Cybersecurity Glossary

A set of rules, protocols, and tools that allows different software applications to communicate and exchange data with each other. APIs are crucial for integrating various services and automating processes.

A unique identifier assigned to an Autonomous System (AS). An AS is a collection of IP networks and routers under the control of a single administrative entity that presents a common routing policy to the internet. UPX's ASN Monitor helps track BGP routes related to ASNs.

The total sum of all possible entry points (vulnerabilities or exposures) that an unauthorized user (attacker) can use to attempt to access or damage a system or network. Reducing the attack surface is a key security goal.

The standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is critical for global internet routing. UPX's ASN Monitor specializes in BGP route health.

A geographically distributed network of proxy servers and their data centers. CDNs improve website performance and availability by caching content closer to end-users and distributing traffic. UPX's Traffic Guard incorporates CDN capabilities.

A platform or service (like UPX Cloud Exchange) that enables direct, private, and high-performance connections to multiple cloud service providers (CSPs), SaaS providers, and other network services, bypassing the public internet for enhanced security and performance.

Adherence to specific laws, regulations, standards, and contractual obligations relevant to an organization's operations, data handling, and security practices (e.g., GDPR, HIPAA, PCI-DSS). UPX offers Compliance Management services.

A cyber-attack where attackers attempt to make an online service unavailable by overwhelming it with traffic from multiple compromised computer systems (a botnet). UPX's DDoS Defense provides robust protection against such attacks.

A distributed computing paradigm that brings computation and data storage closer to the source of data generation – typically users or IoT devices. Edge Protection involves deploying security measures (like WAFs, DDoS mitigation) at the network edge. UPX specializes in Edge Protection solutions.

A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. See also WAF.

The process of capturing, recording, and analyzing network traffic data (e.g., NetFlow, sFlow, IPFIX) to gain insights into traffic patterns, application performance, network utilization, and potential security threats. UPX Flow provides these capabilities.

A regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.

A US federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

An organized approach to addressing and managing the aftermath of a security breach or cyberattack. The goal is to handle the situation in a way that limits damage, reduces recovery time and costs, and prevents future incidents. UPX offers Incident Response services.

An IETF protocol for exporting IP flow information from routers, probes, and other network devices for network monitoring and analysis. Used by services like UPX Flow.

An outsourced cybersecurity service that provides organizations with threat hunting, monitoring, and response capabilities. MDR focuses on quickly identifying and limiting the impact of threats. UPX offers SOC & MDR Services.

Outsourced monitoring and management of security devices and systems. Common services include managed firewalls, intrusion detection, vulnerability scanning, and threat intelligence. UPX provides a comprehensive suite of MSS.

A network protocol developed by Cisco for collecting IP traffic information as it enters or exits an interface. This data is then analyzed to provide a picture of network traffic flow and volume.

The ability to measure the internal states of a system by examining its outputs (logs, metrics, traces). In networking, it means having deep visibility into network traffic, performance, and health to understand and troubleshoot issues. UPX offers Observability solutions like ASN Monitor and Flow Analysis.

A set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

An authorized simulated cyberattack on a computer system, network, or web application to evaluate its security. Testers use the same tools and techniques as malicious hackers but report vulnerabilities instead of exploiting them. UPX offers Penetration Testing services.

A type of social engineering attack where attackers deceive individuals into revealing sensitive information (like credentials or financial details) by masquerading as a trustworthy entity in an electronic communication.

A strategy for limiting network traffic. It puts a cap on how often someone can repeat an action within a certain timeframe – for instance, trying to log in to an account or making API requests. This helps prevent abuse and overload.

The process of identifying potential threats and vulnerabilities, analyzing the likelihood and potential impact of these threats materializing, and determining the overall risk to assets. A core part of vulnerability management.

A security framework designed to secure the Internet's routing infrastructure, primarily BGP. It helps prevent BGP route hijacking by allowing legitimate holders of IP address blocks to create cryptographically signed statements about which ASNs are authorized to originate their IP prefixes.

A collection of software development tools in one installable package, used to create applications for a specific platform or service. UPX may offer SDKs for easier integration with its APIs.

A solution that collects, aggregates, and analyzes security event data from various sources across an organization's IT infrastructure. It helps detect threats, security breaches, and anomalous behavior in real-time. UPX offers Co-Managed SIEM services.

A centralized unit or team responsible for continuously monitoring and improving an organization's security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents. UPX provides SOC & MDR Services.

Cryptographic protocols designed to provide secure communication over a computer network. TLS is the successor to SSL. They are essential for encrypting data in transit, such as in HTTPS connections.

The proactive and iterative process of searching through networks, endpoints, and datasets to detect and isolate advanced threats that evade existing security solutions. UPX offers Threat Hunting services.

UPX's flagship Edge Protection product. It provides intelligent attack surface management, web application protection, DDoS mitigation, and performance acceleration through a global edge network.

A weakness in a system, application, design, or internal control that could be exploited by a threat actor to compromise the confidentiality, integrity, or availability of an asset.

The ongoing process of identifying, assessing, reporting on, managing, and remediating security vulnerabilities in systems and software. UPX offers Vulnerability Management services.

A type of firewall that monitors, filters, and blocks HTTP/S traffic to and from a web application. A WAF is deployed to protect web applications from common attacks like SQL injection, cross-site scripting (XSS), and file inclusion. Often part of solutions like UPX Traffic Guard.

A security solution that automatically collects and correlates data from multiple security layers – including endpoints, networks, cloud workloads, and email – to provide broader visibility and enable faster, more effective threat detection and response. UPX offers XDR Services.

A vulnerability in a system or software that has been disclosed but is not yet patched, or an exploit that takes advantage of such a vulnerability before a fix is available. These are particularly dangerous as no official defense exists initially.