Glossary
This document defines and explains key terms in the Application Security system to facilitate unified understanding and communication.
Threat-Related Terms
Deep Threat
Intrusion detection based on Trace call chain information, capable of reconstructing complete calling context and method-level behavior.
This type of detection has high accuracy and can effectively identify complex attack paths and vulnerability exploitation chains.
Typical scenario: Detecting requests that trigger specific dangerous function calls (such as deserialization, command execution).
Basic Threat
Security detection based on request-layer information (such as URI, Headers, parameters, etc.).
Detection accuracy is relatively low, primarily used to identify common attacks or anomalous traffic.
Typical scenario: SQL injection signature matching, XSS request detection, etc.
Security Event
Comprehensive security alerts generated based on time-series analysis of business threat data.
Identifies potential attacks by analyzing abnormal changes in business behavior over a period of time.
Example: A sudden increase in login failures within 1 hour may indicate credential stuffing behavior.
Business Threat
Monitoring and recording of business-related critical operational behaviors during application runtime,
including but not limited to:
- User login
- External API calls
- SQL execution
- System command execution
These behaviors can be used in security analysis to determine attack intent and business risks.
Threat Classification System
Threat Level
Indicates the severity of the threat itself, used to distinguish the priority of handling different security risks.
Classification levels are as follows:
- Critical
- High
- Medium
- Low
Impact Level
Used to describe the actual impact scope of threats on systems or businesses and detection confidence.
Currently divided into two categories:
- Deep Threat (High Impact): Call chain-level detection with high accuracy
- Basic Threat (Low Impact): Request feature-based detection with relatively lower accuracy.