Threat Description

(Generated by ChatGPT)

Threat & Vulnerability Terminology

This is a categorized reference of ways to describe a threat or vulnerability.

Describes the origin or agent of the threat.

Term	Meaning
Threat Actor	Entity (person, group, nation-state, automated bot) carrying out or intending an attack.
Adversary	Synonym for threat actor, often in military/cyber warfare contexts.
Attacker	More general; could be malicious or simply a penetration tester.
Insider Threat	Threat actor with authorized access misusing it (malicious or negligent).
Script Kiddie	Unskilled attacker using existing tools/exploits without deep understanding.
Advanced Persistent Threat (APT)	Highly skilled, resource-rich actor (often state-sponsored) with long-term goals.
Malicious Insider	Authorized individual intentionally causing harm.
Competitor Threat	Business or organization trying to gain advantage via espionage.

Describes locations or exposure points.

Term	Meaning
Attack Surface	The total set of possible points an attacker can attempt to exploit.
Exposure Point	Specific location (e.g., an open API endpoint, login page).
Entry Point	The actual first foothold used to get into a system.
Weak Link	Informal term for the most vulnerable element in the chain.
Access Vector	Pathway for gaining access (can overlap with attack vector).
Trust Boundary	Where different trust levels in systems interact (e.g., user ↔ application server).
Chokepoint	Strategic network point that can be defended or exploited.

Describes methods or paths of exploitation.

Term	Meaning
Attack Vector	The specific method or route used to exploit a vulnerability (e.g., phishing email, SQL injection).
Delivery Mechanism	How malicious content is delivered (USB drop, email attachment, watering hole site).
Kill Chain	Step-by-step process of an attack from reconnaissance to impact.
TTPs (Tactics, Techniques, and Procedures)	Behavioral patterns of an attacker (used in threat intel).
Initial Access	The first point of compromise in an intrusion.
Pivoting	Moving laterally in a network after initial compromise.
Evasion Technique	Methods for avoiding detection (e.g., obfuscation, encryption).

Describes the actual flaw or weakness.

Term	Meaning
Vulnerability	A flaw or weakness that can be exploited.
Exploit	Code or technique used to take advantage of a vulnerability.
Zero-Day	Vulnerability not yet known to the vendor or public.
Misconfiguration	Insecure system setup that opens a hole for attacks.
Weakness	General term for any security gap.
Common Weakness Enumeration (CWE)	Standardized list of software weakness types.
Software Bug	Coding error that may or may not be exploitable.
Design Flaw	Architectural weakness baked into the system design.
Insecure Dependency	Third-party library or component with vulnerabilities.

Describes how we talk about severity and context.

Term	Meaning
Threat	Potential cause of an unwanted impact.
Risk	The combination of likelihood and impact of a threat exploiting a vulnerability.
Likelihood	Probability of a threat successfully exploiting a vulnerability.
Impact	Consequence or damage caused if a threat is realized.
Threat Landscape	Overall view of active and emerging threats in a given environment.
CVSS (Common Vulnerability Scoring System)	Standard for rating vulnerability severity.
CVE (Common Vulnerabilities and Exposures)	Catalog of publicly known vulnerabilities.
ATT&CK Framework	MITRE’s structured knowledge base of attacker behavior.

Describes conditions and surroundings.

Term	Meaning
Attack Window	Period when a vulnerability is exploitable.
Threat Environment	The set of active threats relevant to a given system or organization.
Exposure	The state of being open to attack (e.g., unpatched service on internet).
Security Posture	The organization’s overall defensive readiness.
Residual Risk	Risk that remains after controls are applied.
Control Gap	Missing or insufficient security measure.