Cybersecurity
Terms Starting with X

A standard defining the format of digital certificates used to authenticate identities in encrypted communications. X.509 certificates form the basis for HTTPS connections, code signing, email encryption, and most public key infrastructure deployments.

An HTTP header field identifying the original client IP address when requests pass through proxies or load balancers. XFF enables accurate logging and security analysis by revealing true source addresses.

An HTTP response header controlling whether a browser is allowed to render a page within a frame, iframe, or embed element. X-Frame-Options helps prevent clickjacking attacks where users are tricked into clicking hidden interface elements.

An XML-based standard for defining and evaluating attribute-based access control policies. XACML separates access decisions from applications, letting organizations centralize complex authorization rules across diverse systems.

Security platforms correlating threat data from endpoints, networks, cloud services, email, and applications for comprehensive threat detection. XDR extends EDR capabilities across entire IT environments, improving visibility and enabling coordinated responses to sophisticated attacks.

A high-performance journaling filesystem for Linux systems supporting large files and volumes. XFS appears in server logs, backup operations, and recovery procedures, requiring proper monitoring and maintenance.

A web application vulnerability where attackers exploit XML parsers that process external entity references to access server files, perform server-side request forgery, or trigger denial of service. XXE prevention requires disabling external entity processing in XML libraries.

An open standard for real-time messaging and presence information widely used in enterprise chat platforms and IoT systems. XMPP supports federated communication across different services while requiring encryption and authentication to prevent message interception.

A bitwise logical operation foundational to many cryptographic algorithms because it is reversible only with the original key. XOR is used in stream ciphers, one-time pads, and as a building block within block cipher rounds.

Web application vulnerabilities allowing attackers to inject malicious scripts into pages viewed by other users. XSS attacks steal session cookies, capture credentials, and perform actions on behalf of victims.