• About us
  • Newsroom
  • Careers
  • Become a partner
  • Search
Compute
High-performance, scalable computing resources for your critical workloads. Orchestrate your cloud-native applications with our modern container solutions.
Discover the Compute offer
Virtual machines
VM Instances
An on-demand, flexible and secure virtual machine solution on a shared infrastructure.
Dedicated servers
OpenSource IaaS
Open source virtualised infrastructure in a trusted SecNumCloud-qualified cloud environment for complete technological sovereignty.
VMWare IaaS
Your VMware virtual machines in a trusted SecNumCloud-qualified and HDS-certified cloud environment.
Bare Metal
Dedicated, fully customisable servers for total autonomy over your sovereign infrastructure.
Containers
PaaS OpenShift
The unified platform for creating, modernising and deploying your large-scale applications in a sovereign cloud.
Managed Kubernetes
Managed container orchestration solution offering security, resilience and advanced automation on sovereign infrastructure.
Storage
Adaptable, high-performance storage solutions for all your needs. Optimise your data with our highly available block and object solutions.
Discover our Storage offer
Storage
Block storage
The adaptable block storage solution for optimum storage performance in a sovereign cloud.
Object storage
The scalable, cost-effective storage solution for your unstructured data in a sovereign cloud.
Backup
Backup solutions
Differentiated backup solutions tailored to your challenges and environments
Network
Advanced network solutions to connect and secure your infrastructures. Deploy your private networks automatically and securely.
Discover the Network offer
Network
Virtual Private Cloud
Deploy and manage your private networks 100% automatically and securely.
Private Backbone
Take full control of your network with extended Layer 2 connectivity, designed for hybrid architectures and bespoke configurations.
Firewall
Managed Firewall
Advanced security solutions for complete insulation and enhanced protection
Accommodation Dry
Housing - Dedicated space
Secure hosting for your equipment in a dedicated or shared environment, depending on your needs.
Security
Advanced security solutions to protect your critical infrastructures. Control access and defend against online threats.
Discover the Security offer
Security
Anti DDoS
The shield against online attacks
Bastion host
Transparent, centralised access control for robust protection of your infrastructure
Managed KMS
Sovereign cryptographic key management, with HSM hardware root of trust, to protect your most sensitive data on SecNumCloud infrastructure.
Managed SIEM
A centralised platform for collecting and correlating security logs, combining AI-based automation and advanced detection rules (MITRE ATT&CK).
AI
Artificial intelligence solutions to transform your data into insights and accelerate your business processes.
Discover the AI offer
AI
LLMaaS
Access cutting-edge language models on a sovereign, SecNumCloud-qualified and HDS-certified infrastructure for high-performance, secure AI applications.
GPU
NVIDIA GPU instances to accelerate your artificial intelligence and high-performance computing in a sovereign cloud.
Data
Data solutions to manage, analyse and exploit your critical data.
Discover the Data offer
Databases
Managed MariaDB
A fully managed MariaDB relational database and PITR backup on SecNumCloud sovereign infrastructure.
Managed PostGreSQL
The fully managed relational database solution on SecNumCloud sovereign infrastructure
Big Data
Managed Kafka
The open-source distributed platform for streaming data in real time
Managed File System
A managed, sovereign, high-availability distributed file system, accessible via NFS and SMB on the SecNumCloud infrastructure.
Management & Governance
Coaching and support services to help you with your cloud transformation.
Find out about our support services
Support
Support levels
Discover the 3 levels of support available to help you meet your challenges.
Professional services
From design to optimisation, Cloud Temple is with you every step of the way.
Governance
Console - API - Terraform Provider
A single interface for viewing and managing your products and services
Observability
Infrastructure metrics available in market standards
About us
The company
Who are we?
Management team
Locations
CSR commitments
Sectors
Public sector
Healthcare
Financial sector
Industry
Our approach
Our compliance procedures
Our SecNumCloud approach
Trusted AI
Interoperability & hybridity
Transparency in the processing of health data
Newsroom
The magazine
Events & Webinars
Press releases
In the media
Knowledge database
Careers
Working at Cloud Temple
Join us
Become a partner
Software publishers
Managed Services Providers
FR AT FROM IT
Contact
The magazine > Understanding key cybersecurity concepts: an essential glossary for IT professionals

As businesses rely more and more on cybersecurity services and solutions, mastery of key concepts is becoming essential. This detailed glossary provides IT professionals with a better understanding of fundamental concepts to enable them to make informed decisions. 

Protection and access control 

Bastion host  

A bastion is a dedicated server that serves as a secure entry point to the corporate network. Similar to a security gateway, it filters and controls all external access to internal resources. This architecture strengthens security by creating a monitored buffer zone between the Internet and sensitive systems. 

Firewalls  

The firewall is the network's first line of defence. It analyses incoming and outgoing traffic in real time according to precise rules. New generation firewalls (NGFW) incorporate advanced features such as deep packet inspection, intrusion detection and application filtering. 

Network micro-segmentation  

This technique involves dividing the network into isolated, controlled zones. Each segment can have its own security rules, limiting the spread of potential threats. This "zero-trust" approach assumes that no zone is totally secure and requires systematic authentication. 

Multi-factor authentication (MFA)

Multi-factor authentication is a security method that requires at least two distinct proofs of identity to access a system. These factors generally fall into three categories: something you know (password), something you have (smartphone) and something you are (fingerprint).

Role-based access control (RBAC)

RBAC is an authorisation management model that assigns access rights according to the user's role in the organisation. Permissions are grouped by role rather than distributed individually, simplifying administration and reducing the risk of errors in assigning access rights.

Virtual Private Network (VPN)

A VPN creates a secure, encrypted communication tunnel between two points on the Internet. It enables remote users to access corporate network resources as if they were physically connected to it, while protecting the confidentiality of transmitted data and masking the originating IP address.

Identity and key management 

IAM (Identity and Access Management)  

IAM centralises the management of identities and access rights. It defines who can access which resources, when and how. This system is crucial for applying the principle of least privilege and guaranteeing traceability of access. 

HSM (Hardware Security Module)  

The HSM is a highly secure physical device dedicated to protecting cryptographic keys. Resistant to physical intrusion attempts, it guarantees the integrity of critical cryptographic operations such as electronic signatures or encryption of sensitive data. 

KMS (Key Management Service) 

A cloud solution for centralised management of cryptographic keys, KMS automates the creation, rotation and deletion of keys. It simplifies data encryption while ensuring high availability and complete traceability. 

Identity federation (SAML, OAuth)

Identity federation is a system that enables users to access several applications or services with a single set of credentials. It relies on standardised protocols such as SAML (Security Assertion Markup Language) or OAuth to securely share authentication information between different organisations while preserving the confidentiality of identification data.

Privileged Access Management (PAM)

PAM is a set of processes and technologies for securing, controlling and monitoring access to high-privilege accounts within an organisation. It includes features such as automatic password rotation, logging of privileged sessions and temporary allocation of access rights.

Incident monitoring and response 

SIEM (Security Information and Event Management)  

The SIEM aggregates and analyses security logs from the entire infrastructure in real time. It correlates events to detect suspicious behaviour and alert teams. This global view enables security incidents to be identified quickly and responded to effectively. 

SOAR (Security Orchestration, Automation, and Response)  

The SOAR automates responses to common security incidents. It integrates the various security tools and coordinates their actions. This orchestration reduces the time taken to respond to threats and frees teams from repetitive tasks so that they can concentrate on complex incidents. 

BAS (Breach & Attack Simulation)  

The BAS reproduces attack scenarios in a controlled and continuous manner. It automatically tests the defences in place by simulating real attacker techniques. These tests enable weaknesses to be proactively identified before they are exploited. 

Endpoint Detection and Response (EDR)

EDR is an advanced security solution that continuously monitors endpoints (workstations, servers, mobile devices) to detect and respond to sophisticated threats. It combines behavioural data collection, real-time analysis and response automation. Unlike traditional antivirus solutions, EDR provides complete visibility of the attack chain, detection of behavioural anomalies and the ability to carry out in-depth investigations. Automated response capabilities enable you to quickly isolate a compromised workstation or block the spread of a threat.

Data protection and business continuity 

DLP (Data Loss Prevention)  

DLP monitors and controls sensitive data flows. It identifies, traces and blocks attempts to leak information, whether accidental or malicious. These tools apply to data in motion, at rest and in use. 

Virtualisation infrastructures  

Virtualisation makes it possible to create isolated and flexible IT environments. It optimises the use of physical resources by sharing them securely between several virtual systems. This technology is fundamental to the cloud and facilitates disaster recovery. 

PCA/PRA/PUPA  

These complementary plans ensure the resilience of the organisation: 

  • The Business Continuity Plan (BCP) defines the procedures for maintaining essential services in the event of a crisis. 
  • The Disaster Recovery Plan (DRP) details the restoration of systems after a major incident 
  • The Emergency and Business Continuity Plan (PUPA) combines these aspects in a global approach 

 Encryption systems  

Encryption systems transform readable data into encrypted format using complex mathematical algorithms. Symmetric encryption uses a single key to encrypt and decrypt, ideal for large volumes of data. Asymmetric encryption, which uses public/private key pairs, is particularly suitable for secure exchanges.

Catégories
Cybersecurity & Compliance
The magazine
Cookie policy

We use cookies to give you the best possible experience on our site, but we do not collect any personal data.

Audience measurement services, which are necessary for the operation and improvement of our site, do not allow you to be identified personally. However, you have the option of objecting to their use.

For more information, see our privacy policy.

Authorise Refuse