Glossary

The Terms Shaping Modern Identity Security

Search

C

Certificate Authority (CA)

Certificate Lifecycle Management

Certificate-Based Authentication

CI/CD Pipeline Security

Cloud Access Security Broker (CASB)

Cloud Entitlement Sprawl

Cloud Identity

Cloud Identity Governance

Cloud Infrastructure Entitlement Management (CIEM)

Cloud PAM

Cloud Privileged Access Management

Cloud Security Posture Management (CSPM)

Compliance Automation

Compliance Framework

Compliance Management

Compliance Reporting

Conditional Access

Configuration Drift

Consent Management

Container Identity

Context-Aware Authorization

Continuous Authentication

Continuous Compliance

Continuous Control Monitoring

Continuous Identity Verification

Continuous Monitoring

Continuous Privilege Validation

Continuous Threat Exposure Management (CTEM)

Credential Deception Technology

Credential Exposure

Credential Management

Credential Rotation

Credential Stuffing

Credential Theft

Credential Vaulting

Cross-Border Identity Compliance

Cross-Site Scripting (XSS)

Cross-Tenant Access Risk

Cryptographic Agility

Cryptographic Identity Binding

Customer Identity and Access Management (CIAM)

CVE (Common Vulnerabilities and Exposures)

Cybersecurity Mesh Architecture (CSMA)

D

Data Breach

Data Classification

Data Governance

Data Lineage

Data Loss Prevention (DLP)

Data Privacy

Data Residency

Data Security

Data Security Posture Management (DSPM)

DDoS Protection

Decentralized Identifiers (DIDs)

Decentralized Identity (DID)

Deception Technology

Defense in Depth

Delegated Administration

Deny by Default

Device Authentication

DevSecOps Identity Integration

Digital Certificate

Digital Identity

Digital Identity Verification

Digital Identity Wallet

Digital Signature

Directory Services

DMZ (Demilitarized Zone)

DPDPA Compliance

Dynamic Access Control

F

Fast Identity Online (FIDO)

Federated Identity

Federated Identity Management

FIDO2 / WebAuthn

H

Hardware Security Module (HSM)

Hash Function

HMAC (Hash-Based Message Authentication Code)

Human vs Non-Human Identity

Hybrid Identity

J

Joiner-Mover-Leaver (JML)

JSON Web Encryption (JWE)

JSON Web Token (JWT)

Jump Server

Just-in-Time (JIT) Access

Just-in-Time Elevation

Just-in-Time Provisioning

K

Kerberos Authentication

Key Management

Know Your Customer (KYC)

Knowledge-Based Authentication (KBA)

Knowledge-Based Authentication (KBA)

M

Machine Identity Management

Machine-to-Machine Authentication

Managed Identity

Metadata Management

Microsegmentation

Microsoft Entra ID

MITRE ATT&CK Framework

Multi-Factor Authentication (MFA)

Mutual Authentication

Mutual TLS (mTLS)

N

Network Detection and Response (NDR)

Network Segmentation

NIST SP 800-63

Non-Human Identity (NHI)

Non-Human Identity Governance

Non-Repudiation

O

OAuth 2.0

OAuth 2.0 Security

OAuth App Governance

One-Time Password (OTP)

OpenID Connect (OIDC)

Orphan Accounts

Out-of-Band Authentication

OWASP Top 10

P

Passkeys

Passkeys and FIDO2

Password Management

Password Policy

Password Spraying

Passwordless Authentication

Patch Management

Peer Group Analytics

Personally Identifiable Information (PII)

Phishing Attack

Phishing Detection

Phishing-Resistant Authentication

Policy Enforcement

Policy Management

Policy-as-Code

Post-Quantum Authentication

Post-Quantum Cryptography (PQC)

Presentation Attack Detection (PAD)

Principle of Least Privilege

Privacy-Preserving Authentication

Privilege Creep

Privilege Escalation

Privileged Access Management (PAM)

Privileged Account

Privileged Cloud Access

Privileged Identity Management (PIM)

Privileged Identity Management (PIM)

Privileged Session Management

Public Key Infrastructure (PKI)

Q

Quantum Computing

Quantum Cryptography

S

SaaS Governance

SaaS Identity Sprawl

SaaS Security Posture Management (SSPM)

SAML

SAP GRC Access Control

Secrets Management

Secrets Rotation Automation

Secure Access Service Edge (SASE)

Secure Email Gateway

Security as Code

Security Incident Management

Security Information and Event Management (SIEM)

Security Operations Center (SOC)

Security Service Edge (SSE)

Segregation of Duties (SoD)

Self-Sovereign Identity (SSI)

Separation of Duties

Service Account

Service Account Governance

Service Provider (SP)

Service-to-Service Authentication

Session Hijacking

Session Management

Session Recording

Shadow IT

Shift-Left Security

Single Sign-On (SSO)

SOC 2 Compliance

Social Engineering

Software Supply Chain Security

Software-Defined Perimeter (SDP)

Software-Defined WAN (SD-WAN)

SPIFFE / SPIRE

SQL Injection

SSH Key Management

SSL/TLS Certificate

Standing Privileges

Step-Up Authentication

Strong Authentication

Sudo

Supply Chain Identity Risk

Synthetic Identity Fraud

T

Tenant Isolation

Third-Party Access Management

Third-Party Risk Management (TPRM)

Threat Detection

Threat Detection and Response

Threat Intelligence

Time-Based One-Time Password (TOTP)

Token Management

Token Theft Prevention

Token-Based Authentication

Tokenized Identity

Transport Layer Security (TLS)

Trust Score

Two-Factor Authentication (2FA)

W

Web Application and API Protection (WAAP)

Web Application Firewall (WAF)

WebAuthn

Workforce Identity Federation

Workload Identity

Workload Identity Federation

Z

Zero Standing Privilege

Zero Trust Architecture

Zero Trust Identity

Zero Trust Network Access (ZTNA)

Zero Trust Security

Zero-Day Vulnerability

ZKP (Zero-Knowledge Proof)

GET A PERSONALIZED DEMO

Ready to see Tech Prescient in action?

“As an industrial, securing capacity and optimizing budget are key. In that perspective, you are looking for a transport”

quote
Murli Ramsunder

Murli Ramsunder

Senior Architect, Vonage