Find all of our content intended to enrich your understanding of the Cyber ​​industry

We provide you with expert content such as our monthly and quarterly reports on the state of the threat, our webinars but also feedback from users of our XDR, CTI and TIP platform.

Glossary

XDR

(eXtended Detection & Response)
XDR (eXtended Detection & Response) designates a holistic approach to cybersecurity operational. It stands out for its ability to consolidate and automate on a unified SaaS platform all data, analyzes and responses to cyber threats, regardless of their origin, supplier or specialization.
Read more

SIEM

(Security Information and Event Management)
A SIEM (Security Information and Event Management) is an IT security tool that is used to collect, store and analyze large volumes of log data from all sources in the enterprise. It is used to take advantage of each of these data (collected) to identify and analyze, from a platform, the events and/or incidents that may take place on the company's computer network.
Read more

EDR

(Endpoint Detection and Response)
EDR stands for Endpoint Detection and Response. The term EDR first appeared in 2013 in an analysis by the consulting firm Gartner. Analyzing the fact that hackers primarily target employee workstations, Gartner has introduced the concept of “Endpoint Detection and Response” to designate a security solution to detect and remedy cyber threats targeting endpoints (computer, server).
Read more

CTI

(Cyber Threat Intelligence)
Cyber ​​Threat Intelligence (CTI) defines cyber threat research, analysis and modeling. It'is used to prevent and detect computer attacks.
Read more

IoC

(Indicator of compromise)
IoC (Indicator of compromise) is qualified technical data that makes it possible to detect malicious activities on an information system. These indicators can be based on data of various types, for example: a file hash, a signature, an IP address, a URL, a domain name… but in all cases, the technical data alone (observable, see this word) is not enough to talk about IoC.
Read more

SOC

(Security Operations Center)
Security Operations Center (SOC) is an organizational structure dedicated to the implementation of all the security operations of an organization against cyberattacks. These actions include the supervision and protection of an organization’s information system (workstations, networks, website, applications, databases, etc.)
Read more

SOAR

(Security Orchestration, Automation and Response)
A Security Orchestration Automation and Response system covers three major functions: response, orchestration, and automation of computer security systems. Along with SIEM and CTI, this is one of the three main functions of a SOC.
Read more

STIX

(Structured Threat Information eXpression)
STIX (Structured Threat Information eXpression) is an open standard describing objects of interest in the field of defensive computer warfare, and the links they can maintain between them.
Read more

CERT

(Computer Emergency Response Team)
The primary mission of a CERT is to contain computer security incidents, minimize their impact on the organization's operations and reputation, and facilitate post-crisis remediation and reconstruction.
Read more

Firewall

(Firewall)
A firewall is a network security system that helps protect your computer from unauthorized access. It does this by blocking incoming and outgoing requests to your computer, based on rules that the network administrator has predefined.
Read more

ISAC

(Information Sharing and Analysis Center)
ISAC (Information Sharing and Analysis Center) is a non-profit organization that provides a central resource capable of gathering information on cyber threats against critical infrastructures and share them with its members.
Read more

Shadow IT

()
Shadow IT is a term used to refer to hardware and software deployed by employees within an organization without the knowledge or approval of its IT department.
Read more

Traffer

(Worker in the underground community)
From the Russian word “Траффер”, also referred to as “worker” in the underground community, traffers are responsible for redirecting user’s traffic to malicious content (malware, fraud, phishing, scam, etc.) operated by others.
Read more

DLP

(Data Loss Prevention)
Data Loss Prevention (DLP) is the process of identifying critical data within the organization and implementing controls to prevent unauthorized access or deletion of critical data.
Read more

APT

(Advanced Persistent Threat)
APT (Advanced Persistent Threat) is a sophisticated attack on an organization that can take months to identify and remove. It is also used as a term for malware designed to steal information from a targeted organization.
Read more

Vice Society

(Vice society)
Vice society is a little-known double extortion group that recently joined the cybercrime ecosystem.
Read more

Roaming Mantis

(Roaming Mantis)
Roaming Mantis (Chinese intrusion set) is assessed to be a financially motivated group, with a history of targeting developed countries.
Read more

APT27 (LuckyMouse, EmissaryPanda)

(Advanced Persistent Threat 27)
APT 27 aka LuckyMouse or EmissaryPanda is a cyber threat actor, reputed to be close to the People's Republic of China (PRC).
Read more

Calisto

(COLDRIVER)
Calisto is a reputed threat actor close to Russia and also known as COLDRIVER.
Read more

Turla

(Turla alias Uroburos, Snake, Venomous Bear)
TURLA (aka Uroburos, Snake, Venomous Bear) is an historical Russian-speaking cyber espionage group widely believed to be operated by the Federal Security Service of the Russian Federation (FSB).
Read more

APT29 aka Nobelium, Cozy Bear

( Advanced Persistent Threat 29)
Nobelium, also known as APT29, is a cyber espionage group that is believed to be operated by the Russian government.
Read more

APT31

( Advanced Persistent Threat 31)
APT31 (also know as Zirconium or Judgment Panda) is an Advanced Persistent Threat (link to APT) group whose mission is likely to gather intelligence on behalf of the Chinese government.
Read more

CSIRT

(Computer Security Incident Response Team)
A Computer Security Incident Response Team (CSIRT) is an operational security team who are responsible for responding to and managing computer security incidents within an organization.
Read more

MSSP

(Managed Security Service Provider)
MSSP is a third-party service provider or supplier that offers computer security services to a client company on a subscription basis.
Read more

EPP

(Endpoint Protection Platform)
EPP (Endpoint Protection Platform) is a cybersecurity solution that helps organizations protect their devices (laptops, desktops, servers, and mobile devices) from cyber threats.
Read more

EPT

(Endpoint protection tools)
Endpoint protection tools are security solutions that are designed to protect an organization's endpoints, such as laptops, desktops, servers, and mobile devices, from cyber threats.
Read more

Cybersecurity

()
Cybersecurity is a professional activity that helps protect companies' networks, systems and sensitive data from digital attacks.
Read more

SEO poisoning

(Search Engine Optimisation poisoning)
SEO poisoning is a method used by cyberattackers to position malicious websites in the best search engine results.
Read more

Callback phishing

()
This is a spearphishing tactic. It involves impersonating legitimate platforms or businesses by sending emails claiming that the victim has been or will be charged for a service. Then, she urges victims to call a listed phone number for further clarification.
Read more