A computer script is a series of commands that tell the computer to do something. Useful for automating tasks, scripts are also used by threat actors to carry out malicious acts. Common scripts that you might hear about are batch files or JavaScript files.
Social engineering is the act of trying to trick users into revealing confidential information that they can use to carry out malicious acts.
Shadow copies are backup copies of files automatically created by Windows.
Software is a computer program or application, the collection of code needed to perform a task.
An attack in which an attacker interferes with queries to a SQL database. This is most commonly a web security vulnerability and can allow an attacker to view data that they ordinarily would not be able to retrieve. In many cases the attacker can alter this data causing damage to applications and your information.
A ThreatLocker® tool that provides protection for your internal and external data and information storage.
Storage policies are the set of rules that dictate who, what, how, and when electronic storage locations can be accessed.
Identity and access management method that requires 2 unique forms of identification to successfully authenticate. Common authentication factors include something you know (password or passcode), something you have (hardware token or cell phone for SMS or OTC), and something you are (fingerprint, face ID). Combine 2 unique factors to create a more secure login such as a password and OTC or face ID and a passcode.
Any malicious attack against a targeted audience such as a specific software, individual or business. These attackers have generally invested a good deal of time and effort to research and carry out the attack. They may be persistent and attempt to exfiltrate data from the target environment.
A separate environment to check application behavior. The ThreatLocker® Testing Environment utilizes a Virtual Desktop Infrastructure (VDI) that enables admins to evaluate approval requests in a timely manner without significantly impacting workflow. With a one-button click within a request to add a new application, a temporary testing environment is created in which it runs the requested application without taking the risk of running an unknown application in a production environment. The VDI creates a cloud-based environment that allows businesses to examine applications safely and determine how best to proceed in real-time.
Also known as a cybercriminal, an individual or group of individuals that try to perform actions in the cybersecurity space to purposely cause harm (financial, reputational, or otherwise). Businesses of all sizes and in all verticals can be targeted.
Policies set to take effect during specified periods of time (i.e., specific days of the week, times of day)
A unified audit combines multiple logs into a single location. The ThreatLocker® Unified Audit is the central location within the ThreatLocker® portal to view all logged application, storage, and network activity for your organization.
VDIs are virtual desktops that are centrally hosted and managed. End users can log into the VDI from any location via a secure connection to further protect business data while permitting access to their work data. Physical hardware need not be supplied to employees, and businesses can easily maintain the security of the VDIs using the virtualization platform. The ThreatLocker® Testing Environment uses a VDI where admins can test untrusted applications without risking their critical business production environment.
In the computer world, a virus is a computer program that once launched will replicate itself and ‘infect’ the host computer with malicious code, potentially spreading throughout an entire computer network.
A VPN is an encrypted tunnel through which to access network resources for additional security.
A vulnerability is a weakness. In the computer world, vulnerabilities are weaknesses in software or hardware that threat actors will try to exploit or take advantage of with malicious intent.
Weaponization is the act of using something that by itself is not harmful in a malicious manner to inflict harm, I.e., using a Word document to embed a macro that attempts to contact a command and control center on the internet.
