Hydden’s Glossary

A

Access Control	In cybersecurity, access control is a security framework that determines who has access to resources through authentication and authorization rules. Access controls authenticate users by verifying login credentials, such as usernames, passwords, PINs, security tokens, and biometric scans.
Access Risk	Access risk in cybersecurity is the potential for unauthorized or inappropriate access to systems, data, or resources. It encompasses the likelihood that vulnerabilities in access controls could be exploited by malicious actors or accidental misuse by authorized users. This risk can lead to data breaches, system disruptions, financial loss, and reputational damage.
Authentication	In cybersecurity, authentication is the process of verifying the identity of a user, device, or process before granting access to a system or resource.

C

Cloud	Cloud services are infrastructure, such as servers, computers, or software hosted by third-party providers and made available to users through the internet. Cloud services can be public or private.
Continuous Discovery	Continuous discovery of identities, in the context of cybersecurity, refers to the ongoing process of identifying, verifying, and managing the identities of individuals, devices, and systems within an organization's network. It involves using various techniques and technologies to collect and analyze data about entities and their interactions, allowing for the identification of new or unknown identities that may pose a security risk.
Continuous Identity Hygiene	Organizations must continually maintain their overall identity hygiene through continuous discovery, inventory, and monitoring of accounts to reduce overall cyber risk. The barriers to mature identity hygiene are the time-consuming and manual processes required to comply with internal and external requirements. Implementing strong security controls, auditing of user accounts and access, user and machine account lifecycle management, and ongoing monitoring and incident response typically involve multiple security products and expert analysts. Hydden acts as a force multiplier for your identity team, automating what would otherwise be time-consuming and manual tasks necessary to maintain proper identity hygiene.
CVE	Common Vulnerabilities and Exposures, a list of publicly disclosed vulnerabilities and exposures.
CVSS	The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.

D

Data Source

Hydden uses the term data source for data collection endpoints at which collectors gather account details for security analysis. The data source is configured by users based on their operational needs to collect data from platforms like Azure, Okta, AD, etc. For a complete list of available options, refer to Modules

E

Exposure

Exposure in Cybersecurity refers to the state of being vulnerable or accessible to unauthorized access, use, disclosure, disruption, modification, or destruction of information or systems. In the context of accounts and identities, it specifically denotes the potential for an individual's or system's credentials, data, or privileges to be compromised or misused.

I

Identity Attack Surface	The Identity Attack Surface includes all systems of a corporate network, on-premises and/or cloud, that authenticates user-controlled or automated interactions and grants access to corporate system based on that authentication. It is crucial for organizations to proactively manage and understand their specific attack surface. That understanding is key to limiting all potential points of exposure. By being informed and knowledgeable about the particulars of their Identity Attack Surface, organizations can take effective steps to prevent unauthorized access and misuse of user identities.
Identity Data	Identity data refers to the structured information elements that uniquely identify or validate an individual or entity within digital systems and networks. In the context of a cybersecurity identity vendor, identity data encompasses all attributes, credentials, and metadata used to establish, verify, and manage digital identities throughout their lifecycle. Identity data typically includes: Identifiers: Unique values that distinguish one identity from another (usernames, email addresses, UUIDs, employee IDs) Authentication factors: Information used to verify claimed identities (passwords, biometric templates, security questions, certificate data) Attributes: Descriptive characteristics associated with identities (full name, job title, department, location) Entitlements: Rights and permissions assigned to identities (access levels, role assignments, group memberships) Behavioral patterns: Usage patterns and activity signatures that help establish identity trust (login times, device preferences, interaction patterns) Contextual metadata: Information about the circumstances of identity usage (device information, network location, time stamps, session data) Relationship data: Connections between identities and organizational structures (reporting lines, team memberships, third-party relationships) This data serves as the foundation for identity and access management (IAM) processes, supporting authentication, authorization, governance, and compliance functions within enterprise security frameworks.
Identity Federation	Trust relationships between different identity domains or systems to enable seamless and secure access across organizational boundaries.
Identity Lifecycle Management	Managing the entire lifecycle of user identities, from onboarding to offboarding, including periodic reviews and updates to access privileges.
Identity Threat	A cybersecurity risk that exploits a person's or system's identity to gain unauthorized access to sensitive information or resources. Common identity threats involve stealing, compromising, or impersonating identities to circumvent security controls and execute malicious activities. Credential theft: Stealing usernames and passwords to access accounts Phishing: Deceiving users into revealing personal information through fraudulent emails or websites Impersonation: Pretending to be someone else to gain trust and access Account takeover: Compromising existing accounts for malicious purposes Insider threats: Employees or contractors misusing their authorized access Protecting against identity threats requires strong identity and access management practices, such as multi-factor authentication, password policies, regular security awareness training, and constant review and adjustments of existing policies.

O

On-premises or on-prem

On-premises/on-prem refers to technology, such as systems and software, installed within the physical confines of organizations.

T

Threat

A natural or man-made occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, or property.

Threat Rules

Threat rules are predefined sets of conditions and actions designed to detect and respond to potential security threats related to identity and access management. These rules are typically implemented within an identity and access management (IAM) system to monitor user behavior, system activity, and other relevant data for anomalies or suspicious patterns that may indicate a security breach. Key components of threat rules include: Conditions: Specific criteria or patterns that trigger the rule, such as failed login attempts, unusual access patterns, or suspicious geographic locations. Actions: Responses to a rule being triggered, which can include blocking access, generating alerts, initiating investigations, or applying additional authentication factors. Risk scoring: A mechanism to prioritize threats based on their potential impact and likelihood.

V

Vaulted Credential	A vaulted credential is a credential for a managed account, as in an account of any type that is actively managed in an organization's password vault or safe. For example, looking at the CyberArk integration, a vaulted credential is known as a Privileged Credential in the CyberArk Platform.
Vulnerability	An exposure, flaw, or weakness that could be exploited by a threat. Also, the susceptibility of an organizational service or asset to disruption.

Public Reference Sources

• Small Business Cybersecurity Corner Glossary from NIST.