Zero-Day
A vulnerability in PKI or cryptographic systems that is unknown to the vendor and for which no official patch or mitigation exists at the time of discovery.
View termCategories
Vulnerability Management
Browse Vulnerability Management terms for cybersecurity professionals.
Languages
กลยุทธ์การลดผลกระทบ
A structured approach involving technical, administrative, or procedural controls to reduce the likelihood or impact of cryptographic or PKI-related vulnerabilities, threats, or attacks.
View termการควบคุมการลดความเสี่ยง
A technical or procedural safeguard implemented to reduce the likelihood or impact of cryptographic or PKI-related risks.
View termการค้นพบสินทรัพย์
The process of identifying and cataloging all PKI, cryptographic, or supporting assets within an organizational environment.
View termการจัดการแพตช์
A formal process for the identification, acquisition, testing, and deployment of patches to correct vulnerabilities in cryptographic systems, PKI, and related software components.
View termการจัดประเภทสินทรัพย์
The process of categorizing cryptographic, PKI, and related assets based on sensitivity, criticality, and regulatory requirements to inform protection strategies and compliance efforts.
View termการจัดประเภทสินทรัพย์
The process of classifying PKI and cryptographic assets based on value, criticality, sensitivity, and role within the organizational environment.
View termการจัดลำดับความสำคัญของความเสี่ยง
The structured process of ranking risks to cryptographic and PKI systems based on likelihood, impact, and exposure, to guide remediation and resource allocation.
View termการจัดลำดับความสำคัญช่องโหว่
The process of ranking discovered cryptographic and PKI vulnerabilities according to risk, exploitability, business impact, and regulatory requirements to optimize remediation efforts and minimize operational risk.
View termการจัดอันดับความรุนแรง
A standardized scale or categorization of the impact and urgency of vulnerabilities or incidents affecting cryptographic or PKI systems.
View termการจำลองการโจมตี
The process of emulating real-world cyberattacks against cryptographic infrastructure or PKI environments to evaluate detection, response, and resilience of the system under realistic threat conditions.
View termการจำลองการใช้ช่องโหว่
A controlled emulation of exploit attempts against cryptographic or PKI vulnerabilities to assess system resilience and validate security controls without causing harm.
View termการจำลองภัยคุกคาม
A structured process to identify, categorize, and prioritize potential threats to cryptographic systems or PKI deployments, supporting proactive risk management.
View termการจำลองภัยคุกคาม
The practice of emulating real-world attacks on cryptographic or PKI infrastructure to test defenses, validate response plans, and identify weaknesses before exploitation occurs.
View termการดำเนินการแก้ไข
A specific corrective step taken to address a vulnerability, nonconformity, or security finding in cryptographic or PKI environments.
View termการตรวจจับการใช้ช่องโหว่
The process of identifying and alerting on attempted or successful exploitation of vulnerabilities in cryptographic, PKI, or information systems, utilizing real-time monitoring, forensic analysis, and signature-based or behavioral detection mechanisms in line with organizational security policies and regulatory frameworks.
View termการตรวจจับเหตุการณ์
The process of identifying and confirming security events indicating unauthorized activity or compromise of cryptographic or PKI assets through monitoring, alerting, and correlation tools.
View termการตรวจสอบการแก้ไข
The process of confirming that actions taken to correct cryptographic or PKI vulnerabilities are effective and that affected systems are secure and compliant.
View termการตรวจสอบการใช้ช่องโหว่
The process of confirming, through controlled testing, that a discovered vulnerability in a cryptographic or PKI system can actually be exploited under operational conditions, ensuring remediation efforts are prioritized effectively.
View termการตรวจสอบความปลอดภัย
A formal, systematic review and verification of cryptographic and PKI processes, controls, and compliance with standards, performed by internal or external auditors to ensure trust and mitigate risk.
View termการตรวจสอบความสอดคล้อง
The systematic confirmation that cryptographic, PKI, and supporting systems conform to relevant standards, policies, and regulatory requirements such as NIST, ISO/IEC, and ETSI.
View termการตรวจสอบแพตช์
The process of confirming through controlled testing that a security patch applied to cryptographic modules or PKI components effectively mitigates the intended vulnerability without causing regressions or introducing new weaknesses.
View termการตรวจสอบแพตช์
The process of confirming that applied patches to cryptographic, PKI, or related systems have been correctly installed, tested, and are effective in remediating known vulnerabilities.
View termการตั้งค่าความปลอดภัยผิดพลาด
A failure to implement correct or secure settings in cryptographic, PKI, or network assets, resulting in exposure to exploitation, bypass of controls, or noncompliance with regulatory standards.
View termการติดตามการแก้ไข
The process of monitoring and documenting the status and effectiveness of actions taken to correct identified vulnerabilities in cryptographic or PKI systems until closure and verification.
View termการทดสอบข้อมูลประจำตัว
The process of validating the strength, configuration, and authenticity of credentials used within cryptographic or PKI environments.
View termการทดสอบเจาะระบบ
An authorized and controlled simulated attack on cryptographic and PKI systems, conducted to identify exploitable vulnerabilities before adversaries can exploit them.
View termการประเมินการควบคุม
A systematic assessment of technical and procedural security controls in cryptographic and PKI environments to determine their effectiveness against defined threats and risks.
View termการประเมินการใช้ช่องโหว่
The evaluation of identified vulnerabilities in cryptographic or PKI assets to determine the likelihood and potential impact of successful exploitation under realistic attack conditions.
View termการประเมินช่องโหว่
A systematic process for identifying, classifying, and evaluating vulnerabilities in information systems, cryptographic infrastructure, or PKI components, to assess the risk posture and inform remediation priorities.
View termการประเมินพื้นฐาน
A comprehensive evaluation of the security posture of PKI and cryptographic systems against established industry baselines and standards.
View termการปรับใช้แพตช์
The distribution and installation of security updates to cryptographic or PKI-related systems to remediate vulnerabilities and maintain compliance.
View termการป้องกันการโจมตีช่องโหว่
A set of technical and procedural controls to proactively prevent exploitation of vulnerabilities in cryptographic and PKI systems.
View termการยกระดับสิทธิ์
The process by which a threat actor gains unauthorized elevated access rights within cryptographic or PKI systems.
View termการยอมรับความเสี่ยง
The formal decision to tolerate a known risk in cryptographic or PKI systems, typically documented through risk management processes when mitigation is impractical or not cost-effective.
View termการระบุการโจมตี
The process of systematically identifying and cataloging all possible attack vectors and threat actors relevant to a cryptographic or PKI system.
View termการลดความเสี่ยง
The application of technical, administrative, or physical controls in cryptographic and PKI environments to lower the likelihood or impact of identified risks to acceptable levels, in line with regulatory and organizational policies.
View termการลดผลกระทบจากช่องโหว่
Technical and procedural controls implemented to reduce or eliminate the risk of exploitation of vulnerabilities in cryptographic modules or PKI systems.
View termการวิจัยช่องโหว่
The investigative process of analyzing, discovering, and documenting methods by which vulnerabilities in PKI or cryptographic systems could be exploited.
View termการวิเคราะห์ความเสี่ยงเปิดเผย
Systematic evaluation of cryptographic or PKI assets and their attack surface to determine points of exposure to vulnerabilities or unauthorized access.
View termการวิเคราะห์ผลกระทบ
A structured assessment of the potential consequences or business disruption resulting from the exploitation of vulnerabilities in cryptographic or PKI systems.
View termการสืบค้นเครือข่าย
The systematic identification and cataloging of networked assets, hosts, and services, including cryptographic and PKI infrastructure components, to assess the complete attack surface for security assessment or audit.
View termการสแกนความสอดคล้อง
An automated scan of cryptographic or PKI systems to verify conformity with regulatory and industry requirements.
View termการหมุนกุญแจ
The scheduled or event-driven replacement of cryptographic keys in a system to reduce exposure from key compromise and ensure ongoing security compliance.
View termการเชื่อมโยงการใช้ช่องโหว่
The sequential use of multiple exploits to bypass security mechanisms and gain unauthorized access to cryptographic or PKI assets, often by combining vulnerabilities in a complex attack path.
View termการเปิดรับภัยคุกคาม
The degree to which a PKI or cryptographic system is vulnerable or visible to potential threat actors, based on controls and environmental factors.
View termการเปิดเผยข้อมูลรับรอง
The unauthorized disclosure or leak of authentication credentials or cryptographic secrets (such as private keys or certificates) from PKI or related secure systems.
View termการเปิดเผยช่องโหว่
The state in which PKI or cryptographic systems are vulnerable to a known exploit, due to unpatched or misconfigured components.
View termการเล่นซ้ำการโจมตี
The process of re-enacting a recorded or theoretical attack vector against PKI or cryptographic systems to test detection and response effectiveness.
View termการแจ้งเตือนความเสี่ยง
A formal alert generated to inform stakeholders of emerging or realized PKI or cryptographic risks, often automated within governance platforms.
View termการให้คะแนนความเสี่ยง
The quantitative or qualitative assignment of a value to a risk, based on the likelihood and impact of vulnerabilities within cryptographic, PKI, or related systems.
View termกำหนดเวลาการแก้ไข
The maximum time allowed to fully address a vulnerability or nonconformity in PKI or cryptographic environments, as defined by security policy.
View termขอบเขตการสแกน
The extent to which cryptographic systems, PKI components, and related assets are included in vulnerability or configuration scans, measured against organizational security baselines and regulatory requirements.
View termข่าวกรองภัยคุกคาม
Curated, actionable knowledge regarding cryptographic or PKI-related threats, including adversary tactics, relevant indicators of compromise, and emerging attack techniques, to inform risk management and defensive measures.
View termข้อยกเว้นแพตช์
A formally documented decision to temporarily or permanently not apply a specific patch to a PKI or cryptographic system, typically due to technical or business constraints.
View termคลังช่องโหว่
A centralized and curated repository of documented exploits relevant to cryptographic or PKI environments, used for threat modeling and test planning.
View termความครอบคลุมการทดสอบ
The extent to which cryptographic or PKI system components, use cases, and controls are validated by automated or manual testing.
View termความถี่ในการสแกน
The rate at which cryptographic assets or PKI-enabled systems are scanned or assessed for vulnerabilities, exposures, or configuration weaknesses as mandated by security policy or compliance frameworks.
View termความพยายามใช้ช่องโหว่
An unauthorized action or sequence initiated by a threat actor to actively test or leverage a cryptographic or PKI vulnerability in order to gain access, escalate privileges, or disrupt services.
View termจุดอ่อนของการควบคุม
A flaw, gap, or insufficient strength in technical or procedural controls that may allow threats to compromise cryptographic or PKI environments.
View termช่องว่างความปลอดภัย
A missing or insufficient security control in cryptographic or PKI systems that exposes assets to risk, noncompliance, or exploitation by adversaries.
View termช่องโหว่ของสินทรัพย์
A weakness in a cryptographic, PKI, or related system asset that could be exploited by a threat actor to compromise confidentiality, integrity, or availability.
View termฐานข้อมูลช่องโหว่
A centralized, authoritative repository cataloging known cryptographic and PKI-related vulnerabilities, including CVEs, used for risk assessment and remediation planning.
View termตัวบ่งชี้ความเสี่ยง
A measurable signal or metric used to identify, quantify, or monitor risks affecting cryptographic or PKI assets, supporting proactive risk management and compliance efforts.
View termทดสอบความปลอดภัย
The process of evaluating cryptographic, PKI, and supporting systems for compliance with security requirements, through authorized and controlled testing methodologies specified in NIST, ISO/IEC, and ETSI standards.
View termบริบทของช่องโหว่
The operational, environmental, and architectural conditions under which a cryptographic or PKI vulnerability may be present, exposed, or exploitable, including related system, asset, and threat landscape factors.
View termบัญชีรายการการโจมตี
A comprehensive, regularly updated list or database of all known attack techniques, tools, or vectors relevant to cryptographic or PKI systems, maintained for risk assessment, simulation, and defense planning.
View termบัญชีสินทรัพย์
A comprehensive, up-to-date record of all hardware, software, certificates, cryptographic modules, and other PKI-relevant assets under governance.
View termผลการสแกน
The output or findings generated by automated or manual scans of PKI or cryptographic systems for vulnerabilities, compliance, or misconfigurations.
View termผู้ก่อภัยคุกคาม
An individual, group, or entity with the intent, capability, and opportunity to exploit vulnerabilities in cryptographic or PKI environments.
View termพื้นผิวการโจมตี
The sum of all points in a cryptographic or PKI environment where an unauthorized user could attempt to enter data, extract secrets, or exploit vulnerabilities.
View termภูมิทัศน์ของภัยคุกคาม
The evolving set of potential threats, adversary capabilities, and attack vectors relevant to cryptographic and PKI ecosystems.
View termย้อนกลับแพตช์
The process of reverting cryptographic or PKI system components to a previous version when a deployed patch introduces instability or incompatibility.
View termระบบทดสอบอัตโนมัติ
The application of automated tools and scripts to perform repeatable, consistent validation of cryptographic functions, PKI operations, and security controls during deployment, upgrade, or compliance processes.
View termรายการเอ็กซ์พลอยต์
An authoritative and frequently updated catalog of all known exploits that could target cryptographic or PKI assets, including public CVEs, proof-of-concept code, and observed attack methods.
View termรายงานการแก้ไข
A formal document detailing the corrective actions taken to address identified cryptographic or PKI vulnerabilities, including status, responsible parties, evidence, and compliance references.
View termสถานการณ์การโจมตี
A detailed narrative describing a potential attack vector or sequence of actions that a threat actor may use to exploit PKI or cryptographic vulnerabilities.
View termสถานะแพตช์
The documented and regularly updated record of the deployment, verification, and compliance of cryptographic or PKI-related security patches across all managed systems.
View termสายโซ่การโจมตี
A sequence of steps or techniques used by threat actors to exploit cryptographic or PKI weaknesses, progressing from initial access through privilege escalation to final impact.
View termหน้าต่างการเปิดรับความเสี่ยง
The time period during which cryptographic or PKI assets remain susceptible to exploitation due to the existence of unpatched vulnerabilities or misconfigurations, before effective remediation is applied.
View termหน้าต่างการใช้ช่องโหว่
The period between public disclosure of a cryptographic or PKI vulnerability and the application of effective remediation, during which systems are at elevated risk of exploitation.
View termหลักฐานการลดผลกระทบ
Documented proof that specific technical or administrative actions have effectively addressed and reduced the risk of cryptographic or PKI vulnerabilities, as required by compliance or audit processes.
View termหลักฐานการแก้ไข
Documented proof that a PKI or cryptographic vulnerability or deficiency has been addressed and corrective actions were implemented.
View termเครื่องยนต์สแกน
A dedicated software module or appliance that performs automated vulnerability, compliance, or configuration scans on cryptographic, PKI, and supporting systems.
View termเมตริกการเปิดเผย
A quantitative value representing the degree of risk, visibility, or attack surface present in PKI or cryptographic assets.
View termเล่นซ้ำการโจมตี
A controlled reproduction of a previously observed or simulated attack scenario targeting cryptographic or PKI assets, used for testing, validation, and training purposes.
View termเวกเตอร์การโจมตี
A specific method or pathway by which a threat actor attempts to exploit vulnerabilities in cryptographic or PKI infrastructure to gain unauthorized access, disrupt services, or compromise trust.
View termเวิร์กโฟลว์การแก้ไข
A formalized sequence of steps for resolving cryptographic or PKI vulnerabilities, including assignment, tracking, verification, and documentation of remedial actions.
View termเส้นฐานความปลอดภัย
A set of minimum security controls and configurations established for cryptographic or PKI systems to ensure compliance with industry standards and regulatory requirements.
View termเส้นทางการโจมตี
A sequence or route by which a threat actor progresses through vulnerabilities, misconfigurations, or controls in cryptographic or PKI systems to achieve unauthorized objectives.
View termเอนจินภัยคุกคาม
An automated software module that aggregates, analyzes, and correlates threat intelligence related to cryptographic or PKI assets for proactive risk detection and incident response.
View termแคตตาล็อกภัยคุกคาม
A structured and curated inventory of recognized PKI or cryptographic threats, attack vectors, and related mitigation strategies.
View termแดชบอร์ดความสอดคล้อง
A real-time visualization tool that aggregates and displays the status of cryptography and PKI controls, risks, incidents, and compliance metrics for ongoing governance and audit readiness.
View termแดชบอร์ดความเสี่ยง
A real-time interface that aggregates, visualizes, and monitors PKI or cryptographic risks, vulnerabilities, and remediation status for security governance.
View termแผนการแก้ไข
A documented set of actions, responsibilities, and timelines designed to resolve identified cryptographic or PKI vulnerabilities and achieve compliance with organizational and regulatory requirements.
View termแมปปิ้งการควบคุม
The process of aligning cryptographic or PKI controls with regulatory frameworks, standards, or organizational requirements to ensure comprehensive coverage and audit readiness.
View term