From bdad4098c84128da8a85dd0a8fc975a84728e314 Mon Sep 17 00:00:00 2001 From: bchetcuti <54513583+bchetcuti@users.noreply.github.com> Date: Sat, 13 Sep 2025 14:51:48 +1000 Subject: [PATCH] update terms --- data/terms.json | 525 +++++++++++++++++++++++-------------------- data/terms1.json_old | 258 +++++++++++++++++++++ 2 files changed, 544 insertions(+), 239 deletions(-) create mode 100644 data/terms1.json_old diff --git a/data/terms.json b/data/terms.json index 5c01b4e..40f8395 100644 --- a/data/terms.json +++ b/data/terms.json @@ -1,258 +1,305 @@ [ - { - "term": "DMARC", - "definition": "An email authentication protocol that helps prevent domain spoofing by aligning SPF and DKIM mechanisms.", - "citations": [ - { - "title": "Home Overview", - "url": "Overview " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + { + "term": "DMARC", + "definition": "An email authentication protocol that aligns SPF and/or DKIM with the visible From domain and publishes a DNS policy (none, quarantine, reject) plus reporting to curb spoofing.", + "citations": [ + { + "title": "DMARC Overview", + "url": "https://dmarc.org/overview/" + }, + { + "title": "RFC 7489 — Domain-based Message Authentication, Reporting, and Conformance (DMARC)", + "url": "https://www.rfc-editor.org/info/rfc7489" } - }, - { - "term": "SPF", - "definition": "Sender Policy Framework is an email validation system designed to detect and block email spoofing.", - "citations": [ - { - "title": "SPF Project", - "url": "https://www.openspf.org/" - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "SPF", + "definition": "A DNS-published policy that authorizes which mail hosts may send on behalf of a domain; receivers verify the SMTP MAIL FROM/HELO against that policy.", + "citations": [ + { + "title": "RFC 7208 — Sender Policy Framework (SPF)", + "url": "https://www.rfc-editor.org/info/rfc7208" + }, + { + "title": "OpenSPF Project (historical reference)", + "url": "https://www.openspf.org/" } - }, - { - "term": "DKIM", - "definition": "DomainKeys Identified Mail is an email authentication method that uses cryptographic signatures to verify message integrity.", - "citations": [ - { - "title": "DomainKeys Identified Mail (DKIM)", - "url": "http://www.dkim.org/" - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "DKIM", + "definition": "An email authentication method that adds a domain-linked cryptographic signature to messages so receivers can verify integrity and domain responsibility.", + "citations": [ + { + "title": "RFC 6376 — DomainKeys Identified Mail (DKIM) Signatures", + "url": "https://www.rfc-editor.org/rfc/rfc6376" + }, + { + "title": "DKIM.org (background and resources)", + "url": "https://dkim.org/" } - }, - { - "term": "DNSSEC", - "definition": "Domain Name System Security Extensions add cryptographic signatures to DNS data to protect against spoofing.", - "citations": [ - { - "title": "ICANN DNSSEC Overview", - "url": "DNSSEC – What Is It and Why Is It Important? - ICANN " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "DNSSEC", + "definition": "DNS Security Extensions add cryptographic signatures to DNS data, enabling resolvers to validate authenticity via a chain of trust from the root.", + "citations": [ + { + "title": "DNSSEC – What Is It and Why Is It Important? (ICANN)", + "url": "https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en" } - }, - { - "term": "PTR Record", - "definition": "A DNS record that maps an IP address to a domain name, used for reverse DNS lookups.", - "citations": [ - { - "title": "Cloudflare PTR Record Guide", - "url": "What is a DNS PTR record? | Cloudflare " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "PTR Record", + "definition": "A reverse DNS record mapping an IP address to a hostname, used primarily for reverse lookups and email reputation checks.", + "citations": [ + { + "title": "What is a DNS PTR record? (Cloudflare Learning Center)", + "url": "https://www.cloudflare.com/learning/dns/dns-records/dns-ptr-record/" } - }, - { - "term": "CNAME Record", - "definition": "A DNS record that maps an alias name to a true or canonical domain name.", - "citations": [ - { - "title": "Cloudflare CNAME Record Guide", - "url": "What is a DNS CNAME record? | Cloudflare " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "CNAME Record", + "definition": "A canonical name record that aliases one hostname to another, causing lookups to resolve through the target name.", + "citations": [ + { + "title": "What is a DNS CNAME record? (Cloudflare Learning Center)", + "url": "https://www.cloudflare.com/learning/dns/dns-records/dns-cname-record/" } - }, - { - "term": "MX Record", - "definition": "A DNS record that specifies the mail server responsible for accepting email messages on behalf of a domain.", - "citations": [ - { - "title": "Cloudflare MX Record Guide", - "url": "What is a DNS MX record? | Cloudflare " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "MX Record", + "definition": "A mail exchange record that specifies the mail servers responsible for accepting email for a domain, usually with priorities.", + "citations": [ + { + "title": "What is a DNS MX record? (Cloudflare Learning Center)", + "url": "https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/" } - }, - { - "term": "Repo Hygiene", - "definition": "A set of practices to keep code repositories organized, secure, and maintainable.", - "citations": [ - { - "title": "GitHub Best Practices", - "url": "GitHub flow - GitHub Docs " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "Repo Hygiene", + "definition": "Practices that keep repositories organized, secure, and maintainable—clear README, branching workflow, protected branches, dependency updates, secret scanning, and contribution guidelines.", + "citations": [ + { + "title": "Best practices for repositories (GitHub Docs)", + "url": "https://docs.github.com/en/repositories/creating-and-managing-repositories/best-practices-for-repositories" + }, + { + "title": "Setting guidelines for repository contributors (GitHub Docs)", + "url": "https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors" + }, + { + "title": "Best practices for maintaining dependencies (GitHub Docs)", + "url": "https://docs.github.com/en/code-security/dependabot/maintain-dependencies/best-practices-for-maintaining-dependencies" } - }, - { - "term": "Branch Protection Rules", - "definition": "GitHub settings that enforce workflows and prevent direct pushes to important branches.", - "citations": [ - { - "title": "GitHub Branch Protection", - "url": "Managing protected branches - GitHub Docs " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 3, + "last_verified": "2025-09-13" + } + }, + { + "term": "Branch Protection Rules", + "definition": "Repository settings that restrict actions (e.g., force pushes, deletions) and enforce requirements like reviews and status checks before merging.", + "citations": [ + { + "title": "Managing a branch protection rule (GitHub Docs)", + "url": "https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "title": "Managing protected branches (GitHub Docs)", + "url": "https://docs.github.com/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches" } - }, - { - "term": "CODEOWNERS", - "definition": "A GitHub file that defines individuals or teams responsible for code in a repository.", - "citations": [ - { - "title": "GitHub CODEOWNERS", - "url": "About code owners - GitHub Docs " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "CODEOWNERS", + "definition": "A repository file that designates owners for paths; when those paths change, reviews from the owners can be automatically required.", + "citations": [ + { + "title": "About code owners (GitHub Docs)", + "url": "https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners" + }, + { + "title": "Introducing code owners (GitHub Blog)", + "url": "https://github.blog/news-insights/product-news/introducing-code-owners/" } - }, - { - "term": "Security.txt", - "definition": "A file that provides a standard location for security researchers to find vulnerability disclosure information.", - "citations": [ - { - "title": "security.txt", - "url": "security.txt " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "Security.txt", + "definition": "A machine-parsable file that advertises an organization’s vulnerability disclosure contact and policy, typically at /.well-known/security.txt.", + "citations": [ + { + "title": "RFC 9116 — A File Format to Aid in Security Vulnerability Disclosure", + "url": "https://www.rfc-editor.org/rfc/rfc9116" + }, + { + "title": "security.txt (CISA overview)", + "url": "https://www.cisa.gov/news-events/news/securitytxt-simple-file-big-value" } - }, - { - "term": "Status Page", - "definition": "A public webpage that communicates the current operational status of a service.", - "citations": [ - { - "title": "Atlassian Statuspage Overview", - "url": "Improve Transparency with Statuspage | Atlassian " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "Status Page", + "definition": "A public page for real-time incident comms and uptime history that helps keep users informed and builds trust during outages.", + "citations": [ + { + "title": "Statuspage — Product overview (Atlassian)", + "url": "https://www.atlassian.com/software/statuspage" + }, + { + "title": "Statuspage — Features & benefits (Atlassian)", + "url": "https://www.atlassian.com/software/statuspage/features" } - }, - { - "term": "SPF Flattening", - "definition": "A technique to reduce DNS lookups in SPF records by replacing includes with IP addresses.", - "citations": [ - { - "title": "SPF Flattening Explained", - "url": "Concluding the Experiment: SPF Flattening - dmarcian " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "SPF Flattening", + "definition": "Replacing SPF includes with resolved IPs to reduce DNS lookups; generally discouraged due to maintenance and accuracy risks.", + "citations": [ + { + "title": "Concluding the Experiment: SPF Flattening (dmarcian)", + "url": "https://dmarcian.com/spf-flattening/" + }, + { + "title": "SPF Flattening (dmarcian Help Center)", + "url": "https://dmarcianbeacon.helpscoutdocs.com/article/65-spf-flattening" } - }, - { - "term": "TXT Record", - "definition": "A DNS record that stores text information for external sources to use, often for verification purposes.", - "citations": [ - { - "title": "Cloudflare TXT Record Guide", - "url": "What is a DNS TXT record? | Cloudflare " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "TXT Record", + "definition": "A DNS record type that stores arbitrary text—commonly used for domain verification and email authentication (SPF, DKIM, DMARC).", + "citations": [ + { + "title": "What is a DNS TXT record? (Cloudflare Learning Center)", + "url": "https://www.cloudflare.com/learning/dns/dns-records/dns-txt-record/" } - }, - { - "term": "Escalation Workflow", - "definition": "A predefined process for routing unresolved issues to higher levels of support or authority.", - "citations": [ - { - "title": "ITIL Incident Management", - "url": "Powering Best Practice | ITIL®, PRINCE2® and MSP® | Axelos " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "Escalation Workflow", + "definition": "A defined path for routing unresolved incidents to higher-responsibility on-call tiers with conditions, timings, and notifications.", + "citations": [ + { + "title": "Escalation policies for effective incident management (Atlassian)", + "url": "https://www.atlassian.com/incident-management/on-call/escalation-policies" } - }, - { - "term": "Least Privilege", - "definition": "A security principle where users are granted the minimum levels of access necessary to perform their tasks.", - "citations": [ - { - "title": "NIST Least Privilege", - "url": "least privilege - Glossary | CSRC " - } - ], - "trust": { - "verified": true, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-13" + } + }, + { + "term": "Least Privilege", + "definition": "Access is limited to the minimum authorizations necessary for users and processes to perform their functions.", + "citations": [ + { + "title": "Least privilege — NIST CSRC Glossary", + "url": "https://csrc.nist.gov/glossary/term/least_privilege" + }, + { + "title": "SP 800-53 Rev. 5, AC-6 (reference via CSF Tools)", + "url": "https://csf.tools/reference/nist-sp-800-53/r5/ac/ac-6/" } - }, - { - "term": "Anomaly Flag", - "definition": "A signal or marker indicating unusual or suspicious activity in a system or dataset.", - "citations": [ - { - "title": "NIST Cybersecurity Framework", - "url": "Cybersecurity Framework " - } - ], - "trust": { - "verified": false, - "source_count": 1, - "last_verified": "2025-09-10" + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" + } + }, + { + "term": "Anomaly Flag", + "definition": "An indicator that activity deviates from an established baseline and may signal a cybersecurity event requiring analysis.", + "citations": [ + { + "title": "Cybersecurity Framework — Detect Function (Anomalies & Events)", + "url": "https://www.nist.gov/cyberframework/getting-started/online-learning/five-functions" + }, + { + "title": "Framework for Improving Critical Infrastructure Cybersecurity (CSF 1.1) — Detect Function", + "url": "https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf" } + ], + "trust": { + "verified": true, + "source_count": 2, + "last_verified": "2025-09-13" } - ] - \ No newline at end of file + } +] diff --git a/data/terms1.json_old b/data/terms1.json_old new file mode 100644 index 0000000..5c01b4e --- /dev/null +++ b/data/terms1.json_old @@ -0,0 +1,258 @@ +[ + { + "term": "DMARC", + "definition": "An email authentication protocol that helps prevent domain spoofing by aligning SPF and DKIM mechanisms.", + "citations": [ + { + "title": "Home Overview", + "url": "Overview " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "SPF", + "definition": "Sender Policy Framework is an email validation system designed to detect and block email spoofing.", + "citations": [ + { + "title": "SPF Project", + "url": "https://www.openspf.org/" + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "DKIM", + "definition": "DomainKeys Identified Mail is an email authentication method that uses cryptographic signatures to verify message integrity.", + "citations": [ + { + "title": "DomainKeys Identified Mail (DKIM)", + "url": "http://www.dkim.org/" + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "DNSSEC", + "definition": "Domain Name System Security Extensions add cryptographic signatures to DNS data to protect against spoofing.", + "citations": [ + { + "title": "ICANN DNSSEC Overview", + "url": "DNSSEC – What Is It and Why Is It Important? - ICANN " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "PTR Record", + "definition": "A DNS record that maps an IP address to a domain name, used for reverse DNS lookups.", + "citations": [ + { + "title": "Cloudflare PTR Record Guide", + "url": "What is a DNS PTR record? | Cloudflare " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "CNAME Record", + "definition": "A DNS record that maps an alias name to a true or canonical domain name.", + "citations": [ + { + "title": "Cloudflare CNAME Record Guide", + "url": "What is a DNS CNAME record? | Cloudflare " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "MX Record", + "definition": "A DNS record that specifies the mail server responsible for accepting email messages on behalf of a domain.", + "citations": [ + { + "title": "Cloudflare MX Record Guide", + "url": "What is a DNS MX record? | Cloudflare " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Repo Hygiene", + "definition": "A set of practices to keep code repositories organized, secure, and maintainable.", + "citations": [ + { + "title": "GitHub Best Practices", + "url": "GitHub flow - GitHub Docs " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Branch Protection Rules", + "definition": "GitHub settings that enforce workflows and prevent direct pushes to important branches.", + "citations": [ + { + "title": "GitHub Branch Protection", + "url": "Managing protected branches - GitHub Docs " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "CODEOWNERS", + "definition": "A GitHub file that defines individuals or teams responsible for code in a repository.", + "citations": [ + { + "title": "GitHub CODEOWNERS", + "url": "About code owners - GitHub Docs " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Security.txt", + "definition": "A file that provides a standard location for security researchers to find vulnerability disclosure information.", + "citations": [ + { + "title": "security.txt", + "url": "security.txt " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Status Page", + "definition": "A public webpage that communicates the current operational status of a service.", + "citations": [ + { + "title": "Atlassian Statuspage Overview", + "url": "Improve Transparency with Statuspage | Atlassian " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "SPF Flattening", + "definition": "A technique to reduce DNS lookups in SPF records by replacing includes with IP addresses.", + "citations": [ + { + "title": "SPF Flattening Explained", + "url": "Concluding the Experiment: SPF Flattening - dmarcian " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "TXT Record", + "definition": "A DNS record that stores text information for external sources to use, often for verification purposes.", + "citations": [ + { + "title": "Cloudflare TXT Record Guide", + "url": "What is a DNS TXT record? | Cloudflare " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Escalation Workflow", + "definition": "A predefined process for routing unresolved issues to higher levels of support or authority.", + "citations": [ + { + "title": "ITIL Incident Management", + "url": "Powering Best Practice | ITIL®, PRINCE2® and MSP® | Axelos " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Least Privilege", + "definition": "A security principle where users are granted the minimum levels of access necessary to perform their tasks.", + "citations": [ + { + "title": "NIST Least Privilege", + "url": "least privilege - Glossary | CSRC " + } + ], + "trust": { + "verified": true, + "source_count": 1, + "last_verified": "2025-09-10" + } + }, + { + "term": "Anomaly Flag", + "definition": "A signal or marker indicating unusual or suspicious activity in a system or dataset.", + "citations": [ + { + "title": "NIST Cybersecurity Framework", + "url": "Cybersecurity Framework " + } + ], + "trust": { + "verified": false, + "source_count": 1, + "last_verified": "2025-09-10" + } + } + ] + \ No newline at end of file