What is Phishing? Phishing describes the attempt to steal identities and passwords via the Internet by sending fake e-mails or text messages. Internet users are lured by cybercriminals to fake websites of banks, online stores, or other online services by means of deceptively real fake e-mails in order to get hold of their user IDs … Read more
What is a sandbox? A sandbox is an isolated area, sealed off from the system environment, in which software can be executed in a protected manner. Sandboxes can be used, for example, to test software or to protect the underlying system from changes. Step into a world where imagination knows no bounds. Sandboxes, those seemingly … Read more
What is CEO Fraud? CEO Fraud is a fraud method in which the attacker pretends to be a CEO, manager, or boss and asks employees to transfer money to a specific account, for example. If the attacker uses email as a means of communication, CEO Fraud is a form of Business Email Compromise (BEC). However, … Read more
What is Open Source Intelligence (OSINT)? Open Source Intelligence is a term originally coined by intelligence agencies. OSINT uses freely available, open sources such as print media, TV or the Internet to collect information and gain intelligence. In addition to government organizations, private sector companies also use various OSINT techniques and tools. In this century, … Read more
What is Operational Technology (OT)? Operational technology includes software and hardware for monitoring and controlling industrial plants or physical machines and their processes. In the past, these were often proprietary solutions operated in isolated environments. Digitization and the Internet of Things are merging traditional IT with operational technology. This fusion is referred to as IT/OT … Read more
What is MIM? Mobile Information Management (MIM) ensures the secure provision of corporate data on mobile devices. Along with Mobile Device Management (MDM) and Mobile Application Management (MAM), it is another important component of Enterprise Mobility Management. MIM leverages technologies and practices such as encryption, cloud services, sandboxing, containers and others. In a world where … Read more
Security Orchestration Automation and Responses (SOAR) provides software and procedures that can be used to gather information about security threats. On the basis of this information, an automatic reaction takes place. The goal is to improve threat and vulnerability management in a company. In a digital landscape, the field of cybersecurity has become increasingly complex … Read more
What is a blue team? A Blue Team has the task of protecting an organization’s IT infrastructure from real attackers as well as from simulated attacks by a Red Team. It is made up of IT security experts from within the organization and differs from standard security teams in that it is constantly alert and … Read more
What is a smart card? A smartcard is a small plastic card equipped with a microchip. The microchip provides storage for data and, depending on the type, may have its own processor with the operating system. Typical applications of the cards are authentication or payment processes. What is a smart card? A smart card is … Read more
What is a OTP? A One-Time Password is a one-time password that can be used for authentication or transactions. The one-time password can be generated dynamically or taken from a previously created list of static one-time passwords. In digital space, where our personal, financial, and sensitive information is constantly being shared and accessed online, ensuring … Read more
What is a One Time Pad? One-Time-Pad (OTP) is a symmetric encryption method in which the key is used only once for the encryption of a single message. The key has at least the same length as the message itself. The method is considered to be very secure. What is Cryptography? Cryptography is the science … Read more
What is a Bug Bounty program? A bug bounty program is a program offered by a company or organization that offers rewards such as cash or non-cash prizes for discovering vulnerabilities in software, applications, or web services. It is aimed at IT security experts and is part of the company’s or organization’s security strategy. A … Read more
What is a security token? A token, or more precisely a security token, is a special piece of hardware used to authenticate users. In addition to the token, other features such as PINs or passwords are used to provide additional security for authentication. What is a Security Token? Security tokens are a digital representation of … Read more
What is the eIDAS regulation? The eIDAS Regulation is an EU standard that aims to create uniform regulations for signatures and the provision of trust services in the EU single market. It has been in force since 2016 and aims to give electronic transactions a similar legal status to transactions on paper. What is The … Read more
What is DLP? The term Data Loss Prevention covers strategies and hardware- or software-based solutions to protect against the unintentional outflow of data. DLP is used, for example, to monitor and control data transactions on removable media, in networks, via e-mail, in cloud applications, on mobile devices, and in other areas. Data Loss Prevention (DLP) … Read more
What is security awareness? Security awareness, or security awareness training, comprises various training measures to sensitize employees of a company or organization to topics relating to the security of IT systems. The aim is to minimize the threats to IT security caused by employees. In the digital world, the concept of security awareness has become … Read more
What is Single Sign-on (SSO)? Single sign-on (SSO) enables access to services, applications, or resources via a single authentication process. SSO replaces individual logon procedures with different user data and uses an overarching identity for the user. Authentication is a fundamental aspect of digital security that plays a pivotal role in safeguarding sensitive information and … Read more
Managed Security Services (MSS) are services for managing and ensuring the IT security of companies or organizations. Providers of these services are the Managed Security Service Providers (MSSP). Depending on the provider, the services can have different scopes. Curious about fortifying your business’s digital defenses? Dive into our guide on Managed Security Services – your … Read more
TAXII (Trusted Automated eXchange of Indicator Information) provides standardized mechanisms and communication models for distributing and exchanging cyber threat information. It is designed to work with the STIX cyber threat description language, but also works with other formats. TAXII, which stands for Trusted Automated eXchange of Indicator Information, is an important protocol and standard in … Read more
What is a security policy? The security policy is a technical or organizational document with which the security claim of institutions is to be implemented and achieved. Ensuring the integrity, confidentiality, availability, and authenticity of information are core components. Security policies are fundamental guidelines and rules that organizations establish to ensure the confidentiality, integrity, and … Read more