The FREE Cybersecurity Glossary by Thor Pedersen!

Web risk assessment: The process of identifying, analyzing, and understanding the risks associated with the use of web applications in an organization. The objective is to determine the potential impact of these risks and formulate strategies to mitigate or eliminate them.

Web security gateway: A security solution that prevents unsecured traffic from entering an internal network of an organization. It is used to protect against web-based threats such as viruses, worms, Trojans, and other malicious software by monitoring web traffic at the application level to detect and block anything malicious.

Web server: A computer that stores, processes, and delivers web content, such as HTML pages, images, and files, to clients on the internet. It is used to host and serve websites and web applications. Examples include Apache, IIS, and Nginx.

Well-known ports: The standardized network port numbers used by internet protocols to identify and communicate with specific services and applications. It is used to ensure that network traffic is routed to the correct destination on the network. Examples include port 80 for HTTP, port 443 for HTTPS, and port 22 for SSH.

Whaling: A type of social engineering attack that specifically targets high-level executives or other significant individuals within an organization to gain access to sensitive information or manipulate decisions. Examples include spear phishing, pretexting, and baiting.

Whistleblowing: The act of reporting illegal or unethical behavior within an organization. It is often used in the field of IT security to report issues such as cyber-attacks, data breaches, or unauthorized access to sensitive information. Examples of whistleblowing in IT security might include reporting a colleague who has accessed company data without permission or alerting management to a cyber-attack that has occurred.