Behavior monitoring:

Observing activities of users, information systems, and processes and measuring the activities against organizational policies and rule, baselines of normal activity, thresholds, and trends.


A list of entities that are blocked or denied privileges or access.

Blue Team:

A group that defends an enterprise's information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team).  Also, a group that conducts operational vulnerability evaluations and recommends mitigation techniques to customers who need an independent technical review of their cybersecurity posture.


A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator. A member of a larger collection of compromised computers known as a botnet.

Bot master:

The controller of a botnet that, from a remote location, provides direction to the compromised computers in the botnet. Also known as a Bot Herder. 


A collection of computers compromised by malicious code and controlled across a network.


An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device.

Build security in:

A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks.