Glossary
The vocabulary of data security & AI governance.
47+ definitions across DSPM, DLP, compliance, insider risk, and more — written for security teams and business leaders alike.
AI-Native Security
AI-native security uses machine learning at its core to detect threats through behavior and context—go beyond rules and improve accuracy in modern environments.
Alert Fatigue in Cybersecurity
Alert fatigue in cybersecurity explained. Learn why excess low-quality alerts overwhelm teams and how context-driven detection improves response.
Automated Data Discovery
Automated data discovery continuously finds sensitive data across every environment — no manual scans, no agents, no gaps between what you know and what exists.
Behavioral Analytics in Security
Behavioral analytics in security explained: detect insider threats and anomalies using identity baselines, sequence detection, and data context. Learn how it works.
Blast Radius in Cybersecurity
Blast radius in cybersecurity explained: learn how to measure incident impact, track data spread, and reduce exposure with lineage and least privilege controls.
DPDP
DPDP governs personal data of Indian citizens worldwide. Learn how it differs from GDPR, what consent and breach rules require, and the penalties for non-compliance.
Data Breach
Data breach explained with causes, costs, and response strategies. Learn how to detect incidents faster, limit impact, and meet compliance requirements.
Data Classification
Data classification labels drive every security decision downstream. Why accuracy here determines whether your entire security stack works.
Data Detection and Response
Data Detection and Response (DDR) identifies active data threats, analyzes behavior patterns, and triggers fast containment to prevent breaches. Learn how DDR works.
Data Discovery
Data discovery locates sensitive data across cloud, SaaS, and on-prem before you can classify, govern, or protect it. Here's what full coverage requires.
Data Exfiltration
Data exfiltration explained: how sensitive data leaves systems, why tools miss it, and how to detect risky behavior patterns before loss occurs.
Data Governance
Data governance sets the policies that data security enforces. Without it, access controls and DLP have nothing meaningful to act on.
Data Inventory
A data inventory documents what data you hold, where it sits, and what regulations apply. Learn why manual maintenance fails and what compliance actually requires.
Data Lineage
Data lineage tracks every movement, transformation, and access event across a dataset's life. See why security lineage demands more than governance tools provide.
Data Loss Prevention
Data Loss Prevention (DLP) helps stop sensitive data leaks by monitoring movement across email, cloud, and endpoints with accurate, policy-based controls.
Data Mapping
Data mapping documents how personal data flows between systems, processors, and third parties. Learn what GDPR Article 30 requires and why manual mapping fails.
Data Masking
Data masking replaces real sensitive values with realistic fakes protecting production data in dev and test environments without breaking application workflows.
Data Provenance
Data provenance documents where data came from, who handled it, and whether that history is defensible the record regulators and courts actually require.
Data Security Platform
A data security platform unifies discovery, classification, monitoring, and protection of sensitive data across cloud, SaaS, and endpoints. Learn how it works.
Data Security Posture Management
Understand DSPM and why it matters for data security: continuous data discovery, contextual risk scoring, compliance mapping, and automated controls to reduce breach risk.
Data Sprawl
Data sprawl grows when data copies outpace governance. Learn why that gap between what exists and what's classified is where breaches actually happen.
Data Tokenization
Data tokenization replaces sensitive values with non-sensitive tokens, keeping originals in a secure vault. See how it reduces PCI DSS scope and breach impact.
Database Activity Monitoring
Database Activity Monitoring (DAM) tracks and analyzes database access in real time to detect misuse, insider threats, and anomalies. Learn how it works.
End-Point DLP
Endpoint DLP protects sensitive data on devices by monitoring file activity, USB transfers, and clipboard actions to stop leaks before data leaves. Learn more.
Exfiltration Vector
Exfiltration vectors explained — why permitted channels are harder to detect than blocked ones, and why sequence-based detection is what actually catches modern data theft.
GDPR
GDPR governs how organisations handle EU residents' personal data worldwide. Learn the seven principles, lawful bases, breach rules, and what compliance requires.
GRC
GRC unifies governance, risk, and compliance to cut audit fragmentation and map control evidence across regulatory frameworks like GDPR, PCI DSS, and SOC 2.
Incident Response
How incident response works: the six phases, why data incidents break standard IR frameworks, and what fast investigation actually requires.
Insider Threat Detection
Insider threat detection identifies risky user behavior across data and systems to prevent misuse, data theft, and reduce detection time effectively.
Intent Modeling
Intent modeling goes beyond access control — evaluating sequences of permitted actions to detect when legitimate access drifts into misuse before data leaves the environment.
PCI DSS
PCI DSS governs how organisations handle payment card data. Learn the 12 requirements, compliance levels, and why scope definition determines whether you pass.
Personally Identifiable Information
PII covers more than names and ID numbers. What counts as personally identifiable information across GDPR, DPDP, and CCPA and why accuracy matters.
Protected Health Information
PHI is health information linked to an individual identity and learn what HIPAA's 18 identifiers cover, who must comply, and what a breach actually requires.
SOC 2
SOC 2 is an audit report, not a certification. Learn the five Trust Service Criteria, Type I vs Type II differences, and what evidence auditors actually require.
SOX Compliance
SOX links financial reporting to IT controls. Learn what Section 404 auditors test and why evidence gaps are where most programmes fail.
Security Posture
Security posture measures your organization’s defense strength across controls, configurations, exposure, and response—continuously monitor and reduce risk.
Semantic Data Classification
Semantic data classification identifies sensitive data by meaning, not pattern matching — see why it achieves 95–98% accuracy where rule-based tools fall short.
Sensitive Data
Sensitive data spans regulated PII, business-confidential records, and technical secrets. Learn what each domain requires and why context determines classification.
Shadow AI
Shadow AI creates a data exfiltration surface that conventional DLP tools can't see. Learn what governance actually requires beyond blocking.
Shadow Data
Shadow data is sensitive data outside your governed perimeter — created by normal operations, invisible to DLP, and often the easiest path for attackers.
Ready to see Matters
in Action?
Join a specialized 30-minute walkthrough.
No sales fluff, just pure visibility and security intelligence.