Web-Security

Cross-Site Scripting (XSS) is a web vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. This SECMONS glossary entry explains how XSS works, its types, real-world impact, and how defenders can prevent it.

A drive-by compromise is an attack technique where a victim’s system is compromised simply by visiting a malicious or compromised website. This SECMONS glossary entry explains how drive-by attacks work, how they relate to browser vulnerabilities and zero-days, and what defenders should monitor.

An exploit kit is a toolkit hosted on attacker-controlled infrastructure that automatically scans visiting systems for vulnerabilities and delivers exploits without user interaction beyond visiting a page. This SECMONS glossary entry explains how exploit kits work, their role in drive-by compromise campaigns, and why patch velocity is critical.

A watering hole attack is a targeted strategy where attackers compromise a website frequently visited by a specific group and use it to deliver exploits or malware. This SECMONS glossary entry explains how watering hole attacks work, how they differ from mass exploit kits, and how defenders can detect and mitigate them.

Browser Isolation is a cybersecurity technique that separates web browsing activity from the user's local system in order to prevent web-based threats such as malware, phishing, and drive-by exploits from reaching the endpoint.

Drive-by compromise is an attack technique where malicious code is delivered to victims simply by visiting a compromised or malicious website, often exploiting browser vulnerabilities.

Browser exploitation refers to attacks that target vulnerabilities in web browsers, plugins, or browser components to execute malicious code, steal credentials, or deliver malware to victims.

A Secure Web Gateway (SWG) is a cybersecurity control that monitors and filters web traffic to protect users and systems from malicious websites, malware downloads, and data exfiltration.