Section 2: Vocabulary

Helpful Vocabulary Terms

  • Adversary Emulation - the process of evaluating the security of a technology domain by simulating the tactics, techniques, and procedures (TTPs) used by specific adversaries by using cyber threat intelligence to understand how they operate and using gathered information to test an organization's ability to detect and mitigate such threats.
  • Red Teaming - adopting an adversarial perspective without relying on ANY known threat intelligence to perform an exercise, aiming to achieve specific objectives without detection.
  • Behavioral Analytics Development - focuses on identifying potentially malicious behavior within a system or network based on how adversaries interact with specific platforms. These analytics can be used to identify potentially malicious activity within a system or network that does not depend prior knowledge of adversary tools and indicators.
  • Defensive Gap Assessment - an evaluation to identify vulnerabilities, weaknesses, and weaknesses in their defensive abilities against potential threats, risks, or attacks, identifying the gaps between the organization's current defensive posture and the desired level of security.
  • SOC Maturity Assessment - evaluates a company's SOC capabilities and processes to determine its maturity level in effectively handling security incidents and threats.
  • Threat intelligence - "data that is collected, processed, and analyzed to understand a threat actor's motives, targets, and attack behaviors. Threat intelligence enables us to make faster, more informed, data-backed security decisions and change their behavior from reactive to proactive in the fight against threat actors." - CrowStrike