The information security sector uses many terms specific to this field of activity.

We explain here some terms and concepts frequently used on our website, so that everyone can familiarize with the main terms used.
This page will be progressively completed, don’t hesitate to let us know which terms you would like to see there too.


A denial of service attack aims to make unavailable a server, a network, an application, either by overloading equipment (bandwidth, firewall…) or by targeting a vulnerability. The attack comes from a single machine.
A distributed denial of service has the same goal as a DoS attack, to make unavailable a server, a service, an application, but the attack comes this time simultaneously from many machines.
Manipulation techniques that aim to influence the contacts’ behavior in order to obtain confidential information or to make them carry out actions that could lead to a security incident, in the context of a cyberattack.
An injection type attack that aims to interact with the application’s database, through the application’s functionalities.
A logic flaw is found when a logic step or a workflow can be avoided, or when the expected behaviour of a site or application can be bypassed.
Penetration Test. A security evaluation method that consists in simulating malicious attacks in order to detect vulnerabilities of an application or a system.
Email attack sent to a larger number a people.
Targeted and personalized attack sent per email to a small number of people.
Open Web Application Security Project.
A free community working on the security of Web applications. Its publications are recognized for their value, such as the Top 10 which lists the main security flaws in web applications.
Voice phishing. Equivalent of phishing used in social engineering attacks.
An attack consisting of inserting dangerous content into a target site. It can result in total modification of the site’s content or in data theft.
Contact us