Security flaws or weakness inherent in a device’s physical components or design that that can be exploited to compromise the integrity, confidentiality, or availability of the system and its data.
Hardware Vulnerabilities
Specialized form of software stored on hardware devices, like a router or a smart thermstat, that provides low-level control for the device’s specific hardware.
Firmware
Refers to hardware or software products that have reached the end of their life cycle.
End-of-Life Systems
Outdated computing software, hardware, or technologies that have been largely superseded by newer and more efficient alternative
Lagacy Systems
Hardware or software products that no longer received official technical support, security updates, or patches from their respective vendors or developers.
Unsupported Systems
Device, application, or piece of software that has not been updated with the latest security patches so that it remains vulnerable to known exploits and attacks
Unpatched System
Occurs when a device’s setting, parameters, or options are not optimally set up, and this can cause vulnerabilities to exist, a decrease in performance, or unintended behavior of device or systems
Hardware Misconfiguration
Involved tightening the security of a system
Hardening
Involved the regular updating of the software, firmware, and applications with
Patching
Used to ensure all devices and systems adhere to a standard secure configuration
Configuration Enforcement
Means that the system is retired and removed from the network
Decommissioning
Used to limit the potential damage that might occur from a potential security breach
Isolation
Used to divide the network into segments
Segmentation
Wireless technology standard used for exchanging data between fixed and mobile devices over short distance without the need for an internet connection
Bluetooth
Occur when Bluetooth devices establish a connection without proper authentication
Insure Device Pairing
Occurs when an attacker impersonates a device to trick a user into connecting
Device Spoofing
The practice of installing application on a device from unofficial source which actually bypasses the device’s default app store
Sideloading
Process that gives users escalated privileges on the devices and allows users to circumvent the built-in security measures provided by the devices
Jailbreaking/Rooting
Used to conduct patching of the devices by pushing any necessary updates to the devices to ensure that they are always equipped with the latest security patches
MDM Solution
Any vulnerability that’s discovered or exploited before the vendor can issue a patch for it
Zero-day Vulnerabilities
Any unknown exploit in the wild that exposes a previously unknown vulnerability in the software or hardware.
Zero-day Exploit
OS that have not been updated with the latest security patches or fixes
Unpatched Systems (Unpatched)
Occurs when the system’s settings are not properly configured, and this leaves the system vulnerable to exploitation
Misconfiguration
Unauthorized data transfers from within an organization to an external location
Data Exfiltration
-
Data Protection37
-
Cryptographic Solutions20
-
Fundamentals of Security59
-
Threat Actors40
-
Physical Security25
-
Social Engineering34
-
MALWARE27
-
Third-Party Vendor Risks26
-
Security Infrastructure93
-
Governance and Compliance39
-
Vulnerabilities and Attacks49
-
Asset and Change Management36
-
Cyber Resilience and Redundancy51
-
Security Techniques58
-
Security Architecture40
-
Incident Response33
-
Alerting and Monitoring20
-
Identity and Access Management Solution57
-
HARDENING25
-
Vulnerability Management20
-
Malicious Activity31
-
Security Awareness13
-
Investigating an Incident10
-
Orchestration and Automation31
-
Areas Need Improvement13
-
Test-Data Monitoring10
