- Milestone A significant event or a point in time that marks a notable achievement or progress. For instance, in a security system implementation, a milestone might be the successful installation and testing of a new firewall. These markers aid in the overall management and tracking of project progress, ensuring that each component contributes effectively to the overall security posture of an organization.
- Miniature Fragment Attack A miniature fragment attack is a network-based attack where small fragments of a malicious packet are sent across the network to evade detection by intrusion detection and prevention systems that may not properly reassemble fragmented traffic. This technique can allow attackers to slip past security measures that do not scrutinize small packet fragments. Ensuring security devices correctly reassemble and inspect packet fragments is crucial to defend against miniature fragment attacks.
- Mirrored site A duplicate copy of a website or web application hosted on a different server or location. It is used to improve availability and reliability by providing a backup site in case the primary site becomes unavailable. Examples include disaster recovery sites and load-balanced sites.
- Mission-critical application An application that is essential to the operation of an organization or business. It is used to classify applications based on their importance and the impact of their failure on the organization. Examples include financial systems, healthcare systems, and emergency response systems.
- Misuse case testing Misuse case testing is an approach in software testing that involves analyzing and creating test cases based on how an application should not be used. It anticipates malicious behaviors or scenarios and tests the application's response to such misuse, like input validation errors or unauthorized attempts to access data, aiming to identify and mitigate vulnerabilities.
- Misuse detection The process of identifying unauthorized or malicious activity within a system. It is used in security systems to prevent and respond to cyber threats. Examples include using an intrusion detection system to monitor network traffic for unusual behavior, implementing access controls to prevent unauthorized users from accessing sensitive information, and conducting regular security audits to identify potential vulnerabilities.
- Mitigation The process of reducing the impact or severity of potential or actual negative events. In the context of risks, threats, or attacks, mitigation strategies could involve a variety of measures, from implementing additional safeguards to improving response strategies, with the goal of minimizing the potential damage and disruption that could result from such events.
- MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) A framework for understanding the tactics, techniques, and procedures (TTPs) used by attackers in cyber-attacks. It is used in IT security to help organizations identify and defend against potential threats by providing a comprehensive view of the various stages of an attack. Examples include using the framework to prioritize security measures and detect and respond to attacks in progress.
- Mobile code Programs, scripts, or part of software that can be transferred across networks and executed on a remote system to perform tasks or functions. While this offers flexibility and facilitates data sharing and task automation, it can also pose risks as it could potentially be used maliciously, transferring harmful code or unauthorized data between systems.
- Mobile computing A technology that allows transmission of data, voice, and video via any portable device, like smartphones or laptops, over a network. The portable devices have the capacity to access and process data in real-time, without being connected to a fixed physical link. While mobile computing has revolutionized communication and information access, it also presents challenges related to data privacy, security, and integrity.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.