The FREE Cybersecurity Glossary by Thor Pedersen!

Software-Defined Networking (SDN): A networking architecture that uses software to control and manage network infrastructure rather than relying on hardware-based controls. It is used to improve network agility, scalability, and flexibility. Examples include using software-defined networking controllers, virtualizing network functions, and implementing network automation tools.

Software-Defined Security (SDS or SDSec): An approach to security that uses software to define and enforce security policies across an organization's network. It is used to provide centralized, flexible, and scalable security management. Examples of SDS solutions include network security virtualization and software-defined perimeter.

Software escrow: The process of depositing a copy of software code with a third party to ensure that the code is available in the event that the software developer becomes unable or unwilling to provide support or updates. It is used in software licensing agreements to protect the user's interests. Examples include using escrow agreements for proprietary software, storing multiple copies of the code in different locations, and regularly verifying the integrity of the code in escrow.

Software exploitation: The act of leveraging software vulnerabilities to gain unauthorized access or control over a system. By exploiting flaws, bugs, or design deficiencies, attackers can bypass security mechanisms, disrupt system functionality, steal sensitive data, or execute arbitrary commands. Effective strategies to counter software exploitation include regular updates and patches, rigorous testing, and security best practices during software development.

Software quality assurance: A process used to ensure that software meets certain standards of quality and functionality. It is used throughout the development and testing of software to identify and fix defects before the software is released to users. Examples of software quality assurance include running automated tests on new code to ensure it meets standards, conducting user acceptance testing to ensure the software meets business requirements, and conducting code reviews to identify potential issues.

Software System Testing and Evaluation: A formalized process in software engineering that involves conducting a series of tests and evaluations to ensure a software system performs according to its design and meets user requirements. These activities include compliance testing, security testing, performance testing, and user testing, among others, to assess the system's readiness for deployment.