A

• Active Server Pages - ASP cf. ASP
• ActiveX Generic name for Microsoft component technology
• Ajax - Asynchronous Java And XML Development method for web applications and web technology 'convergence' -including (X)HTML, Javascript, DOM, CSS, XML- dedicated to make web architectures quick, richer and more friendly
• Anti-tampering Method and device dedicated to prevent disassembly and reverse engineering on a piece of software
• Apache By far the most popular HTTP web server running with Linux and PHP
• API - Application Programming Interface Method to call applications and objects on a library or an Operating System. It is a set of functions made available to programmers, an 'entry point' to use third-party software
• Applet Small Java program launched by an application. An applet can not be executed directly by the Operating System
• Artificial Intelligence Computer activity that intends to execute tasks that are, for the present time, better accomplished by human beings because they require high level mental processes such as : perceptual learning, memory organisation and critical reasoning. AI programs tend to 'emulate' this human expertise. BinarySEC uses an AI engine to 'capture' the good behaviour of a web application and reject illegitimate traffic
• ASP - Active Server Pages Technology enabling web developers to combine scripts and HTML code in order to create dynamic content and web applications. Comparable with PHP
• Asp.net Software platform using ASP
• Attack obfuscation Attack masking, for instance through encoding URL sent to a website

B

• Backdoor Malicious program aiming to hijack functionalities of a service. It is also a system opening masked access channels used by a hacker on the targeted machine
• Basel II (accords) International bank norms aiming to 'refine' bank risk, especially credit, market and operational risks. They have an impact in computer security inasmuch as these norms take into account operational risk such as fraud and system failures and consequently intrusion risk, data theft, unavailability
• Black hat (or cracker) Malvolent hacker attempting to penetrate computers with bad intentions
• Black list Operating principle of a security tool which consists of comparing each request to a malicious signature base. It will thus refuse these requests and accept all other -including unknown- ones. Antivirus usually use this signature principle
• Bug Anomaly when a computer program is being executed
• Botnet 'zombie' computers being part of PC or server malicious networks which are infected by computer viruses or Trojans. These networks are controlled via the Internet usually for criminal reasons. One or more persons can monitor all infected machines and gain considerable power as well as ability to act anonymously, to achieve massive attacks (denial of service) or to host illicit contents or applications
• Browser Software dedicated to consult the 'world wide web'. The browser enables to connect to a web server using HTTP protocol in order to collect and display HTML format pages. The browser also processes HTTPS for SSL, SET for secured transactions and FTP for file transfers. Other standard languages such as CSS, DHTML, XHTML and Javascript are also interpreted by the browser. Other not standardised extensions also exist, such as Flash, Java or ActiveX
• Brute-force An attack aiming to thoroughly test all passwords, pincodes or keys until the good key has been found
• Buffer overflow Attack technique which consists of sending more data than expected in a memory buffer. This causes a dysfunction which enables a cracker to gain maximum rights on a machine if it was configured improperly

C

• Cache It is both a local data storing space to record answered pages and a sub-system that enables to control, read and delete these records. Its main purpose is to record answers in order to decrease access time and network overload for future similar requests
• Cgi - Common Gateway Interface Interface description between a web server and an application
• Cluster(ing) Grouping of various independent computers (also called nodes) to enable global management and combine storing and processing resources
• Code auditing Detailed analysis of source code in order to detect potential vulnerabilities
• Code injection Technique dedicated to inject code in a program or a system taking advantage of lack of input validation. BinarySEC stops these attacks which are very efficient and widely spread
• Coldfusion Coldfusion is a tag based language which looks like HTML. Coldfusion enables to quickly make simple operations such as database interfacing and data display on web pages
• Colocation hosting Web hosting offer when a server hosts many different websites from (usually) various customers
• Cookie Very small file written on your hard disk by a web server in order to memorize specific information such as profile, configuration, last visit, etc.
• Cookie poisoning An attack where the malicious hacker modifies cookie content. Cookies are supposed to be stored on user's PC and sent to the web server without change
• Cracker - cracking Cyber criminal penetrating illegally a machine or a computer network. Unlike the cracker, a hacker does not have criminal motivation and mainly acts for R&D or personal knowledge purposes
• Cross-site request forgery (CSRF or XSRF) This attack on websites exploits the trust a website has in a user by forging a request from a trusted user. Also known as session riding.
• Cross-site scripting -XSS- A category of flaws resulting from a lack of input validation. For instance, an attacker may 'post' a message including malicious code on a website which accepts HTML code with no specific validation. BinarySEC protects against this very common class of flaws
• Cve - Common Vulnerabilities and Exposures- A category of flaws resulting from a lack of input validation. For instance, an attacker may 'post' a message including malicious code on a website which accepts HTML code with no specific validation. BinarySEC protects against this very common class of flaws