Chat with us, powered by LiveChat



Artificial Intelligence: the development of computer systems able to perform tasks that normally require human intelligence

Apples to Apples

A comparison that occurs to demonstrate that 2 items or 2 groups of items are the same. This is usually expressed in a sales discussion as in “Let’s compare apples to apples”. RedLegg is currently seeking an alternative to this phrase.

Application Testing

Process which applications are tested for quality, functionality, compatibility, usability, performance, and other characteristics


Commonly misunderstood acronym for Advanced Persistent Threat. You’re going to have to call us for the full definition.


RedLegg-created methodology that takes a holistic approach to risk management by focusing on 5 key components: Assess, Remediate, Monitor, Educate, Enforce.


Process of establishing who is behind a cyber attack

Back door

A way to enter a program that doesn’t require authentication. Opposite of front door.

Best Practices

Commonly used term loosely defined that allows technology practitioners to instill their sense of truth and justice.


A form of online currency, often used as the ransom in ransomware attacks


Cloud Security Alliance. A not-for-profit organization with a mission to promote the use of best practice for providing security assurance within Cloud Computing & to provide education on the uses of Cloud Computing to help secure all forms of computing.


Certificate of Cloud Security Knowledge


Common Vulnerability and Exposures: a catalog of known and common security threats

Dark Web

Websites that are only accessible through specialty networks (not assessable through google)



Data Storage

Anything with information recorded on it.

Digital Security Services

Security tool, engineering, documentation, and executive advisory services to meet critical cybersecurity needs


The process of scrambling data or messages to make it unreadable or secret


A part of computer system/network that is designed to block unauthorized access while permitting outward communication

Gap Assessment

Analysis that compares your current security state against common frameworks or security best practices.


Someone who breaks into systems and exploit the details of programmable systems and how to stretch their capabilities.

Incident Response

Organized approach to addressing and managing the aftermath of a security breach or cyberattack in a way that limits damage and reduces recovery time and costs.

Information Security Services

Comprehensive and holistic approach to protecting individuals and firms from cyber attacks.


Abbreviation for “information security”.

Internet of Thing (IoT)

Refers to the continually growing network of physical objects that have internet connectivity, and the communication that occurs between these objects and other internet devices

Log Source

The automatically produced and time-stamped documentation of events relevant to a system.


Abbreviation for “malicious software”.

Managed Decection and Response

All-encompassing cybersecurity service used to detect and respond to threats.

Managed Security Services

Overseeing of a company’s network and information system security.

Network Configuration

Process of setting a network’s controls, flow, and operation.


Abbreviation for “operational security”.


Piece of software designed to update a computer program to fix/improve it.

Penetration Testing

An attacker reaches out trying to obtain specific information that can be used in a larger attack.

Phishing Test

Purposely trying to hack into your own network to discover loopholes within its security framework.

Policy Framework Development

Help organizations to properly articulate the organization’s desired behavior, mitigate risk and contribute to achieving the organization’s goals.


A type of malware that locks your computer and won’t let you access your files until a ransom is paid.


RedLeg (one g) is slang for military artillery personnel.

RedLegg Mission

Improve client’s security posture by providing superior security services.

RedLegg Vision

To provide a balanced and holistic approach to assessing, building and maintaining our client’s security needs. Evoloving security practice & improving operational security.

Risk Analysis

The review of the risks associated with an event or action.

Risk Assessment

Formal evaluation of an organization’s information security program that quantifies the risk by evaluating assets that need protection, the threats to those assets, and the likelihood and impact should those threats could be realized.

Secure Code Review

A specialized task involving manual and/or automated review of an application’s source code to identify security-related weaknesses.

Risk Assessment

Individual who is responsible for maintaining the security of a company’s computer system.


“Security Information and Event Management” provides real-time analysis of security alerts.

Social Engineering

Phone call/email phishing attempts to extract information that would be useful for a larger attack.


Hackers can manipulate their email address to help them trick people in a social engineering attack.

Threat Intelligence

Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard.

Threat Modeling

Procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system.

Two-factor Authentication

An extra layer of security above and beyond the traditional username and password.

Tradecraft Labs

One of three divisions of RedLegg. Tradecraft Labs handles pentests and application security.

UTM Management

Devices are traditional firewalls that include additional security features such as, network intrusion prevention, gateway antivirus, gateway anti-spam, VPN, content filtering, load balancing, data loss prevention, and data collection with reporting.


Virtual CISO: CISO-level strategic advice to operational expertise, this program allows an organization to obtain expertise and experience in one or multiple sections of information assurance.


A type of malware that typically is embedded and hidden in a program or file.


Abbreviation for “virtual private network”; uses encryption to create a private and secure channel to connect to the internet when you’re on a network that you do not trust.

Vuln Scan

“Vulnerability Scan”.

Vulnerability Management

Cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities.