Skip to main content
Tarbh Tech

Glossary

We know this world is full of acronyms. Here's what they actually mean – plus a guide to our Irish brand names.

Add-On Product
Optional services layered on top of a COSAINT tier — e.g. dark web monitoring, cyber insurance brokerage, penetration testing.
Adversary-in-the-Middle (AiTM) Technical
An attack where the attacker sits between the user and the real login page, relaying credentials and capturing session tokens in real time. Bypasses standard MFA because the attacker steals the authenticated session, not just the password. Learn more
APT Technical
Advanced Persistent Threat. A prolonged, targeted cyberattack where an intruder gains access and remains undetected — typically state-sponsored or highly resourced. Learn more
Attack Surface Technical
The total number of points where an attacker could try to enter your environment — every device, user account, API, and exposed service.
Audit Trail Technical GRC
A chronological record of system activities — logins, file access, configuration changes — that can be reviewed during investigations or audits.
Azure Microsoft Technical
Microsoft's cloud computing platform. Infrastructure, databases, AI services, and more — hosted in Microsoft data centres globally. Learn more
Backup Technical
A copy of your data stored separately so it can be restored after accidental deletion, ransomware, or hardware failure.
Baseline Product
The security foundation we deploy in every engagement. Our non-negotiable starting point — MFA, endpoint management, email security, and monitoring.
Brute Force Attack Technical
An attack that systematically tries every possible password or key until the correct one is found. Defended against with account lockout policies, MFA, and strong password requirements. Learn more
Business Continuity Technical GRC
The plan and processes that keep your organisation running during and after a major disruption — cyber incident, natural disaster, or supplier failure. Related: NIS2 Guide for Irish SMEs · How We Work
Business Email Compromise (BEC) Technical
A targeted scam where attackers impersonate a trusted figure — a CEO, supplier, or solicitor — to trick staff into transferring funds or sharing sensitive data. Often uses compromised email accounts rather than spoofed ones, making it harder to detect. One of the costliest forms of cybercrime globally. Learn more
Business Impact Analysis GRC
An assessment of how a disruption to each business function would affect the organisation — used to prioritise recovery and set RTOs.
Certificate-Based Authentication Technical
Using a digital certificate (stored on a device or smart card) to verify identity — stronger than passwords, and one of the phishing-resistant MFA methods.
Cloud-First Technical
An IT strategy that defaults to cloud services (like Microsoft 365) rather than on-premises servers. Reduces hardware costs and improves flexibility.
Compliance GRC
Meeting the requirements set by laws, regulations, industry standards, or contractual obligations. In practice: having the right controls in place and being able to prove it.
Conditional Access Technical Microsoft
Microsoft's policy engine that decides who can access what, from where, on which device. The backbone of zero-trust security in M365. Learn more Related: Security Baseline Explained · What Does Managed IT Cost?
COSAINT (kuh-SAHNT, /kɔˈsɑːntʲ/) Irish Product
Protection (Irish). The name of our managed service tiers.
COSAINT Complete Product
End-to-end IT and security for organisations with on-premises infrastructure, network equipment, and complex environments.
COSAINT Cyber Product
Our entry-level security tier. Enterprise-grade protection for teams of any size — security without the IT management layer. From EUR 35 per user per month.
COSAINT Essentials Product
Security plus essential IT management — endpoint management, helpdesk, and Microsoft 365 administration layered on the Cyber foundation. From EUR 60 per user per month.
COSAINT Managed Product
Full IT operations with security built in. For teams outsourcing IT entirely.
COSAINT Strategic Product
Strategic IT partnership with vCISO advisory, advanced compliance, and Microsoft Sentinel SIEM.
Credential Stuffing Technical
An attack where stolen username/password pairs from one breach are tried against other services — banking on password reuse. Learn more
Cyber Essentials GRC
A UK/Ireland government-backed certification scheme covering five basic security controls. A good starting point for SMEs. Learn more
Cyber Insurance Technical GRC
Insurance that covers financial losses from cyber incidents. Increasingly requires MFA, EDR, and documented security controls to qualify.
Dark Web Monitoring Technical
Scanning criminal marketplaces for your organisation's leaked credentials, domains, or data — early warning before an attack.
Data Breach Notification GRC
The legal requirement to inform regulators (and often affected individuals) within 72 hours when personal data is compromised. Required under GDPR.
Data Exfiltration Technical
The unauthorised transfer of data out of your organisation — whether by an external attacker, malware, or a malicious insider. Learn more
Defender for Endpoint Microsoft Technical
Microsoft's EDR solution built into M365 Business Premium and E5. Monitors devices for threats and enables automated response. Learn more
Defender for Identity Microsoft Technical
Monitors Active Directory signals to detect compromised identities, lateral movement, and advanced threats targeting your users. Learn more
Defender for Office 365 Microsoft Technical
Protects email and collaboration tools against phishing, malware, and business email compromise — beyond what Exchange Online Protection provides. Learn more
Defender XDR Microsoft Technical
Microsoft's extended detection and response platform. Correlates signals across endpoints, email, identity, and cloud apps in a single console. Learn more
DLP Technical Microsoft
Data Loss Prevention. Policies that prevent sensitive information from leaving your organisation via email, file sharing, or other channels. Learn more
DNS Filtering Technical
Blocking access to known-malicious websites at the network level — before a user even reaches the page.
Domain Hardening Technical
Configuring SPF, DKIM, and DMARC on your email domain to prevent spoofing and improve deliverability.
DORA GRC
Digital Operational Resilience Act. EU regulation for financial entities requiring IT risk management, incident reporting, and third-party oversight. Learn more
EAA GRC
European Accessibility Act. EU directive requiring digital products and services to meet accessibility standards from June 2025.
EDR Technical
Endpoint Detection and Response. Software on each device that monitors for and responds to threats in real time. Learn more Related: Security Operations · Network Segmentation for Manufacturing
Encryption Technical
Converting data into a coded format so only authorised parties can read it. Applied at rest (stored) and in transit (moving across networks). Learn more
Endpoint Technical
Any device that connects to your network — laptops, desktops, phones, tablets, production floor machines.
Entra ID Microsoft Technical
Microsoft's identity and access management service (formerly Azure Active Directory). Manages who your users are and what they can access. Learn more
EvilGinx Technical
An open-source adversary-in-the-middle (AiTM) framework used in real-world attacks and security testing. It proxies login pages — including Microsoft 365 — to capture both credentials and session tokens, bypassing standard MFA. The reason phishing-resistant MFA (FIDO2, passkeys) matters.
FIDO2 Technical
An open authentication standard developed by the FIDO Alliance that enables passwordless, phishing-resistant login using hardware security keys or platform authenticators. The technical foundation behind passkeys. Learn more
Firewall Technical
A network security device or software that monitors and controls incoming and outgoing traffic based on defined rules. Learn more
First 90 Days Product
Our structured onboarding programme. Baseline deployment, documentation, knowledge transfer, and the first QBR — all within the first quarter.
GDPR GRC
General Data Protection Regulation. The EU's data protection law governing how personal data is collected, stored, and processed. Applies to every Irish business. Learn more Related: NIS2 Guide for Irish SMEs · IT for Professional Services
Helpdesk Technical Product
The first point of contact for IT support requests. In COSAINT Managed and above, we provide the helpdesk — your users contact us directly.
IAM Technical
Identity and Access Management. The policies and tools that ensure the right people have the right access to the right resources. Learn more
Incident Response Technical GRC
The structured process for detecting, containing, and recovering from a security incident. Defined in advance, tested regularly. Related: NIS2 Guide for Irish SMEs · What Does Managed IT Cost?
Insider Threat Technical GRC
A security risk from within the organisation — a current or former employee, contractor, or partner who misuses their access, whether maliciously or through negligence. Learn more
Intune Microsoft Technical
Microsoft's device management platform. Controls what's installed, enforced, and allowed on every laptop and phone. Learn more
IP Allowlisting Technical
Restricting access to a system or service to only specific, approved IP addresses — reducing the attack surface.
ISO 27001 GRC
International standard for information security management systems (ISMS). A framework for managing security risks systematically. Learn more
Just-in-Time Access Technical Microsoft
Granting admin privileges only when needed and only for a limited time — rather than permanent "always-on" admin rights.
KQL Technical Microsoft
Kusto Query Language. The query language used in Microsoft Sentinel, Defender, and Log Analytics to search and analyse security data. Learn more
Lateral Movement Technical
When an attacker moves from one compromised system to others within the same network — escalating access and impact.
Least Privilege Technical
The principle that users should only have the minimum access needed to do their job — nothing more. Learn more
M365 Business Premium Microsoft Product
The Microsoft 365 licence that includes Defender for Endpoint, Intune, Entra ID P1, and DLP. The licence we recommend for every COSAINT client. Learn more
Malware Technical
Malicious software — viruses, ransomware, trojans, spyware. Any software designed to damage, disrupt, or gain unauthorised access to systems. Learn more
MDR Technical
Managed Detection and Response. 24/7 security monitoring by a team of analysts (not just software). We use Blackpoint Cyber. Related: Security Operations · Security Baseline Explained
MFA Technical
Multi-Factor Authentication. Requiring two or more forms of proof to log in (e.g. password + phone app). Standard in every COSAINT tier — but not all MFA is created equal. Learn more Related: Security Baseline Explained · What Does Managed IT Cost?
MFA Fatigue Technical
An attack where the attacker repeatedly triggers MFA push notifications, hoping the exhausted user eventually taps "Approve" to make them stop. Defeated by number matching and phishing-resistant MFA.
Microsoft 365 Microsoft
Microsoft's cloud productivity suite — Exchange, Teams, SharePoint, OneDrive, plus security and compliance tools depending on licence tier. Learn more
Microsoft Sentinel Microsoft Technical
Microsoft's cloud-native SIEM. Collects data from across your environment, uses AI to detect threats, and automates response. Included in COSAINT Strategic. Learn more
Network Segmentation Technical
Dividing a network into separate zones so a breach in one area cannot easily spread to others. Related: Network Segmentation for Manufacturing · IT for Manufacturing
NIS2 GRC
The EU Network and Information Security Directive (version 2). Requires essential and important entities to meet cybersecurity standards and report incidents. Learn more Related: NIS2 Guide for Irish SMEs · IT for Manufacturing
Number Matching Microsoft Technical
An MFA enhancement in Microsoft Authenticator that displays a two-digit number on the sign-in screen. The user must type the matching number in the app to approve — defeats MFA fatigue attacks.
Onboarding / Offboarding Technical Product
The process of setting up (or removing) a user's accounts, devices, and access when they join or leave your organisation.
OneDrive Microsoft
Microsoft's cloud file storage for individual users. Syncs files across devices and enables sharing — with DLP policies applied in COSAINT tiers.
Operating Model Product
How we deliver. Published SLAs, monthly reporting, quarterly reviews, and a documented security baseline for every client.
Passkeys Technical
A modern, phishing-resistant replacement for passwords built on the FIDO2 standard. Uses your device's biometrics (fingerprint, face) or PIN instead of a password. Cannot be phished because the credential is cryptographically bound to the real website. Learn more
Patch Management Technical
Keeping operating systems and software up to date with security fixes. Unpatched systems are the easiest way in for attackers.
PCI DSS GRC
Payment Card Industry Data Security Standard. Security requirements for any organisation that handles credit card data. Learn more
Penetration Testing Technical
An authorised simulated attack on your systems to find vulnerabilities before real attackers do. Learn more
Phishing Technical
Fraudulent emails or messages designed to trick recipients into revealing credentials, approving MFA prompts, or installing malware. The number one attack vector for SMEs. Variants include spear phishing (targeted), whaling (executive-targeted), smishing (SMS), and vishing (voice). Learn more
Phishing-Resistant MFA Technical
MFA methods that cannot be bypassed by AiTM attacks or social engineering — specifically FIDO2 security keys, passkeys, and certificate-based authentication. The gold standard recommended by Microsoft and CISA.
Privileged Access Management Technical
Controls around admin and elevated accounts — who has them, how they're used, and how they're monitored.
QBR Product
Quarterly Business Review. A structured meeting to review service performance, security posture, and roadmap.
Ransomware Technical
Malware that encrypts your files and demands payment for the decryption key. Prevention requires layered defences — backup alone is not enough. Learn more
Risk Register GRC
A documented list of identified risks, their likelihood, impact, and the controls in place to mitigate them. A living document, reviewed quarterly.
RMM Technical
Remote Monitoring and Management. The toolset that lets us monitor, patch, and manage your devices remotely.
SCIM Technical
System for Cross-domain Identity Management. An open standard for automatically syncing user identities between systems.
Secure Score Technical Microsoft
Microsoft's security health metric. A percentage showing how well your M365 environment is protected. Our portfolio average is 77.7% vs 50.6% industry average. Learn more Related: Security Baseline Dashboard · Security Baseline Explained
Security Assessment Product
Our pre-engagement evaluation of your environment — identity, endpoint, email, data, and infrastructure — mapped to the COSAINT baseline.
Security Awareness Training Technical
Regular training for staff on recognising phishing, social engineering, and other threats. People are part of the security baseline, not just technology.
Security Baseline Technical Product
The minimum set of security controls applied to every client — MFA, endpoint protection, email security, conditional access, monitoring.
Shadow IT Technical
Technology used within an organisation without IT's knowledge or approval — personal Dropbox accounts, unapproved SaaS tools, etc.
SharePoint Microsoft
Microsoft's platform for team sites, document libraries, and intranet. The backbone of collaborative file storage in M365.
SIEM Technical
Security Information and Event Management. Collects and analyses security data from across your environment. Microsoft Sentinel is the SIEM in COSAINT Strategic. Learn more Related: COSAINT Strategic · Security Operations
SLA Product
Service Level Agreement. Defines response times, resolution targets, and service credits. Ours is published at /how-we-work/sla/. Learn more Related: SLA Performance Dashboard · What Does Managed IT Cost?
Smishing Technical
Phishing via SMS text message. Typically contains a malicious link disguised as a delivery notification, bank alert, or IT request.
SOC Technical
Security Operations Centre. The team that monitors for threats around the clock. Related: Security Operations · Security Baseline Explained
SOC 2 GRC
Service Organisation Control 2. An audit framework for service providers covering security, availability, processing integrity, confidentiality, and privacy. Learn more
Social Engineering Technical
Manipulating people into breaking security protocols — impersonation, pretexting, urgency tactics. Not all attacks are technical. Learn more
Spear Phishing Technical
A targeted phishing attack crafted for a specific individual or organisation — using personal details, job titles, or recent events to appear legitimate.
SPF / DKIM / DMARC Technical
Three email authentication standards that prevent others from sending emails pretending to be you. We configure all three in every engagement.
SSO Technical
Single Sign-On. One login to access multiple applications — reduces password fatigue and improves security. Learn more
Supply Chain Attack Technical
Compromising a trusted vendor or software provider to gain access to their customers. The SolarWinds and MOVEit incidents are prominent examples. Learn more
Tabletop Exercise Technical GRC
A discussion-based walkthrough of an incident scenario — "what would we do if..." — to test your response plan without touching real systems.
Tarbh (tarv, /t̪ˠaɾˠəvˠ/) Irish
Bull (Irish). Strength, determination, no compromise. The name of our company.
Teams Microsoft
Microsoft's collaboration hub — chat, video meetings, file sharing, and integrations. The daily workspace for most M365 organisations.
Threat Hunting Technical
Proactively searching for threats in your environment that automated tools may have missed — human-led, hypothesis-driven.
Threat Intelligence Technical
Information about current and emerging threats — attack methods, indicators of compromise, threat actor behaviour — used to improve defences.
Ticketing System Technical Product
The platform where support requests are logged, tracked, and resolved. Every COSAINT engagement includes a client-facing ticket portal.
Token Theft Technical
Stealing an authenticated session token after a user has already logged in and passed MFA. Gives the attacker full access without needing the password or MFA device. AiTM phishing and infostealer malware are common methods.
Trust Strip Product
The metrics bar on our homepage — Secure Score, CSAT, response times. Published because accountability is not optional.
vCISO Technical Product
Virtual Chief Information Security Officer. A senior security advisor on a fractional basis — strategic guidance without the full-time executive cost.
Vishing Technical
Voice phishing — a phone call where the attacker impersonates IT support, a bank, or a colleague to extract credentials or authorise actions.
VPN Technical
Virtual Private Network. Creates an encrypted tunnel between a device and your network — used for secure remote access. Learn more
Vulnerability Management Technical
The ongoing process of identifying, classifying, and remediating security weaknesses in your systems. Related: Security Operations · IT for Technology Companies
Whaling Technical
A phishing attack specifically targeting senior executives or board members — high-value targets with authority to approve payments or access sensitive data.
Windows Hello for Business Microsoft Technical
Microsoft's passwordless authentication for Windows devices. Uses biometrics (face, fingerprint) or a PIN backed by a hardware-bound credential — phishing-resistant and tied to the device. Learn more
XDR Technical
Extended Detection and Response. Correlates threat data across endpoints, email, identity, and cloud — broader than EDR alone. Learn more
Zero Trust Technical
A security model where no user or device is automatically trusted, even inside the network. Every access request is verified based on identity, device health, and context. Learn more Related: Security Baseline Explained · How We Work

Still have questions? We are always happy to explain things in plain language.

Get in Touch