Hydden’s definitions, terminology, and glossary topics are alphabetically sorted and organized in table format. The documentation portal allows easy lookup through the built-in search option.
What is Hydden
Hydden is the Identity Visibility Company and continuous discovery platform providing 100% visibility into every identity, account, and privilege across a corporate infrastructure. Hydden was created to provide IAM teams with a unified platform to uncover identity threats and best practice violations continuously so that security teams better understand their identity ecosystem and can proactively remediate issues.
Glossary
A
Term
Description
Access Control
In cybersecurity, access control is a security framework that determines who has access to resources through authentication and authorization rules. Access controls authenticate users by verifying login credentials, such as usernames, passwords, PINs, security tokens, and biometric scans.
Access Risk
Access risk in cybersecurity is the potential for unauthorized or inappropriate access to systems, data, or resources. It encompasses the likelihood that vulnerabilities in access controls could be exploited by malicious actors or accidental misuse by authorized users. This risk can lead to data breaches, system disruptions, financial loss, and reputational damage.
Authentication
In cybersecurity, authentication is the process of verifying the identity of a user, device, or process before granting access to a system or resource.
C
Term
Description
Cloud
Cloud services are infrastructure, such as servers, computers, or software hosted by third-party providers and made available to users through the internet. Cloud services can be public or private.
Continuous Discovery
Continuous discovery of identities, in the context of cybersecurity, refers to the ongoing process of identifying, verifying, and managing the identities of individuals, devices, and systems within an organization’s network. It involves using various techniques and technologies to collect and analyze data about entities and their interactions, allowing for the identification of new or unknown identities that may pose a security risk.
Continuous Identity Hygiene
Organizations must continually maintain their overall identity hygiene through continuous discovery, inventory, and monitoring of accounts to reduce overall cyber risk. The barriers to mature identity hygiene are the time-consuming and manual processes required to comply with internal and external requirements. Implementing strong security controls, auditing of user accounts and access, user and machine account lifecycle management, and ongoing monitoring and incident response typically involve multiple security products and expert analysts.Hydden acts as a force multiplier for your identity team, automating what would otherwise be time-consuming and manual tasks necessary to maintain proper identity hygiene.
The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.
D
Term
Description
Data Source
Hydden uses the term data source for data collection endpoints at which collectors gather account details for security analysis. The data source is configured by users based on their operational needs to collect data from platforms like Azure, Okta, AD, etc.For a complete list of available options, refer to Modules
E
Term
Description
Exposure
Exposure in Cybersecurity refers to the state of being vulnerable or accessible to unauthorized access, use, disclosure, disruption, modification, or destruction of information or systems. In the context of accounts and identities, it specifically denotes the potential for an individual’s or system’s credentials, data, or privileges to be compromised or misused.
I
Term
Description
Identity Attack Surface
The Identity Attack Surface includes all systems of a corporate network, on-premises and/or cloud, that authenticates user-controlled or automated interactions and grants access to corporate system based on that authentication. It is crucial for organizations to proactively manage and understand their specific attack surface. That understanding is key to limiting all potential points of exposure. By being informed and knowledgeable about the particulars of their Identity Attack Surface, organizations can take effective steps to prevent unauthorized access and misuse of user identities.
Identity Federation
Trust relationships between different identity domains or systems to enable seamless and secure access across organizational boundaries.
Identity Lifecycle Management
Managing the entire lifecycle of user identities, from onboarding to offboarding, including periodic reviews and updates to access privileges.
Identity Threat
A cybersecurity risk that exploits a person’s or system’s identity to gain unauthorized access to sensitive information or resources. Common identity threats involve stealing, compromising, or impersonating identities to circumvent security controls and execute malicious activities.- Credential theft: Stealing usernames and passwords to access accounts.- Phishing: Deceiving users into revealing personal information through fraudulent emails or websites.-Impersonation: Pretending to be someone else to gain trust and access.- Account takeover: Compromising existing accounts for malicious purposes.-Insider threats: Employees or contractors misusing their authorized access.Protecting against identity threats requires strong identity and access management practices, such as multi-factor authentication, password policies, regular security awareness training, and constant review and adjustments of existing policies.
O
Term
Description
on-premises or on-prem
On-premises/on-prem refers to technology, such as systems and software, installed within the physical confines of organizations.
T
Term
Description
Threat
A natural or man-made occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, or property.
Threat Rules
Threat rules are predefined sets of conditions and actions designed to detect and respond to potential security threats related to identity and access management. These rules are typically implemented within an identity and access management (IAM) system to monitor user behavior, system activity, and other relevant data for anomalies or suspicious patterns that may indicate a security breach.Key components of threat rules include:- Conditions: Specific criteria or patterns that trigger the rule, such as failed login attempts, unusual access patterns, or suspicious geographic locations.- Actions: Responses to a rule being triggered, which can include blocking access, generating alerts, initiating investigations, or applying additional authentication factors.Risk scoring: A mechanism to prioritize threats based on their potential impact and likelihood.