This glossary is from Learning Ransomware Response & Recovery by W. Curtis Preston and Dr. Mike Saylor. Browse all letters of the glossary or get the book.
PaaS (Platform as a Service) – Cloud computing service providing a platform for developing, running, and managing applications.
Packing/Crypter – Tools that compress and encrypt malware to evade signature-based detection.
Passkeys – Passwordless authentication method using cryptographic keys stored on devices, offering strong phishing resistance.
Password Manager – Software that securely stores and manages passwords, enabling use of strong unique passwords for every account.
Payload – The malicious component of malware that performs the intended harmful action, such as encrypting files.
PCI DSS (Payment Card Industry Data Security Standard) – Security standards for organizations handling credit card data.
Penetration Testing – Simulated cyberattack against systems to identify vulnerabilities and test defenses.
Persistence Mechanism – Technique malware uses to automatically restart or remain active after system reboots or cleaning attempts.
PHI (Protected Health Information) – Health information protected under HIPAA regulations.
Phishing – Social engineering attack using deceptive emails, messages, or websites to trick victims into revealing information or downloading malware.
PII (Personally Identifiable Information) – Information that can identify a specific individual, protected under various privacy regulations.
Polymorphic Code – Malware that slightly modifies its code with each infection while maintaining the same functionality, evading signature detection.
POS (Point-of-Sale) – Systems processing customer transactions; frequent ransomware targets in retail environments.
Post-incident Review – Analysis conducted after an incident to identify lessons learned and improve future response.
Post-mortem Analysis – Structured review process after an incident to document what happened, identify lessons learned, and improve future response.
PowerShell – Windows scripting language often used for both legitimate administration and malicious activities.
PowerShell Empire – Post-exploitation framework that runs malicious PowerShell scripts in memory to avoid detection.
Privilege Escalation – Technique attackers use to gain higher-level permissions than initially obtained.
Proof-of-Life Decryptor – Sample decryption tool provided by attackers to demonstrate their ability to decrypt files before ransom payment.
PTSD (Post-Traumatic Stress Disorder) – Mental health condition that 20% of ransomware incident responders experience post-crisis.
Purpose-built Backup Appliance – Dedicated hardware system designed specifically for backup storage and management (e.g., Data Domain, ExaGrid).