Learn With Lepide

A glossary of educational resources focused on providing explanations, examples, and best practices for a wide range of cybersecurity and compliance related topics. Ready to learn with Lepide?


DCSync Attack

DCSync is a technique used to abuse domain controller (DC) synchronization, where an attacker simulates the replication process to trick Active Read More..

DCShadow Attack

The DCShadow attack allows attackers with privileged credentials to create a rogue Domain Controller (DC) and mimic it by replicating malicious Read More..

Vendor Privileged Access Management (VPAM)

Vendor Privileged Access Management (VPAM) is a specialized implementation of Privileged Access Management (PAM) tailored to manage and monitor Read More..


Identity management involves managing user accounts and regulating their access to resources. PIM (Privileged Identity Management) prioritizes t Read More..

User Activity Monitoring (UAM)

User Activity Monitoring (UAM) is the monitoring and tracking of end user behavior on devices, networks, and other company-owned IT resources. U Read More..

Secrets Management

Secrets management is a security measure that centralizes the storage and management of sensitive information, such as IDs, passwords, API keys, Read More..

Privileged Access Management as a Service (PAMaaS)

Privileged Access Management (PAM) as a Service is a cloud-based solution designed to manage and secure privileged accounts within an organizati Read More..

Endpoint Privilege Management (EPM)

Endpoint Privilege Management (EPM) establishes stringent controls over privileged access to network devices. Administrators meticulously define Read More..


The NIST Cybersecurity Framework (NIST CSF) is a set of guidelines, best practices, standards, and recommendations developed by the National Ins Read More..

Security Assertion Markup Language (SAML)

Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdPs) to securely pass authorization credentials t Read More..

User and Entity Behavior Analytics (UEBA)

User Entity Behavior Analytics (UEBA) is a cybersecurity technology that monitors the behavior of users and entities within an organization's ne Read More..

Data Loss Prevention (DLP)

Ddata Loss Prevention, or DLP, is a set of policies, practices, and solutions that combine to prevent sensitive data from escaping the organizat Read More..

Personally Identifiable Information (PII)

Personally identifiable information (PII) encompasses any data that can identify an individual, either on its own or when combined with other da Read More..

Cyber Kill Chain

The Cyber Kill Chain is a framework developed by Lockheed Martin to outline the stages of a cyberattack. It consists of seven stages: Reconnaiss Read More..

Brute Force Attack

A brute force attack is a method used by attackers to gain unauthorized access to a system or encrypted data by systematically trying all possib Read More..

Proxy Server

Proxy servers essentially act as bridges between a user and the internet. Instead of you having to connect directly to a website or another user Read More..

PGP Encryption

Pretty Good Privacy (PGP) is a widely used encryption protocol designed to enhance the security of online communication. It provides the ability Read More..

SMB Port

The Server Message Block (SMB) protocol is a client-server protocol designed for sharing files, printers, and data over a network. It enables us Read More..

Red Team vs Blue Team

In cybersecurity, Red and Blue teams play distinct yet crucial roles. The Red Team assumes the role of attackers, meticulously seeking vulnerabi Read More..

Zero Trust Security

A Zero Trust Architecture complies with the principle “never trust, always verify.” This guiding concept has existed since John Kindervag cr Read More..

MITRE ATT&CK Framework

MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a comprehensive framework that categorizes adversary behaviors, providin Read More..

Computer Worm

Computer worms are malicious software that can autonomously replicate and spread across networks without human intervention. They leverage inter Read More..

Insider Threat

An insider threat refers to malicious activity against an organization that originates from users with legitimate access to an organization’s Read More..

Log Files

A log file is a chronological record of events that occur within a system. It contains detailed information about each event, including its time Read More..

Azure Kubernetes Service (AKS)

Azure Kubernetes Service (AKS) is a fully managed Kubernetes service provided by Microsoft. It streamlines the deployment and management of Kube Read More..


CRUD (Create, Read, Update, Delete) operations are essential for APIs and web apps, enabling data manipulation in databases. In API models, CRUD Read More..


A Keylogger is typically a piece of malicious software that records every keystroke made on a computer, including passwords, credit card numbers Read More..

Logging as a Service (LaaS)

Logging as a Service (LaaS) is a centralized platform for managing log data. It aggregates logs from multiple sources such as web servers and Io Read More..

MDR (Managed Detection and Response)

MDR (Managed Detection & Response) is a cybersecurity service with a dedicated team monitoring your organization's IT for threats. Imagine a 24/ Read More..

Spear Phishing

Spear phishing, unlike mass attempts, involves meticulous planning and personalized emails. Attackers gather intel from sources like social medi Read More..

Trojan Horse

Trojan horses disguise as harmless apps to deceive users, stealing passwords or enabling malware access. They can disrupt systems by deleting, b Read More..

Zero-Day Attack

Zero-day attacks target undisclosed vulnerabilities ("zero-day exploits"). These are software weaknesses unknown to vendors, giving them "zero d Read More..