Cybersecurity terms, in plain language
Security is jargon-heavy. These short, opinionated definitions are written for the people who have to decide what to buy and what to do — not the people selling it. Every term is also defined en français on its own page.
Detection & response 8
Antivirus
Software that detects and removes known malicious programs, traditionally by matching them against a database of signatures.
Read definition →Endpoint Detection and Response (EDR)
Security software on laptops, servers, and workstations that detects and stops attacks attackers run on the device itself.
Read definition →Extended Detection and Response (XDR)
Detection and response across multiple security data sources — endpoints, email, identity, cloud — combined into one platform.
Read definition →Incident Response (IR)
The structured process of containing, investigating, eradicating, and recovering from a security incident — ideally guided by a tested plan.
Read definition →Managed Detection and Response (MDR)
A security service that combines continuous monitoring, threat investigation, and hands-on response into a single managed outcome.
Read definition →Security Information and Event Management (SIEM)
A platform that collects log data from across your environment and runs detection rules over it to find security events.
Read definition →Security Operations Center (SOC)
The team and tooling that continuously monitor your environment for security threats, investigate them, and respond when something is found.
Read definition →Security Orchestration, Automation, and Response (SOAR)
Tooling that automates repetitive parts of investigation and response — like enriching alerts or isolating endpoints.
Read definition →Threats & attacks 13
Botnet
A network of compromised devices controlled remotely by an attacker, often used for attacks or spam at scale.
Read definition →Business Email Compromise (BEC)
A scam where attackers take over or impersonate a business email account to redirect payments or steal sensitive information.
Read definition →Dark Web
A hidden part of the internet, reachable only with special software, where stolen data and criminal services are bought and sold.
Read definition →Distributed Denial of Service (DDoS)
An attack that overwhelms a website or service with traffic from many sources so legitimate users cannot reach it.
Read definition →Identity Theft
The fraudulent use of someone's personal information — to open accounts, make purchases, or impersonate them.
Read definition →Malware
Malicious software — viruses, trojans, ransomware, spyware — designed to damage, disrupt, or gain unauthorized access to systems.
Read definition →Phishing
Fraudulent messages — by email, text, or phone — designed to trick someone into giving up credentials, money, or access to your systems.
Read definition →Ransomware
Malicious software that encrypts your data and demands payment for the key — often combined with data theft and extortion.
Read definition →Social engineering
Manipulating people — rather than hacking technology — into giving up access, credentials, or money.
Read definition →Spam
Unsolicited bulk messages — usually email — sent indiscriminately, sometimes as a vehicle for scams or malware.
Read definition →Spyware
Malicious software that secretly gathers information about a person or organization without their knowledge.
Read definition →Trojan Horse
Malware disguised as legitimate software to trick someone into installing it, then used to steal data, open a backdoor, or deliver other malware.
Read definition →Zero-Day
A software vulnerability that attackers exploit before the vendor has released a fix, leaving no patch available when the attacks begin.
Read definition →Defences & controls 10
Data Backup
A separate, recoverable copy of your data, kept so you can restore it after loss, corruption, or a ransomware attack.
Read definition →Encryption
Scrambling data with a mathematical key so only someone with the right key can read it — protecting information both in transit and at rest.
Read definition →Firewall
A security control that monitors and filters network traffic, blocking connections that do not meet a defined set of rules.
Read definition →Multi-Factor Authentication (MFA)
A sign-in security control that requires something beyond a password — typically a phone, security key, or app prompt.
Read definition →Patch Management
The ongoing process of keeping software up to date by applying the vendor fixes that close known security holes before attackers can exploit them.
Read definition →Penetration Testing
An authorized simulated attack on your systems, carried out to find and prove real security weaknesses before criminals do.
Read definition →Two-Factor Authentication (2FA)
A sign-in method that requires two different proofs of identity — typically a password plus a code or app prompt.
Read definition →Virtual Private Network (VPN)
An encrypted connection that lets remote users reach a private network securely over the public internet.
Read definition →Vulnerability Management
The ongoing process of finding, prioritizing, and fixing security weaknesses in your systems before attackers exploit them.
Read definition →Zero Trust
A security model that trusts no user or device by default — even inside the corporate network — and verifies every access request continuously.
Read definition →Compliance & privacy 4
Canada's Anti-Spam Legislation (CASL)
Canadian law that regulates commercial electronic messages, requiring consent before you email or text customers.
Read definition →Data breach
An incident where personal or sensitive information is accessed, stolen, or exposed without authorization.
Read definition →Law 25
Quebec's modernized privacy law, introducing stricter consent, breach-reporting, and accountability obligations.
Read definition →Personal Information Protection and Electronic Documents Act (PIPEDA)
Canada's federal private-sector privacy law, governing how businesses collect, use, and disclose personal information.
Read definition →