Observing activities of users, information systems, and processes and measuring the activities against organizational policies and rule, baselines of normal activity, thresholds, and trends.

A list of entities that are blocked or denied privileges or access.

A group that defends an enterprise's information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team).  Also, a group that conducts operational vulnerability evaluations and recommends mitigation techniques to customers who need an independent technical review of their cybersecurity posture.

A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator. A member of a larger collection of compromised computers known as a botnet.

The controller of a botnet that, from a remote location, provides direction to the compromised computers in the botnet. Also known as a Bot Herder. 

A collection of computers compromised by malicious code and controlled across a network.

An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device.

A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks.