Les Assises de la Cybersécurité, France's must-attend cybersecurity event, provides definitions of the technical terms you need to know.

Aaah, cybersecurity! A sector with a bright future, where acronyms and technical terms are piling up faster than spam in our inboxes.
he aim of this glossary was simple: to shed light on this linguistic jungle for insiders and neophytes alike (we count ourselves in, rest assured).

It all began in 2020, when time stood still. So there's no excuse not to write this glossary!
Watching the exchanges, I realized just how intimidating jargon can be. You know that feeling of panic when someone starts talking about APT, DNS, zero-day, EDR, BYOD or BYOB? Sorry, that last one doesn't exist, it was too tempting... But bring your beer anyway !

In short, we feel like François Damiens in OSS 117: Cairo, Nest of Spies, the famous scene where everyone has their little quote to show who's the smartest, but only he understands nothing of the exchange. It was time to put an end to this incomprehensible gibberish!

Inspired by the huge success of Les Assises, this glossary has become our compass, navigating through the obscure terms of cybersecurity. Les Assises, this flagship event, is the ideal place to unveil this glossary. After all, why not associate cybersecurity experts with a tool that helps them communicate better? There's also a quiz to test yourself!

So go for it, and let's not forget the funny moments when, in the middle of a serious discussion, someone drops a “honeypot” or an “Evil Maid Attack”. Admit it, it makes you smile!

So yes, this glossary is a bit like our silent superhero. Always ready to save the day in complex discussions, and to transform barbaric terms into clear concepts. By consulting it, you'll see that even the most dreaded terms can become your allies. On the road to cybersecurity for everyone!


Search by letter

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z

A

ACL (« ACCESS CONTROL LIST »

ADVANCED PERSISTENT THREAT (APT)

AGENCE NATIONALE DE LA SÉCURITÉ DES SYSTÈMES D’INFORMATION

B

BACKDOOR (PORTE DÉROBÉE)

BLUE TEAM

BUFFER OVERFLOW (DÉPASSEMENT DE MÉMOIRE TAMPON)

BUG BOUNTY

C

CERTIFICATE REVOCATION LIST

CISO

COMPUTER MALICIOUSNESS

CYBER

CYBERSÉCURITY AND CYBERDEFENSE

D

DARK NET

DATA PROTECTION OFFICER (DPO)

DEEP WEB

DÉFIGURATION (DEFACING)

DIGITAL CERTIFICATE

DNS (DOMAIN NAME SYSTEM)

E

ELEVATION OF PRIVILEGES

ENDPOINT

ÉVALUATION DES RISQUES

EVIL MAID ATTACK

F

FALSE NEGATIVE / POSITIVE

FIRMWARE (MICROCODE MICROPROGRAMME)

FLOW (COMPUTER VULNERABILITY)

FORENSIQUE (ANALYSE)

G

GDPR (ORGANISATION)

GOOGLE DORKS

GRAY HAT

GRIMALDI FORUM

H

HACKING

HACKTIVISTE

HASH

HONEYPOT (POT DE MIEL)

I

ICS (INDUSTRIAL CONTROL SYSTEM)

INFORMATION SYSTEMS SECURITY AUDIT PROVIDER (ISSAP)

INTEGRITY

INTRUSION TEST

IOT (INTERNET OF THINGS)

ancre-lettre-k

J

JAILBREAK

K

KERBEROS

KERNEL (NOYAU DU SYSTÈME D’EXPLOITATION)

KEYLOGGER

KILL CHAIN

L

LAYER (COUCHE)

M

MACRO 

MAN-IN-THE-MIDDLE (ATTAQUE DE L’HOMME DU MILIEU)

METASPLOIT

MILITARY PROGRAMMING LAW (PML)

MULTI-FACTOR AUTHENTICATION (MFA)

N

NIDS (NETWORK-BASED INTRUSION DETECTION SYSTEM)

NIS (NETWORK & INFORMATION SECURITY)

NON-RÉPUDIATION

NTP (NETWORK TIME PROTOCOL)

O

OBFUSCATION

OODA (BOUCLE)

OPEN SOURCE INTELLIGENCE (OSINT)

OSI (MODÈLE)

P

PERSONAL IDENTIFYING INFORMATION (PII)

PHISHING (HAMEÇONNAGE) 

PRIVATE KEY / PUBLIC KEY

Q

QUALIFICATION

R

REMEDIATION

RGS

RGPD

RISK ASSESSMENT

ROOT

S

SIEM (SECURITY INFORMATION AND EVENTS MANAGEMENT)

SOC

SOCIAL ENGINEERING

SPOOFING

T

TOR (THE ONION ROUTER)

TROJAN HORSE

TUNNEL

TYPOSQUATTING

U

USB (UNIVERSAL SERIAL BUS)

UTM (UNIFIED THREAT MANAGEMENT)

V

VER OU VIRUS ?

VULNÉRABILITÉ (HUMAINE)

VULNÉRABILITÉS (GESTION)

W

WATERING HOLE ATTACK (ATTAQUE DU POINT D’EAU)

WEAPONIZED

WEP / WAP

WHITE / BLACK LIST

WHITEBOX TESTING (TEST EN BOÎTE BLANCHE)

X

XSS (CROSS-SITE SCRIPTING)

Y

Y2K

Z

ZERO-DAY (FAILLE)

ZOMBIE