

A structured process for detecting, containing, investigating, and recovering from cybersecurity incidents.

A security practice that grants users elevated privileges only when needed for a specific task and automatically revokes them once the task is complete.

A security principle that grants users only the minimum level of access required to perform their job, and nothing more.

The automated process of managing a user's identity and access rights from the moment they join an organization through role changes to the day they leave.

ur managed cybersecurity service combines advanced detection tools and human analysts to provide, investigation, and proactive response to threats around the clock, all while avoiding the expenses associated with establishing an internal Security Operations Center (SOC).

A security method that requires users to verify their identity using two or more independent factors before accessing a system.

A network security technique that divides infrastructure into small, isolated zones to prevent attackers from moving laterally after a breach.

Microsoft's cloud-based identity and access management platform, formerly known as Azure Active Directory.

A security technology that analyzes network traffic to detect and respond to threats that endpoint and log-based tools miss, including activity on unmanaged and IoT devices.

An EU directive that strengthens cybersecurity requirements for organizations operating critical infrastructure and essential services.

Digital identities assigned to machines, applications, service accounts, bots, and APIs rather than human users.

An open authorization framework that enables applications to access resources on behalf of users without exposing their credentials.

A widely used cloud-based identity platform providing workforce and customer IAM including SSO, MFA, and lifecycle management.

A security discipline focused on controlling, monitoring, and protecting accounts with elevated or administrative access rights.

Authentication methods that verify user identity without requiring a traditional password, using biometrics, hardware keys, or magic links instead.

A set of security standards designed to ensure that all organizations that process, store, or transmit payment card data maintain a secure environment.

An access control model that grants permissions to users based on their defined role within the organization.

An identity governance platform that manages access certifications, provisioning, and compliance across complex environments.

An XML-based standard for exchanging authentication and authorization data between an identity provider and a service provider.

A platform that collects, aggregates, and analyzes security data from across an organization's environment to detect and respond to threats in real time.

A platform that connects security tools, automates repetitive tasks, and coordinates incident response through predefined playbooks, making detection and response faster and more consistent.

An auditing standard that verifies an organization's controls around security, availability, processing integrity, confidentiality, and privacy.

An authentication process that allows users to log in once and access multiple applications and systems without re-entering credentials.

A unified security platform that collects and correlates data across endpoints, networks, cloud, email, and identity to detect and respond to threats that single tools miss.

A security model based on the principle of "never trust, always verify" no user, device, or network connection is trusted by default, regardless of location.

The overall system design and infrastructure built to implement Zero Trust principles across identity, devices, network, applications, and data.

A technology that provides secure remote access to applications based on identity and context rather than network location.