N2K Networks

Word Notes

A fun and informative cybersecurity audio glossary from N2K.

Author

N2K Networks

Category

Technology

Podcast website

thecyberwire.com

Latest episode

Jul 7, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Universal 2nd Factor (U2F) (noun) 15.07.2025

Please enjoy this encore of Word Notes. An open standard for hardware authentication tokens that use the universal serial bus, or USB, near-field communications, or NFCs, or Bluetooth to communicate one factor in a two-factor authentication exchange. Cyberwire Glossary link: ⁠https://thecyberwire.com/glossary/u2f⁠ Audio reference link: “⁠Rise of the Machines: A Cybernetic History⁠,” by Thomas Rid,...

adversary group naming (noun) 08.07.2025

Please enjoy this encore of Word Notes. A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain. Learn more about your ad choices. Visit megaphone.fm/adchoices

BSIMM (noun) 01.07.2025

Please enjoy this encore of Word Notes. A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/bsimm⁠ Audio reference link: “⁠OWASP AppSecUSA 2014 - Keynote: Gary McGraw - BSIMM: A Decade of Software Security⁠.” YouTube Video. YouTub...

OWASP vulnerable and outdated components (noun) 24.06.2025

Please enjoy this encore of Word Notes. Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discovered vulnerabilities or because newer versions have superseded the deployed version.  Audio reference Link: "⁠The Panama Papers: A Closer Look⁠," Late Night with...

OWASP software and data integrity failures (noun) 10.06.2025

Please enjoy this encore of Word Notes. Code and data repositories that don't protect against unauthorized changes. Learn more about your ad choices. Visit megaphone.fm/adchoices

OWASP server-side request forgery (noun) 03.06.2025

Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.  Learn more about your ad choices. Visit megaphone.fm/adchoices

OWASP security logging and monitoring failures (noun) 27.05.2025

Please enjoy this encore of Word Notes. The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.  Learn more about your ad choices. Visit megaphone.fm/adchoices

OWASP identification and authentication failures (noun) 20.05.2025

Please enjoy this encore of Word Notes. Ineffectual confirmation of a user's identity or authentication in session management. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure⁠ Audio reference link: “⁠Mr. Robot Hack - Password Cracking - Episode 1⁠.” YouTube Video. YouTube, September 21, 2016. Learn more about your ad choices. Visit megaph...

Log4j vulnerability (noun) 13.05.2025

Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/log4j⁠ Audio reference link: “⁠CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her Career⁠,” by Eamon Javers (CNBC) and Jen Easterly...

OWASP broken access control (noun) 06.05.2025

Please enjoy this encore of Word Notes. Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.  Learn more about your ad choices. Visit megaphone.fm/adchoices

OWASP security misconfiguration (noun) 29.04.2025

Please enjoy this encore of Word Notes. The state of a web application when it's vulnerable to attack due to an insecure configuration.  CyberWire Glossary link: ⁠⁠https://thecyberwire.com/glossary/owasp-security-misconfiguration⁠⁠ Audio reference link: ⁠⁠“What Is the Elvish Word for Friend?”⁠⁠ Quora, 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices

OWASP insecure design (noun) 22.04.2025

Please enjoy this encore episode of Word Notes. A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design Audio reference link: “Oceans Eleven Problem Constraints Assumptions.” by Steve Jones, YouTube, 4 November 2015. Learn more about your ad choices. Visit...

OWASP injection (noun) 15.04.2025

Please enjoy this encore of Word Notes. A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality.  CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-injection Audio reference link: “APPSEC Cali 2018 - Taking on the King: Killing Injection Vulnerabilities” YouTube Video. YouTube, March 19, 201...

OWASP cryptographic failures (noun) 08.04.2025

Please enjoy this encore of Word Notes. Code that fails to protect sensitive information.  CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure Audio reference link: Vandana Verma. “OWASP Spotlight - Project 10 - Top10.” YouTube Video. YouTube, January 4, 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices

account takeover prevention (noun) 01.04.2025

Enjoy this encore of Word Notes. The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim.  CyberWire Glossary link: https://thecyberwire.com/glossary/account-takeover-prevention Learn more about your ad choices. Visit megaphone.fm/adchoices

threat hunting (noun) 25.03.2025

Please enjoy this encore of Word Notes. The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats.  CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting Audio reference link: “My ‘Aha!" Moment - Methods, Tips, & Lessons Learned in Threat Hunting - sans Thir Summit...

vulnerability management (noun) 18.03.2025

The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this. CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management Audio reference link: “Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5.” YouTube, YouTube, 11 Nov. 2017, Learn more about your ad choices. Visit megaphone.fm/adchoices

software bill of materials (SBOM) (noun) 11.03.2025

Please enjoy this encore of Word Notes. A formal record containing the details and supply chain relationships of various components used in building software.  Learn more about your ad choices. Visit megaphone.fm/adchoices

zero trust (noun) 04.03.2025

Please enjoy this encore of Word Notes. A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more.  Learn more about your ad choices. Visit megaphone.fm/adchoices

OT security (noun) 25.02.2025

Please enjoy this encore of Word Notes. Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.  Learn more about your ad choices. Visit megaphone.fm/adchoices

cybersecurity skills gap (noun) 18.02.2025

Please enjoy this encore episode of Word Notes. The difference between organizational employee job requirements and the available skillsets in the potential employee pool. Learn more about your ad choices. Visit megaphone.fm/adchoices

digital transformation (noun) 11.02.2025

Please enjoy this encore episode of Word Notes. The use of technology to radically improve the performance or reach of the business.  Learn more about your ad choices. Visit megaphone.fm/adchoices

bulletproof hosting (noun) 04.02.2025

Please enjoy this encore episode of Word Notes. Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors. Learn more about your ad choices. Visit megaphone.fm/adchoices

endpoint security 28.01.2025

The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Executive Order on Improving the Nation's Cybersecurity (noun) 21.01.2025

President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Listen to the Word Notes podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.