Tags
A tag is a keyword or label that categorizes your question with other, similar questions.
Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.
5679 questions
the process of establishing the authenticity of a person or other entity. Not to be confused with authorization - defining access rights to resources.
4356 questions
Specific to the security of passwords: hashing, entropy, cracking, resets, lockouts, etc.
3907 questions
An application that is accessed over a network such as the Internet or an intranet using a browser.
3292 questions
Security of network infrastructure and network traffic. For questions about security of network equipment, topology, protocols, traffic, administration, and configuration. Related tags: [packet], [firewall], [network-scanners], [network-access-control].
2793 questions
A piece of data used in public key cryptography (specifically public key infrastructures) that contains identifying information (i.e. email address or web address), a hash of a public key, and a digital signature that authenticates the data in the certificate. For questions specifically about [x509], [certificate-authority], or [public-key-infrastructure], please use those tags.
2751 questions
Malware is any software application which subverts the will of the legitimate owner of a computer, by means of force or subterfuge, with or without personal or monetary gain on the part of the creator.
2433 questions
Cryptography is the practice and study of logical means used to achieve information confidentiality, integrity and authenticity. It covers, among other things, encryption (making some data unreadable except for those who know a given secret element, called a key), data hashing (in particular for password storage) and digital signatures (provable integrity and authenticity with non-repudiation).
2304 questions
A hash algorithm is a function which takes a variable size input and produces a fixed size output. The algorithm tries to make it difficult to predict the output for a given input, find two inputs with the same output, or reconstruct the input from the output.
2201 questions
Related to security concerns specific to the Microsoft Windows operating system itself. For security of applications that happen to be running on Windows, please use [appsec]. For the X Window System, please use [x11].
2137 questions
Securing Linux systems and applications; understanding Linux security features.
2042 questions
The attribute of a system that prevents the release of data to unauthorized individuals.
The ability or expectation of an individual or group to reveal information about themselves selectively or not at all.
1919 questions
A web browser is an application which uses HTTP and related protocols to retrieve HTML and XML data from servers. As the web has become a critical source of information and communication, web browsers have become a critical component in information request, transfer and management.
1603 questions
Security aspects concerning code written in the programming language PHP which is often used for web applications.
1592 questions
Cross-Site Scripting: An attack method that involves injection of code or markup into a webpage. There are three major types of XSS: Reflected XSS, Stored XSS (aka persistent XSS) and DOM-based XSS (aka client side XSS).
1463 questions
Definition: HTTP - the Hypertext Transfer Protocol - provides a standard for Web browsers and servers to communicate. The definition of HTTP is a technical specification of a network protocol that software must implement.
HTTP is an application layer network protocol built on top of TCP. HTTP clients (such as Web browsers) and servers communicate via HTTP request and response messages. The three main HTTP message types are GET, POST, and HEAD.
1415 questions
Questions tagged [Android] should focus on security of the operating system itself, or of Android-specific apps. Questions about Android that are not directly security-related should be asked at android.stackexchange.com.
1314 questions
The common name for the language used primarily for scripting in web browsers. It is not related to the Java language. Standardized as ECMAScript, its dialects/implementations include JavaScript and JScript.
1306 questions
This tag is applied to questions related to various VPN types such as PPTP or IPSec.
1305 questions
A man-in-the-middle attack (MiTM) is an attack against a communication protocol where the attacker relays and modifies messages in transit. The parties believe they are talking to each other directly, but in fact both are talking to each other via the attacker in the middle.
1302 questions
A public-key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). There are three main categories of PKI: Web / SSL certs, corporate networks, and Government ID / ePassport.
1295 questions
The functions performed by the person or processes responsible for security of passwords on a given system.
1271 questions
The data, tools, and procedures which, when applied to a specific vulnerability, predictably violate the security design of a system.
1264 questions
An attempt to penetrate a system's security in an effort to evaluate the protections in place.
1261 questions
A Certificate Authority is the collection of hardware, software, and people responsible for issuing certificates in a hierarchical PKI. CAs may be public, as in SSL / TLS and government IDs, or private, as in corporate infrastructures. The primary responsibility of a public CA is to verify the identity of an applicant before issuing them a certificate.
1234 questions
OpenSSL is an open-source implementation of basic cryptographic primitives, X.509 certificate utilities, and SSL and TLS protocols.
1223 questions
An attempt to exploit a weakness in a system, either for nefarious or research reasons. Questions with this tag should be about designing, carrying out, or defending against the attack itself, rather than about the underlying weakness.
1221 questions
SSH (Secure shell) is a protocol for secure communication between computers to execute remote commands, transfer data and tunnel TCP connections.
1162 questions
Security in mobile devices. Issues concerning regular cellphones, smartphones, tablet computers and other portable information devices all fit into this category. If your question is specific to one of the following, use it instead: [phone], [smartphone], [iphone], [ios], [windows-phone], [android].
1042 questions
A weakness or flaw in computer software and hardware which allows an attacker to take advantage of (exploit) a targeted system.
977 questions
A computer virus is a program or piece of code that tends to be malicious and is loaded onto your computer without your knowledge and runs against your wishes.
969 questions
Application security - Specific to security concerns for an application that are independent from the underlying operating system, or surrounding infrastructure. Pertains to the design / architecture, source code, patching and maintenance cycle, or deployment and configuration of this software.
956 questions