Enya Security
Request an audit
RESOURCE

Cybersecurity
glossary

Understand the key terms of information security, explained simply, without unnecessary jargon.

Clear, accessible
definitions
Concrete examples
for better understanding
Built for small businesses
and associations
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

Authentication

Process used to verify a user's identity before granting them access to a resource (application, database, email...).

Example: you enter your password to log in to your work email.

RELATED SERVICES

B

Database

A system for storing and organizing information in a structured way, so it can be easily retrieved and used.

Example: customers, orders, invoices, stock — most business software relies on a database.

RELATED SERVICES

C

Encryption

Transformation of data using a key, so that it can only be read by an authorized person who holds that key.

Example: stolen data that is encrypted remains unreadable to an attacker who does not have the decryption key.

RELATED SERVICES

CVE

A public, standardized identifier assigned to a known security vulnerability in software, hardware, or a system. The registry is maintained by the MITRE organization.

Example: CVE-2025-12345 (format CVE-year-number), a unique reference any professional can look up to understand a specific flaw.

RELATED SERVICES

D

Dark Web

The part of the Internet not indexed by standard search engines and accessible only through specific tools (such as Tor). Used for both legitimate and malicious purposes.

Example: credentials stolen in a data breach can be put up for sale on dark web forums.

RELATED SERVICES

F

Firewall

A device or piece of software that filters network traffic: it allows legitimate connections through and blocks the rest.

Example: a misconfigured firewall can leave a database port accessible from the Internet without anyone noticing.

RELATED SERVICES

H

Phishing

A technique used to trick a person, most often by email, into disclosing confidential information or clicking a malicious link.

Example: a fake "Your Office 365 session has expired" email urging the recipient to click a fraudulent link.

RELATED SERVICES

M

Malware

A general term for any malicious software designed to damage a system, steal information, or take control of it (viruses, ransomware, spyware...).

Example: a booby-trapped attachment that silently installs spyware on a workstation.

RELATED SERVICES

MFA (multi-factor authentication)

A login method that adds one or more verification steps after the password, to confirm the user's identity. Even if a password is stolen, access remains blocked without the second factor.

Example: you enter your password, then your phone asks you to confirm the login.

RELATED SERVICES

R

Ransomware

Malicious software that encrypts the files on a computer or server to prevent their use. Attackers then demand a ransom in exchange for a decryption key. ANSSI strongly advises against paying: it does not guarantee data recovery.

Example: an employee opens a booby-trapped attachment; within minutes, the server's files become inaccessible and a payment demand appears.

RELATED SERVICES

S

Backup

A copy of data, made regularly and ideally kept isolated from the main network, allowing restoration in the event of a failure, error, or attack.

Example: a company hit by ransomware restores its files from an offline backup without paying a ransom.

RELATED SERVICES

SQL Injection

A technique used to execute malicious SQL queries when a web application does not properly validate user input.

Example: an attacker modifies a form or a URL to access data they should not be able to see.

RELATED SERVICES

T

TLS

A protocol that encrypts communications between a browser and a server, ensuring the confidentiality of the exchange. It's what shows the padlock in the address bar (HTTPS).

Example: without a valid TLS certificate, data entered on a site (form, payment) can be intercepted.

RELATED SERVICES

V

VPN

An encrypted connection that provides secure access to a remote network, as if the user were physically present on that network.

Example: a remote employee uses a VPN to securely access their company's servers.

RELATED SERVICES

Z

Zero-Day

A vulnerability still unknown to the software vendor, for which no fix exists at the time it is discovered or exploited.

Example: a zero-day flaw exploited before the vendor even has time to release a security update.

RELATED SERVICES

No term matches your search.

Why a glossary?

Cybersecurity uses a lot of technical terms. This glossary helps you better understand the issues and our services.

  • Understand before you act
  • Communicate better with experts
  • Make better decisions

FAQ

How are these definitions written?

Each term is verified against reference sources (ANSSI, CNIL, MITRE, official documentation) and then rewritten in our own words, in accessible language.

Are the definitions exhaustive?

No, they are intentionally kept concise. The goal is to provide a clear, quick understanding, not a full technical course.

Can't find a term?

Get in touch and we'll be happy to add it to this glossary.

Have a question?

Get in touch, we'll be happy to answer.

Contact us →