Security Intermediate

What is Data Loss Prevention (DLP)?

A strategy and set of tools that detect and prevent unauthorized transmission of sensitive data outside an organization.

DLP systems monitor and control data movement across networks (network DLP), on endpoints (endpoint DLP), and in cloud services (cloud DLP). They identify sensitive data (credit cards, SSNs, health records) using pattern matching, keywords, and machine learning.

Actions include blocking transmission, encrypting data, alerting administrators, and quarantining files. DLP is required by regulations including GDPR, HIPAA, and PCI DSS. Implementation requires careful policy tuning to balance security with productivity.

Testing a running application from the outside by sending malicious requests to discover security vulnerabilities.

RBAC (Role-Based Access Control)

An access control model where permissions are assigned to roles, and users are assigned to roles rather than getting permissions directly.

Supply Chain Attack

A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.

Webhook Signature Verification

A security mechanism that verifies webhook payloads are authentic and unmodified using cryptographic signatures.

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

SQL Injection

An attack where malicious SQL code is inserted into application queries through user input to access or manipulate the database.

View All Security Terms →