Similar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation.
Extended Definition: For software, descriptions of common methods for exploiting software systems.
Related Term(s): attack signature
Adapted from: Oak Ridge National Laboratory Visualization Techniques for Computer Network Defense, MITRE's CAPEC web site

 A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks.
Extended Definition: An automated set of rules for identifying a potential threat (such as an exploit or the presence of an attacker tool) and possible responses to that threat.
Related Term(s): attack pattern
Adapted from: NCSD Glossary, CNSSI 4009, ISSG V1.2 Database

The set of ways in which an adversary can enter a system and potentially cause damage.
Extended Definition: An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system.
Adapted from: Manadhata, P.K., & Wing, J.M. in Attack Surface Measurement; DHS personnel

 An individual, group, organization, or government that executes an attack.
Extended Definition: A party acting with malicious intent to compromise an information system.
Related Term(s): adversary, threat agent
Adapted from: Barnum & Sethi (2006), NIST SP 800-63 Rev 1

The process of verifying the identity or other attributes of an entity (user, process, or device).
Extended Definition: Also the process of verifying the source and integrity of data.
Adapted from: CNSSI 4009, NIST SP 800-21, NISTIR 7298

A property achieved through cryptographic methods of being genuine and being able to be verified and trusted, resulting in confidence in the validity of a transmission, information or a message, or sender of information or a message.
Related Term(s): integrity, non-repudiation
Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4

 A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource.
Extended Definition: The process or act of granting access privileges or the access privileges as granted.
From: OASIS SAML Glossary 2.0; Adapted from CNSSI 4009

New technology first introduced by Compellent around 2007.  EMC and 3PAR also came on strong around 2008 with their solutions.  Auto tiering is most commonly referred to; data residing on two or three classes (performance) of storage.  These would most commonly be today; SSD, 10k and 7200RPM drives. Autotirering resides on the controllers and as data is utilized by the user, data moves to the appropriate performance storage.  For example, high-speed data being written to the storage can write to SSD then move to lower-cost 10k drives. Once the data becomes less required, the data can move to lower-cost near-line 7200RPM archive drives.  

The property of being accessible and usable upon demand.
Extended Definition: In cybersecurity, applies to assets such as information or information systems.
Related Term(s): confidentiality, integrity
Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4, 44 U.S.C., Sec 3542

Backup is the process of replicating your vital data onto a secondary storage device or off-site storage, for the purpose of recovery incase the original data is accidentally erased, damaged, or destroyed.