Unosecur glossary
The Unosecur cybersecurity glossary offers clear, concise definitions of essential identity security, cloud security, and access management terms. Explore key cybersecurity concepts like IAM, PAM, MFA, ITDR, and Zero Trust and stay informed about the threats and technologies that matter most.
Access certification
Access certification (also called access attestation or recertification) is the process of periodically reviewing and validating users’ access rights to ensure they are appropriate for their current job roles.
Read More >Access discovery
Access discovery is the process of scanning and mapping who (users, groups, service accounts) has access to which resources (files, databases, apps) across an organization’s IT environment. It aims to produce a comprehensive, up-to-date inventory of permissions, roles, entitlements, and policy configurations—spanning on-prem servers, cloud services, SaaS apps, and more.
Read More >Access management
Access management refers to the processes and technologies that determine who or what can access specific resources or data. Once a user or system’s identity is confirmed (authenticated), access management governs their permissions and privileges.
Read More >Active directory
Active Directory is a directory service developed by Microsoft for Windows domain networks. In simpler terms, it’s a centralized database of users, computers, and other objects, along with their credentials and permissions, that helps manage and secure an organization’s IT resources.
Read More >Application gateway
An application gateway is a network security service (often a type of reverse proxy) that sits between clients and back-end applications to manage and secure incoming traffic. Sometimes called an application proxy or application-level gateway, it operates at the application layer (Layer 7) and can inspect, filter, and route requests based on defined rules.
Read More >Authentication and Authorization
Authentication is the process of verifying an entity’s identity – for example, confirming a user is who they claim to be via passwords, tokens, biometrics, etc. Authorization, by contrast, determines what an authenticated entity is allowed to do or access.
Read More >Bot security
Bot security ensures that automated software agents (“bots”) operating on the internet or within an enterprise environment are identified, monitored, and protected from compromise or malicious use.
Read More >CI/CD pipeline
A CI/CD pipeline is an automated workflow that covers the stages of Continuous Integration (CI) and Continuous Delivery/Deployment (CD) in software development. In simpler terms, it’s the process that builds, tests, and deploys code changes automatically.
Read More >Cloud IAM Permissions
Cloud IAM permissions are the rules or policies that define which actions (e.g., read, write, configure) a given identity (user, group, role) can perform on specific resources in a cloud environment.
Read More >Cloud Infrastructure Entitlements Management (CIEM)
Cloud Infrastructure Entitlements Management (CIEM) refers to tools and processes that discover, analyze, and right-size cloud permissions in complex multi-cloud environments.
Read More >Cloud workload security
Cloud workload security involves protecting computing resources (VMs, containers, serverless functions) running in the cloud.
Read More >Customer identity and access management (CIAM)
Customer Identity and Access Management (CIAM) is the specialized domain of managing and securing external user identities—primarily customers, partners, or citizens—who need to access an organization’s public-facing applications or services. Unlike workforce IAM (focusing on employees), CIAM typically handles large-scale, externally facing user bases, often with millions of accounts.
Read More >Data breach
A data breach is an incident where unauthorized parties gain access to confidential or protected information. This can involve theft of personal data (names, emails, social security numbers), financial data (credit cards), intellectual property, or other sensitive records.
Read More >Devops security
DevOps Security (often called DevSecOps) is the discipline of integrating security practices into the DevOps process – which combines software development (Dev) and IT operations (Ops). Instead of treating security as an afterthought or a separate silo, DevOps security embeds security checks and safeguards at every stage of the software development lifecycle, from code design and build, to testing, deployment, and operations.
Read More >Directory services
In computing, directory services are systems that store, organize, and provide access to information about users and other resources. They act like a centralized phonebook for network resources, mapping names of entities (users, computers, printers, etc.) to details like attributes and network addresses.
Read More >Identity and access management (IAM)
Identity and Access Management (IAM) is a framework of policies, processes, and technologies that ensures the right individuals (or machines) have appropriate access to resources at the right times.
Read More >Identity as a service (IDaaS)
Identity as a Service (IDaaS) refers to cloud-based identity and access management solutions provided by a third party. Instead of running their own identity infrastructure, organizations can rely on an IDaaS provider to handle authentication, authorization, directory services, and other identity functions as a subscription service.
Read More >Identity governance and administration (IGA)
Identity Governance and Administration (IGA) is a policy-based approach to managing digital identities and their access rights within an organization.
Read More >Intelligent privilege controls
Intelligent privilege controls (IPC) use context-aware analytics, automation, and machine learning to adjust privileges dynamically in real time. Instead of static roles or scheduled reviews, the system continuously evaluates signals—user behavior patterns, real-time threat intel, device posture—and modifies privilege levels accordingly.
Read More >Just-in-Time (JIT) access
Just-In-Time (JIT) access is a method where elevated privileges (e.g., admin rights) are granted only when needed and automatically expire after a short, approved window. Rather than possessing standing privileges full-time, a user or process requests escalation to perform a specific task—like installing software on a server—and reverts to normal privileges once done.
Read More >Kubernetes
Kubernetes is an open-source platform for orchestrating containerized applications across clusters of machines. Often abbreviated “K8s,” it automates the deployment, scaling, and management of containers (which are lightweight, self-contained runtime environments for applications).
Read More >Least privilege
Least Privilege is a fundamental security principle stating that users, applications, or systems should only have the minimum level of access (privileges) required to perform their legitimate tasks—and nothing more.
Read More >Machine identity
A machine identity is a cryptographic credential or certificate that identifies a non-human entity - like a server, container, IoT device, or API client - to other systems.
Read More >Malware attacks
Malware attacks involve malicious software—viruses, worms, trojans, ransomware—designed to disrupt, damage, or gain unauthorized access to systems or data.
Read More >Mitre ATT&CK framework
The MITRE ATT&CK Framework is a globally recognized knowledge base of adversary tactics, techniques, and procedures (TTPs) mapped across the intrusion lifecycle—from initial access to exfiltration.
Read More >Multi-Factor Authentication (MFA)
Multi-Factor Authentication requires users to present two or more independent “factors” to verify identity during login. The classic categories of factors are: something you know (e.g., password or PIN), something you have (e.g., a physical token, smartphone app, smart card), and something you are (biometric traits like fingerprint, face scan). By combining factors, MFA adds layers of proof so that if one factor (like a password) is compromised, an attacker still cannot authenticate without the additional factor(s).
Read More >Multi-cloud
“Multi-cloud” refers to an IT strategy where an organization uses cloud services from more than one cloud provider concurrently – for example, running some workloads on Amazon Web Services (AWS), others on Microsoft Azure, and maybe others on Google Cloud Platform (GCP).
Read More >Multi-factor authentication fatigue
MFA fatigue (push bombing) is an attack technique targeting users who use push-notification multi-factor authentication (like a phone app that prompts “Do you approve this login?”).
Read More >Non-human identity
Non-human identity refers to any identity used by automated processes, bots, applications, APIs, or services rather than a physical user.
Read More >Phishing
Phishing is a social engineering attack in which an attacker masquerades as a trustworthy entity to trick individuals into revealing sensitive information or performing harmful actions.
Read More >Phishing attack
Phishing is a social engineering tactic where attackers pose as a trusted entity (bank, employer, service provider) to trick victims into revealing credentials, installing malware, or taking harmful actions.
Read More >Privileged access management (PAM)
Privileged Access Management (PAM) is a set of processes and technologies aimed at securing and controlling privileged accounts and the credentials (passwords, keys, tokens) that grant elevated rights in IT environment.
Read More >Privileged entitlements management (PEM)
Privileged Entitlements Management (PEM) extends beyond traditional PAM by focusing on continuously discovering and governing which high-risk permissions (entitlements) exist and who holds them.
Read More >Ransomware
Ransomware is malicious software that encrypts victims’ files or systems, rendering them inaccessible until a ransom is paid (often in cryptocurrency).
Read More >Remote access security
Remote access security covers the policies, technologies, and controls that safeguard connections from external networks to internal systems.
Read More >Remote work security
Remote work security addresses the broader challenge of protecting corporate data and applications accessed from outside traditional office environments—home offices, co-working spaces, or traveling employees.
Read More >Robotic Process Automation (RPA)
Robotic Process Automation automates repetitive tasks by emulating human interactions with software—like filling forms, copying data between systems, or performing rule-based workflows.
Read More >SaaS
oftware-as-a-Service (SaaS) is a cloud delivery model where applications (e.g., CRM, email, file sharing) are hosted and maintained by a provider, and customers access them over the internet via a subscription.
Read More >SecOps
Security Operations (SecOps) merges IT operations and security teams into a cohesive unit that continuously monitors, detects, and responds to threats.
Read More >Secrets management
Secrets management involves securely storing, distributing, and rotating sensitive credentials—API keys, passwords, encryption keys, TLS certificates—used by applications and services.
Read More >Single Sign-On (SSO)
Single Sign-On is an authentication scheme that allows users to log in once and gain access to multiple applications or systems without re-entering credentials for each one.
Read More >Social engineering
Social engineering exploits human psychology—trust, urgency, fear—to manipulate individuals into divulging confidential information or performing unauthorized actions.
Read More >TEA (time, entitlements and approvals)
TEA stands for Time, Entitlements, and Approvals – a security methodology that extends the principle of least privilege by adding granular control in three dimensions. It means that when granting access to a resource, you specify how long(Time) the access is valid, what exact privileges (Entitlements) are given, and who/what must approve the access (Approvals).
Read More >Temporary elevated access management (TEAM)
Temporary Elevated Access Management (TEAM) refers to a just-in-time privilege approach where users are granted elevated permissions for a limited time period to perform specific tasks. Rather than having always-on admin rights, a user requests the needed privilege, an approval workflow evaluates the request, and if approved, the user gets time-bound access that expires automatically.
Read More >Third-party access
Third-party access refers to external users or organizations connecting to a company’s systems or data for business purposes. These third parties can include vendors, contractors, partners, suppliers, or service providers who are granted certain privileges within the primary organization’s IT environment.
Read More >User behavior analytics
User Behavior Analytics (UBA) examines user activities—logins, file access, network usage—and applies statistical or machine learning models to detect anomalies that may indicate insider threats or compromised accounts.
Read More >Virtual directory
virtual directory is a software abstraction layer that pulls identity data from multiple directories (Active Directory, LDAP, databases, cloud directories) and presents it as a single, unified view to applications.
Read More >Voice phishing
Voice phishing, or “vishing,” is a social engineering attack where fraudsters use phone calls (voice) to impersonate a trusted entity and deceive victims into divulging confidential information or taking an action.
Read More >Zero Standing Privileges (ZSP)
Zero Standing Privileges (ZSP) is an advanced principle where no accounts (human or machine) retain continuous privileged access. Instead, all privileged rights are granted just-in-time, on demand, and immediately revoked once the task completes.
Read More >