The FREE Cybersecurity Glossary by Thor Pedersen!

Shoulder surfing: The act of obtaining sensitive information such as passwords, PINs, or security codes by directly observing someone as they enter the information into a device. This could be done at close range (literally looking over someone's shoulder) or from a distance using binoculars or cameras. In the digital context, shoulder surfing is a serious security threat that can lead to unauthorized access to systems, identity theft, and other forms of cybercrime.

Side Channel Attacks: Security attacks that exploit indirect information gained from a system's implementation, such as power consumption or electromagnetic emissions, to compromise the system. While side-channel attacks can occur in various environments, including virtualized systems, they are not exclusive to virtualization and can affect physical hardware as well.

SIEM as a Service: A subscription-based service model that outsources the complex tasks of managing and analyzing the vast amount of security data typically handled by SIEM software. By using SIEM as a Service, organizations can take advantage of SIEM capabilities without the need to own, maintain, or manage the required infrastructure and resources. This service provides scalability, flexibility, and access to expert resources, enabling businesses to bolster their security posture while minimizing resource expenditure.

SIEM automated responses: The actions automatically triggered by a Security Information and Event Management (SIEM) system in response to detected events or conditions that meet predefined criteria. These responses could include notifications, system alterations, or other actions intended to mitigate a potential threat. For example, if the SIEM system detects a sudden surge in network traffic that could indicate a denial-of-service attack, it could automatically limit traffic from the suspicious source or alert the security team.

SIEM (Security Information and Event Management): A type of software that collects and analyzes security-related data from multiple sources, such as network devices and security appliances. This concept is used in IT security to provide a centralized view of an organization's security posture and identify potential threats. For example, a SIEM system might monitor network traffic for suspicious activity or alert administrators to a potential security breach.

Signal jamming: A technique used to disrupt or block wireless signals, such as radio or wireless internet signals. It is often used in electronic warfare, and jamming devices can be used to disrupt GPS, cellular, and other wireless communications. For instance, an attacker may use signal jamming to disrupt communications during a military operation or to prevent a victim from using their phone to call for help.