Cybersecurity Terminology, DecodeD⟶
Glossary
No assumed knowledge required.
Cybersecurity Terminology, DecodeD⟶
No assumed knowledge required.
This glossary defines the key terms used across Frostbow™ ’s product documentation, FAQs, and website. It is intended to help prospective customers, partners, and procurement teams understand the language of autonomous cybersecurity.
Alert
A notification generated by a security tool indicating that a potentially suspicious or malicious event has been detected on a network or device. Alerts vary in severity and require analysis to determine whether they represent a genuine threat.
Alert Fatigue
The state of reduced attention and responsiveness that security analysts experience when overwhelmed by high volumes of alerts, many of which are false positives. Alert fatigue is a leading cause of missed threats and analyst burnout in organizations without automated response capabilities.
API (Application Programming Interface)
A set of protocols that allows different software systems to communicate with each other. Frostbow™ uses API connections to integrate with existing security tools without requiring agents or manual configuration.
Autonomous Response
The ability of a security platform to detect, analyze, and act on threats without requiring human intervention. Frostbow™ ’s autonomous response capability resolves 99.6% of alerts independently, around the clock.
AbuseIPDB
A threat intelligence feed that aggregates and shares information about IP addresses known to be associated with malicious activity. Frostbow™ uses AbuseIPDB as part of its active threat intelligence layer.
CAIQ (Consensus Assessments Initiative Questionnaire)
A standardized security questionnaire developed by the Cloud Security Alliance (CSA) used by organizations to assess the security posture of cloud service providers. Frostbow™ completes CAIQ-aligned questionnaires within 48 hours.
Common Criteria (ISO/IEC 15408)
An internationally recognized framework for evaluating and certifying the security properties of technology products. Common Criteria certification is particularly relevant for defense and government procurement. Frostbow™ is currently undergoing Common Criteria assessment.
CrowdStrike
A leading endpoint detection and response (EDR) platform. Frostbow™ integrates with CrowdStrike via API, layering autonomous response capabilities on top of CrowdStrike®’s detection alerts.
Cyber Insurance
Insurance coverage designed to protect organizations from the financial consequences of cyberattacks and data breaches. Frostbow™ ’s controls and compliance posture are aligned with common cyber insurance requirements.
Data Residency
The physical or geographic location where an organization’s data is stored and processed. Frostbow™ offers data residency options in Canada, the United States, the United Kingdom, and India, ensuring customer data stays within the chosen jurisdiction.
Data Sovereignty
The principle that data is subject to the laws and governance of the country or region in which it is stored. Frostbow™ is built around data sovereignty as a core design principle, ensuring that customer data never leaves the selected jurisdiction without explicit agreement.
EDR (Endpoint Detection and Response)
A category of security tools that monitor endpoint devices for suspicious activity and provide detection, investigation, and response capabilities. Frostbow™ integrates with EDR platforms such as CrowdStrike® and SentinelOne®.
Endpoint
Any device connected to a network, including laptops, desktops, servers, smartphones, IP cameras, medical devices, printers, and cloud instances. Frostbow™ monitors and protects endpoints across all categories, including non-traditional devices that are often overlooked.
Escalation
The process by which an alert or incident that cannot be resolved autonomously is passed to a human analyst for review and action. Frostbow™ escalates only the 0.4% of alerts that genuinely require human judgment, and does so with a complete brief rather than a raw alert.
False Positive
An alert that incorrectly identifies benign activity as a threat. High false positive rates are a major source of alert fatigue. Frostbow™ continuously refines its understanding of each network environment, reducing false positives over time without manual tuning.
FIPS 140-2
A US government standard that specifies security requirements for cryptographic modules. FIPS 140-2 compliance is often required for organizations working with federal agencies and defense contractors. Frostbow™ ’s FIPS 140-2 certification is currently in progress.
Frostbow™
SKADI’s autonomous cybersecurity platform. Frostbow™ ingests security alerts from across a customer’s network, analyzes each one using AI, and resolves threats autonomously — without requiring a human analyst to review them first.
GreyNoise
A threat intelligence platform that identifies internet background noise and distinguishes it from targeted attack activity. Frostbow™ uses GreyNoise as part of its active threat intelligence layer to improve detection accuracy.
Hierarchical Neural Ontology
The proprietary AI architecture that powers Frostbow™ ’s decision-making. Unlike rule-based systems, Hierarchical Neural Ontology develops security concepts through continuous learning at three levels: node (individual device), company (customer-wide), and global (across all deployments). This enables Frostbow™ to understand why events are related, not just that they co-occur.
High Availability
A system design approach that ensures a platform remains operational and accessible with minimal downtime. Frostbow™ is built with high availability infrastructure across all deployment regions.
Immutable Audit Log
A tamper-proof record of all events, actions, and decisions made by a system. Frostbow™ maintains immutable audit logs covering every alert, AI determination, and action taken — enabling full auditability for governance and compliance purposes.
Incident Response
The structured process an organization follows to detect, contain, and recover from a security incident. Frostbow™ includes a documented incident response plan with defined escalation paths and SLAs as part of its security controls.
Least Privilege
A security principle whereby users and systems are granted only the minimum level of access required to perform their function. Frostbow™ applies a least-privilege model throughout its access control architecture.
Log Collection
The process of gathering event data from devices, applications, and network infrastructure for security monitoring and analysis. For organizations without existing security tools, Frostbow™ provides log collection as part of its foundational deployment.
MDR (Managed Detection and Response)
A managed security service in which a third-party provider monitors a customer’s environment and responds to threats on their behalf, typically using a combination of technology and human analysts. Frostbow™ delivers comparable outcomes autonomously, at a significantly lower cost and without the human response time constraints of traditional MDR services.
MITRE ATT&CK
A globally recognized framework that documents the tactics, techniques, and procedures (TTPs) used by cyber adversaries. Frostbow™ ’s detection capabilities are aligned with the MITRE ATT&CK framework.
Model Weights
The internal parameters of an AI model that encode its learned knowledge. Frostbow™ does not store sensitive customer data in model weights, ensuring that customer information cannot be reconstructed from the AI itself.
MSP (Managed Service Provider)
A company that remotely manages a customer’s IT infrastructure and services. Frostbow™ is complementary to MSP relationships — MSPs handle monitoring, ticketing, and escalation, while Frostbow™ provides autonomous threat response. Many of SKADI’s active resellers are MSPs.
Multi-Tenant Separation
The architectural practice of ensuring that data and operations belonging to different customers are fully isolated from one another within a shared platform. Frostbow™ enforces strict multi-tenant separation across all MSP and white-label environments.
NIST (National Institute of Standards and Technology)
A US federal agency that develops cybersecurity standards and frameworks widely adopted across industries and governments. Frostbow™ ’s security controls are aligned with NIST guidelines.
Node
In the context of Frostbow™ ’s Hierarchical Neural Ontology, a node refers to an individual endpoint on a customer’s network. Each node develops its own local threat model based on the specific behavior patterns of that device.
Ontological AI
An approach to artificial intelligence that builds structured, conceptual understanding of relationships between events — rather than simply identifying statistical correlations. Frostbow™ ’s ontological AI layer understands why security events are related, enabling more accurate and context-aware threat decisions.
OSINT (Open Source Intelligence)
Threat intelligence gathered from publicly available sources, including known malicious IP lists, vulnerability databases, and security research. Frostbow™ actively monitors OSINT feeds including GreyNoise and AbuseIPDB to keep detection current.
PIPEDA (Personal Information Protection and Electronic Documents Act)
Canada’s federal private sector privacy law, governing how organizations collect, use, and disclose personal information. All Frostbow™ customer agreements include PIPEDA-compliant privacy terms as standard.
RBAC (Role-Based Access Control)
A method of restricting system access based on the roles assigned to individual users within an organization. Frostbow™ uses RBAC to ensure that access to the platform and customer data is governed according to defined responsibilities.
SaaS (Software as a Service)
A software delivery model in which applications are hosted in the cloud and accessed via the internet, rather than installed locally. Frostbow™ is delivered as a SaaS platform, requiring no on-premises installation.
SentinelOne
A leading endpoint detection and response (EDR) platform. Frostbow™ integrates with SentinelOne via API, layering autonomous response on top of SentinelOne’s detection capabilities.
SIEM (Security Information and Event Management)
A platform that aggregates and analyzes log and event data from across an organization’s environment to identify security threats. Frostbow™ integrates with SIEM platforms, using their data as an input to its autonomous analysis layer.
SKADI Cyber Defense Corporation
The Canadian company that develops and operates Frostbow™ . Headquartered in Bracebridge, Ontario, SKADI is built around the principle that enterprise-grade cybersecurity should be accessible to organizations of all sizes.
SLA (Service Level Agreement)
A formal commitment between a service provider and a customer that defines the expected level of service, including response times and uptime guarantees. Frostbow™ ’s escalation paths and support commitments are governed by defined SLAs.
SOC (Security Operations Center)
A centralized team of security professionals responsible for monitoring, detecting, and responding to security incidents. Frostbow™ delivers SOC-equivalent outcomes autonomously, at a fraction of the cost of building and staffing a traditional SOC.
SOC 2
A security auditing framework developed by the American Institute of Certified Public Accountants (AICPA) that evaluates a service organization’s controls related to security, availability, processing integrity, confidentiality, and privacy. Frostbow™ ’s SOC 2 Type I audit is currently in progress, with Type II also underway.
TLS (Transport Layer Security)
A cryptographic protocol that ensures secure communication over a network by encrypting data in transit. Frostbow™ uses TLS 1.2 or higher for all data transmitted between the platform and customer environments.
Threat Intelligence
Information about existing or emerging threats that can be used to inform and improve security decisions. Frostbow™ actively ingests threat intelligence from feeds including GreyNoise and AbuseIPDB to keep its detection capabilities current.
Two-Factor Authentication (2FA)
A security process that requires users to verify their identity using two distinct factors — typically a password and a one-time code — before gaining access to a system. 2FA is enforced for all Frostbow™ dashboard access.
VSA (Vendor Security Assessment)
A structured questionnaire used by organizations to evaluate the security practices of their vendors and suppliers. Frostbow™ completes VSA-aligned assessments within 48 hours upon request.
White-Label
A product or service produced by one company that other companies rebrand and sell as their own. Frostbow™ supports white-label deployments, with strict data boundaries enforced between parent and client environments.
The threat landscape changes constantly. SKADI tracks it — delivering the latest intelligence, guides, and resources as the landscape evolves straight to your inbox.
The attacks are automated. The defense should be too. Frostbow™ resolves 99.6% of threats autonomously — in seconds, around the clock.
