Editing Ai Cybersecurity (section)

== <span style="color: #FFFFFF;">Remembering</span> ==
* '''Intrusion Detection System (IDS)''' — A system that monitors network or system activity for signs of malicious behavior or policy violations.
* '''SIEM (Security Information and Event Management)''' — A platform aggregating security data from across an organization for analysis and alerting.
* '''Malware classification''' — Using ML to classify executable files or scripts as malicious or benign, and into malware families.
* '''Anomaly detection''' — Identifying unusual patterns that may indicate a security breach; baseline normal behavior, flag deviations.
* '''Threat hunting''' — Proactively searching for hidden threats in an environment using AI-assisted analysis of security telemetry.
* '''Phishing detection''' — Using NLP and URL analysis to identify phishing emails and websites.
* '''User and Entity Behavior Analytics (UEBA)''' — Profiling normal behavior patterns for users and devices, flagging anomalies that may indicate compromise.
* '''Endpoint Detection and Response (EDR)''' — Security software on endpoints (laptops, servers) that collects behavioral data and applies AI to detect threats.
* '''False positive''' — A legitimate event incorrectly flagged as malicious; high false positive rates cause alert fatigue.
* '''Adversarial ML''' — Techniques to fool ML-based security systems through carefully crafted inputs.
* '''APT (Advanced Persistent Threat)''' — A sophisticated, long-duration cyberattack by well-resourced actors; hardest to detect with ML.
* '''CVE (Common Vulnerabilities and Exposures)''' — Standardized identifiers for known software vulnerabilities; AI assists in prioritizing patching.
* '''Threat intelligence''' — Information about current threat actors, tactics, and indicators used to improve defenses.
</div>

<div style="background-color: #006400; color: #FFFFFF; padding: 20px; border-radius: 8px; margin-bottom: 15px;">