Vulnerability management is the process of identifying, evaluating, prioritizing, remediating and reporting on security vulnerabilities in web applications, computers, mobile devices and software.

The California Consumer Privacy Act (CCPA) or AB 375 is a new law that became effective on January 1 2020, designed to enhance consumer privacy rights and protection for residents in the state of California by imposing rules on how businesses handle their personal information. The CCPA is the most extensive consumer privacy legislation to pass in the United States and is akin to the European Union's General Data Protection Regulation (GDPR) and other data privacy laws and privacy regulations.

Confidentiality, integrity and availability (the CIA triad) is a security model that guides information security policies within organizations. To avoid confusion with the Central Intelligence Agency, the model is also referred to as the AIC triad.

Indicators of compromise (IOCs) are pieces of forensic data, such as system log entries, system files or network traffic that identify potentially malicious activity on a system or network. Digital forensics security analysts and information security professionals use indicators of compromise to detect data breaches, malware infections and other security incidents.

Spyware is unwanted software, a type of malicious software or malware, designed to expose sensitive information, steal internet usage data, gain access to or damage your computing device. Any software downloaded to a user's device without authorization can be classified as spyware. Even spyware programs installed for innocuous reasons often violate end user privacy agreements and have the potential for abuse.

A zero-day (0-day) is an unpatched security vulnerability that is unknown to the software, hardware or firmware developer, and the exploit attackers use to take advantage of the security hole. In general, zero-day refers to two things: Zero day gets its name from the number of days that a patch has existed for the flaw: zero. Zero-day threats represent significant cybersecurity risk because they are unknown to the party who is responsible for patching the flaw and may already be being exploited.

The Federal Information Security Management Act of 2002 (FISMA) is a United States federal law that defines a comprehensive framework to protect government information, operations and assets against natural and manmade threats. FISMA was enacted as part of the E-Government Act of 2002.

The Gramm-Leach-Bliley Act (GLBA, GLB Act or the Financial Services Modernization Act of 1999) is a United States federal law requiring financial institutions to explain how they share and protect their customers' nonpublic personal information (NPI).

The Personal Information Protection and Electronic Documents Act (PIPEDA) is the federal privacy legislation for private-sector organizations in Canada. PIPEDA became law in April 13, 2000 to promote trust and data privacy in ecommerce and has since expanded to include industries like banking, broadcasting and the health sector.

In cryptography, encryption is the process of encoding information or sensitive data so only authorized parties can access it. Encryption does not itself prevent interference and man-in-the-middle attacks, but denies intelligible content to the interceptor.