Security-Architecture
Attack Surface — The Total Exposure Points an Adversary Can Target
Attack Surface refers to the sum of all possible entry points where an unauthorized user can attempt to access or exploit a system. This SECMONS glossary entry explains digital, physical, and human attack surfaces, how exposure evolves over time, and how defenders reduce risk through systematic surface reduction.
Authentication vs Authorization — Verifying Identity vs Granting Access
Authentication and Authorization are distinct security concepts: authentication verifies identity, while authorization determines access rights. This SECMONS glossary entry explains the difference, common implementation flaws, and how misconfigurations lead to security incidents.
Zero Trust — Security Model Based on Continuous Verification and Least Privilege
Zero Trust is a security model that assumes no user, device, or system is inherently trusted, even inside the network perimeter. This SECMONS glossary entry explains Zero Trust principles, architectural components, and how it reduces attack surface and lateral movement risk.