The Sevco Glossary
Asset Inventory
An asset inventory is a comprehensive catalog of an organization’s technology assets including hardware (servers, laptops, mobile devices, et.), software (applications, SaaS platforms), cloud services, and IoT devices. A well-managed and well-monitored asset inventory provides a centralized repository to track these resources and ensure that they are being used effectively and efficiently to support business operations.
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a publicly accessible database that lists known software and hardware security vulnerabilities. The MITRE Corporation maintains the Common Vulnerabilities and Exposures (CVE) website and the CVE Board oversees the CVE program which includes the assignment of identifiers and the accuracy of the database.
Common Vulnerability Scoring System (CVSS)
A Common Vulnerability Scoring System (CVSS) score is a numerical value between 0 and 10 that indicates the severity of a vulnerability in a computing system. The CVSS was created by the National Infrastructure Advisory Council (NIAC) in 2005 and is currently maintained by the Forum of Incident Response and Security Teams (FIRST). The current version is CVSSv4.0, which was released in November 2023.
Continuous Threat Exposure Management (CTEM)
Continuous Threat Exposure Management (CTEM) is a cybersecurity framework that helps organizations identify, assess, and mitigate cyber threats. CTEM is a proactive approach that continuously monitors an organization’s digital assets and network infrastructure to identify vulnerabilities and weaknesses.
Controls
Software tools deployed to protect an organization’s systems, devices, and other assets from cyberthreats and attacks to prevent, detect, mitigate, and remediate risks and vulnerabilities. Controls enables organizations to protect the confidentiality, integrity, and availability of information
Controls Validation
“Controls validation” refers to the process of systematically testing and evaluating an organization’s security controls to ensure they are functioning effectively and adequately protecting against cyber threats, essentially verifying that the implemented security measures are working as intended and can withstand real-world attacks; it involves simulating attack scenarios to identify any gaps or weaknesses in the defense system.
Cyber Asset Attack Surface Management (CAASM)
Cyber Asset Attack Surface Management (CAASM) is a cybersecurity strategy that helps organizations identify, manage, and reduce the risk of cyber threats to their assets. CAASM provides visibility into an organization’s IT environment, including devices, users, software, cloud assets, and services.
Device Inventory
A device inventory is a comprehensive list of all connected devices within a network, including details such as operating system, model, serial number, associated user(s), and other identifying information, used to track and manage potential security risks across an organization’s IT infrastructure. An accurate device inventory is essential as it provides a detailed record of every device that could be a potential exposure.
Exploit Prediction Scoring System (EPSS)
EPSS is a framework designed to estimate the likelihood that a vulnerability will be exploited in the wild based on various risk factors, including the vulnerability’s characteristics and contextual data. EPSS was launched in 2021, with the current version (v3) released in 2023. It is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
Exploit Intelligence
Exploit intelligence refers to the collection and analysis of data about known exploits, including information on how vulnerabilities are being actively used by attackers in the wild, which enables security teams to prioritize and remediate the most critical risks within their systems by understanding which vulnerabilities are most likely to be exploited.
Exposure Assessment Platform (EAP)
By consolidating the capabilities of traditional endpoint security solutions and vulnerability prioritization tools (VPTs), Exposure Assessment Platforms empowers organizations to efficiently address their most critical security gaps by enabling the prioritization of vulnerabilities based on real-world impact. The 2024 Gartner® Hype Cycle™ for Security Operations identified EAPs as marking a significant advancement in security technology.
IT Asset Inventory
An IT asset inventory (see also Asset Inventory) is a comprehensive catalog of an organization’s technology assets including hardware (servers, laptops, mobile devices, et.), software (applications, SaaS platforms), cloud services, and IoT devices. A well-managed and well-monitored asset inventory provides a centralized repository to track these resources and ensure that they are being used effectively and efficiently to support business operations.
Mitigating controls
Mitigating controls refer to strategies and actions taken to reduce the potential impact of a cyber threat by implementing preventive measures, detective controls, corrective actions, or a combination of approaches, aiming to minimize the severity of a security breach and bring the risk level to an acceptable level.
Remediation Validation
Remediation validation refers to the process of verifying and confirming that actions taken to address identified vulnerabilities, including patching systems or changing configurations, have successfully eliminated the threat..
Scanners
Scanners are tools used to enhance network security. They can help identify vulnerabilities, detect services and operating systems, and discover networks. Incorporating data from scanners, in addition to existing security tools, enables organizations to take a more holistic approach to vulnerability management.
Security Inventory
A security inventory refers to a comprehensive list of all the physical and digital assets within an organization’s environment that need to be protected, including hardware, software, network devices, users, and data. An accurate security inventory, along with comprehensive asset telemetry, enables security teams to identify potential vulnerabilities and implement appropriate security measures to mitigate risks across the entire enterprise.
Threat Intelligence
Threat intelligence refers to the process of collecting, analyzing, and interpreting information about potential cyber threats, including the tactics, techniques, and procedures used by malicious actors, to gain insights and context about emerging dangers, allowing organizations to proactively defend against them and make informed security decisions.
Vulnerability Assessment Tool
Vulnerability assessment tools identify, categorize, and prioritize potential vulnerabilities within a computer system, network infrastructure, or application, allowing organizations to proactively address them before they can be exploited by attackers. These tools automatically scan systems for known vulnerabilities by comparing system configurations against a database of security flaws (CVEs, CVSS, EPSS). Scans can include: network-based scans to identify vulnerable systems on a network, host-based scans to check individual devices, or application scans to assess web applications for specific vulnerabilities like SQL injection.
Vulnerability Prioritization
Vulnerability prioritization is the strategic process of risk ranking security vulnerabilities based on factors such as potential impact, severity, and likelihood of exploitation. This approach enables organizations to focus their resources and remediation efforts on addressing the most critical vulnerabilities first, thereby optimizing resource allocation and reducing overall risk exposure.
Vulnerability Prioritization Technology (VPT)
Vulnerability Prioritization Technology (VPT) enables organizations to prioritize and reduce risk by cutting through the noise of endless alerts. Rather than treating all vulnerabilities as equal, VPT unifies asset, vulnerability, and threat data along with business context to prioritize and mitigate exposures.