A cybersecurity glossary with tech terms in clear language

Your guide to understanding security speak

Business email compromise (BEC)

What is business email compromise?

Business email compromise (BEC) is a cybercrime where attackers use stolen or fake credentials to send convincing emails, tricking recipients into revealing sensitive info or transferring funds.

Learn more

Cloud

What is cloud detection and response?

Cloud detection and response (CDR) quickly detects, analyzes, investigates, and responds to threats, similar to managed detection and response (MDR) and extended detection and response (XDR) services.

Learn more
What is cloud security?

Cloud security includes the policies, technologies, and practices used to secure cloud computing and its data, applications, and infrastructure.

Learn more

Endpoint

What is endpoint detection and response?

Endpoint detection and response (EDR) collects endpoint data to establish normal patterns, helping monitor for compromises and providing intelligence for containment and remediation.

Learn more

Kubernetes

What is Kubernetes security?

Kubernetes adoption is growing, but security is a challenge. Learn how to address vulnerabilities, integrate security tools, and use automation to improve Kubernetes protection.

Learn more

Managed detection and response (MDR)

What is an MDR solution?

MDR solutions quickly detect, analyze, investigate, and respond to threats using EDR, network and cloud protection, and logs.

Learn more
What is MDR in cybersecurity?

MDR in cybersecurity provides remotely delivered SOC functions, rapidly detecting, analyzing, investigating, and responding to threats through disruption and containment.

Learn more

Managed security services

What are managed security services?

Managed security services (MSS) provide outsourced threat monitoring, intrusion detection, and firewall management, helping organizations enhance security and ease in-house workloads.

Learn more

Ransomware

What is ransomware protection?

Ransomware protection involves methods and technologies to defend IT systems from ransomware—malicious software that encrypts data, blocking access until a ransom is paid.

Learn more

Security operations center (SOC)

What is a security operations center (SOC)?

A security operations center (SOC) is a centralized unit that monitors, detects, and responds to cybersecurity incidents, using people, processes, and technology to enhance security posture and manage threats.

Learn more
What is SOC-as-a-service (SOCaaS)?

SOC-as-a-Service (SOCaaS) offers 24x7 cloud-based SOC capabilities, including monitoring, alert triage, incident response, and threat remediation on a subscription basis.

Learn more

Threat intelligence

What is cyber threat intelligence?

Cyber threat intelligence gathers and analyzes data on cyber threats to help organizations prevent attacks by understanding threat actors and vulnerabilities.

Learn more
What is threat hunting in cybersecurity?

Threat hunting is a proactive approach to finding hidden or unresolved threats in a network, using digital forensics and incident response.

Learn more
expel X icon

Ready to take the next steps with Expel MDR?

The choice is yours: see Expel in action on-demand, or explore our MDR packages.