Cybersecurity, Privacy, and Trust
Measures, technologies, and policies employed to protect systems and sensitive information, ensure the confidentiality and control of personal data, and build confidence in the integrity and reliability of technological systems and processes.
AI/ML Security
Products and strategies to protect AI/ML systems and models from manipulation or attack.
AI Governance
Establishing and overseeing guidelines and practices to ensure the ethical, transparent, and accountable development and implementation of AI.
LLM Security
Practices and measures to protect LLM models from being exploited for malicious purposes, and to ensure their safe, ethical, and responsible use.
ML Security
Protecting machine learning systems from attacks, manipulations, and vulnerabilities, ensuring the integrity, reliability, and confidentiality of ML models and their data
Application Security
Practices and techniques used to secure applications from threats and vulnerabilities throughout the development lifecycle.
Application Protection
Technologies to safeguard software applications from vulnerabilities and attacks across their development, deployment, and operational stages.
API Security
Processes and tools for preventing and monitoring malicious attacks and misuse of APIs.
Bot Mitigation
Techniques and tools for assessing website bots and blocking malicious activity.
CI/CD Security
Integrating security practices and tools into the Continuous Integration (CI) and Continuous Deployment (CD) pipeline to protect software during the testing, build, and deployment processes.
Runtime Application Self-Protection (RASP)
Technology that integrates with an application to detect and prevent real-time attacks by analyzing behavior and context during execution.
Web Application Firewall (WAF)
Systems to protect web applications or APIs against exploits, bots, and attacks that compromise the security and availability of web applications.
Application Security Testing
The process of evaluating and examining software applications for security vulnerabilities and weaknesses.
Application Security Orchestration and Correlation (ASOC)
Integration and automation of various application security tools and processes to enhance efficiency and effectiveness in identifying and mitigating vulnerabilities.
Application Security Posture Management (ASPM)
The continuous process of assessing, improving, and monitoring the security state of software applications.
Dynamic Application Security Testing (DAST)
A method of testing applications for security vulnerabilities by simulating external attacks on a running application.
Fuzz Testing
A testing technique that involves inputting random, malformed, or unexpected data into an application to detect coding errors and security vulnerabilities.
Infrastructure as Code (IaC) Security
Practices and tools used to ensure that the code and processes used to automate and manage IT infrastructure are secure and free from vulnerabilities.
Interactive Application Security Testing (IAST)
A testing approach that combines static and dynamic analysis to evaluate applications for vulnerabilities in real-time during testing and operation.
Mobile Application Security Testing (MAST)
The process of assessing and identifying security vulnerabilities in mobile applications.
Static Application Security Testing (SAST)
A method of analyzing code for security vulnerabilities without executing the application.
Software Supply Chain Security
The identification, analysis, monitoring, and mitigation of security risks from third party software vendors, packages, integrations, and other components.
Code Signing
The process of digitally signing software to verify the author's identity and ensure that the code has not been altered or corrupted since it was signed.
Dependency Scanning
The process of analyzing dependencies for known vulnerabilities and security issues to ensure the security and integrity of an application's third-party components.
License Compliance
Ensuring the use of software within an organization adheres to the terms and conditions outlined in its licensing agreements.
Software Bill of Materials (SBOM)
A comprehensive inventory of all components, libraries, and modules used in an application, detailing their versions, licenses, and dependencies.
Software Composition Analysis (SCA)
Processes to identify use of open source software in a codebase to evaluate security, quality, licensing, and other software supply chain risks.
Blockchain and Web3
Tools for securing and managing risks on blockchain and Web3 platforms.
Capital Markets
Financial markets where equity and debt are traded, facilitating capital raises by companies, investments by individuals and institutions, and mergers and acquisitions by strategic buyers and institutional investors.
Angel and Seed Investors
Independent individual investors or a group of individual investors who invest capital in early stage cybersecurity companies.
Investment Banking
Advisors and intermediaries for financial transactions, including mergers, acquisitions, and large scale investments.
Private Equity
Late stage private equity firms and investment banks with significant portfolios of cybersecurity companies.
Venture Capital
Institutional venture capital firms with a significant number of cybersecurity investments and exits.
Certifications and Training
Comprehensive cybersecurity awareness, education, and credentialing organizations covering one or more major cybersecurity domains.
Certifications
Official cybersecurity professional credentialing programs offered by governing bodies.
Training
Education and learning courses or materials about cybersecurity-related topics.
Consumer Security and Privacy
Practices and countermeasures to protect personal data and ensure the digital safety of consumers against unauthorized access, misuse, and threats.
Anonymous Communication
Tools and protocols for protecting and anonymizing user internet traffic to conceal location, usage, and identity against network surveillance or traffic analysis.
Breach Notification Services
Services that help inform users if their personal information, such as email address or passwords, have been leaked in data breaches.
Consumer Privacy
Protection of personal information and data of consumers, ensuring their right to control its collection, use, and sharing.
Identity Theft Protection
Services that monitor and restore the personal data of consumers in the event of abnormal activity and theft.
Personal Data Economy
Platforms that enable individuals to take ownership of their information and potentially profit from selling data.
Services that centralize and automate the process of opting out and removing personal data from data brokers.
Personalized Managed Cybersecurity
A set of countermeasures and services designed to protect individuals from security threats.
Privacy Assistants
Tools to help users understand and manage access to their private data.
Reputation
Monitoring, influencing, and improving an individual's public perception and online presence.
Secure Collaboration
Platforms for private messaging and information sharing through encrypted communication channels.
Cyber Crime
Illegal activities conducted online, including offenses like hacking, identity theft, and online fraud.
Advanced Persistent Threats (APT)
Organized groups of threat actors who gain unauthorized access to networks for political or economic reasons.
Botnets
A network of compromised devices under the organized control of an attacker.
Dark Web
A hidden area of internet sites and services, accessible only from a specialized web browser or proxy.
Fraud and Scams
Content, phishing, spam, and other fraudulent activity intended to trick users into sharing sensitive information.
Malware
Intrusive software developed by cybercriminals to steal data or damage systems and networks.
Ransomware
A specific type of malware and associated techniques for restricting access to data or other resources until a ransom is paid.
Spyware and Stalkerware
Tools that enable someone to spy on another person's digital activity without their knowledge.
Data Security
Practices and technologies used to protect data from unauthorized access, corruption, or theft throughout its lifecycle.
Data Protection
Technologies to safeguard personal and organizational data from unauthorized access, disclosure, alteration, and destruction.
Data Security Posture Management (DSPM)
A comprehensive approach to continuously identify, assess, and manage the security of data across an organization's entire digital landscape.
Database Security
Tools, controls, and processes to protect databases from compromise.
e-Discovery
Identification, collection, and storage of electronic information for investigations and legal requests.
Insider Threat Detection
Identifying and mitigating risks posed by individuals within an organization who might misuse access to harm the organization or its data.
Public Key Infrastructure
Infrastructure to establish and manage public key encryption for user identities, device identities, and secure end-to-end communications.
Rights Management
Software to help companies protect digital content (videos, images, files, etc.) from unauthorized distribution and duplication.
Data Resilience
Processes and technologies to reliably store, manage, and recover critical data in the face of disruptions, attacks, or failures.
Backup and Recovery
Processes and tools for creating, storing, and restoring copies of data to protect against data loss.
Secure Storage
Processes, hardware, and facilities for maintaining data security and integrity.
Privacy
Managing and safeguarding personal and sensitive information to ensure it is not misused or accessed without proper authorization.
Data Deidentification and Pseudonymity
Tools to redact and deidentify data for use by researchers, data scientists, and other parties without compromising the privacy of people in the dataset.
Data Discovery and Classification
The process of scanning data sources to find and classify structured and unstructured data, with a focus on sensitive and/or regulated data.
Encryption and Tokenization
Processes and tools for transforming sensitive data into an encrypted or masked value.
Enterprise Communication
Messaging solutions to help employees and partners within an organization communicate securely.
Fraud and Transaction Security
Measures and technologies to protect financial transactions and sensitive data from fraudulent activities and unauthorized access.
Fraud Detection
Systems and processes to monitor, detect, prevent, and remediate fraudulent transactions and activities.
Orchestration
Coordinating and automating various fraud detection and prevention tools and processes to organize the response to fraudulent activities across multiple channels.
Transaction Monitoring
Continuous analysis of financial transactions to identify and prevent fraudulent activities, money laundering, and compliance violations.
Governance, Risk, and Compliance
Methods and technologies for managing an organization's overall governance, enterprise risk management, and compliance with regulatory requirements.
Compliance
Processes and technologies to manage adherence to laws, regulations, standards, and ethical practices applicable to an organization's operations and activities.
Auditors and Assessors
Firms authorized to conduct independent reviews and certify compliance with regulations and standards.
Compliance Automation
Tools for automating compliance processes and continuous controls monitoring.
Regulations
Official rules to enforce laws created by governments. Implemented and maintained by authorized government agencies.
Third Party Assurance
An examination of a service provider's services, internal controls, and risks conducted by a third party on behalf of customers. Results are documented in a compliance report.
Governance
Frameworks, policies, and processes that ensure an organization is managed effectively, ethically, and in a manner aligned with its objectives and stakeholders' interests.
GRC
Systems to automate and integrate enterprise, operational, and IT risk management processes and data.
Metrics and Dashboards
Tools used to track and display key performance indicators to measure cybersecurity risk and effectiveness.
Policies and Procedures
Written documents and tools for managing rules for individuals accessing an organization's systems and data.
Security Architecture
A core information security function that defines and guides architectural requirements and design of security-relevant elements within an organization.
Security Awareness
Materials and products to measure and improve the knowledge and understanding individuals have about cyber threats and the best practices to safeguard against them.
Segregation of Duties (SOD)
Automated enforcement of shared responsibilities among multiple people for execution of critical processes. Reduces fraud and errors.
Standards and Frameworks
Documented guidance for policies and controls to systematically manage security and risk.
Privacy Program Management
Policies, practices, and procedures to ensure an organization's handling of personal information complies with privacy laws and respects the rights of individuals.
Assessment Managers
Workflows and automation for various functions of a privacy program.
Consent Management
Systems and processes for notifying users about personal data collection and collecting explicit consent.
Data Mapping
Tools to help organizations map data flows across the enterprise.
Data Subject Request Automation
Processes and tools to support individual requests for personal data and use under data privacy laws.
Information and updates for understanding global privacy laws and regulations.
Website Scanning
Tools to check websites to identify which cookies, beacons, and trackers are in use.
Risk
The process of identifying, assessing, and prioritizing risks to minimize, monitor, and control the probability or impact of unfortunate events.
Cyber Insurance
Specialty business insurance for protection against cybersecurity-related losses, including data breaches, ransomware, and other incidents.
Cyber Risk Quantification
Assessment and quantification an organization's cybersecurity risk level.
Enterprise Risk Management
Identification, management, and remediation of company-wide risk at an executive level.
Third-Party Risk Management (TPRM)
Identifying, assessing, and mitigating risks associated with external entities like vendors, suppliers, and partners that an organization engages with.
Trust and Safety
Business practices, workflows, and tools used by online platforms to reduce the risk of users experiencing harm, fraud, abuse, and other negative behaviors.
Government and NGOs
Public and not-for-profit entities responsible for researching, creating, enforcing, and promoting policies, regulations, standards and initiatives to protect digital information and infrastructure from cyber threats and ensure data privacy.
Agencies
Government agencies specializing in cybersecurity policy, research, and protection.
International Organizations
International government organizations specializing in cybersecurity policy, research, and protection.
NGOs
Not-for-profit organizations specializing in cybersecurity policy, research, and protection.
Universities
Cybersecurity research and education programs at public and private universities.
Identity Security
Policies, technologies, and controls to protect and manage digital identities, ensuring secure access to systems and information while preventing unauthorized use.
Authentication
Technology for verifying the identity of a user or entity before granting access.
Access Management
Platforms for identifying, tracking, controlling, and managing user access to applications and infrastructure.
Biometrics
Use of physical or behavioral traits to authenticate and verify identity.
Customer Identity (CIAM)
Systems for controlling customer access to applications and managing customer profile information.
Electronic Identification
Government systems for digital proof of identity for citizens and organizations.
Identity Graphing and Resolution
Services that correlate online and offline identifiers with consumer identities to create an accurate view of customers.
Identity Proofing
A service used for verifying a user's identity based on life history or other data aggregated from public and proprietary data sources.
Know Your Business (KYB)
The process of verifying the identity and assessing the legitimacy of businesses, typically for compliance and risk management purposes.
Multi-Factor Authentication (MFA)
Authentication that replaces traditional passwords or combines two or more authentication requirements (e.g. password and one-time token) for increased security.
Password Managers
Tools to help users generate, store, and use secure passwords.
Passwordless
Verification of identities without the use of traditional passwords, instead relying on methods like biometrics, tokens, or cryptographic keys.
SaaS Identity Risk Management
Assessing, monitoring, and mitigating risks associated with user access and authentication in unmanaged SaaS applications.
Secrets Management
Securely handling, storing, and accessing sensitive information like tokens and encryption keys for protecting access to applications and services.
Self-Service Password Reset (SSPR)
Toos that allow users to reset their passwords independently, typically through a series of authentication steps.
Social Login
Sign in to third party sites using authentication from social networks.
Web3 Authentication
Decentralized and user-centric identification systems in the blockchain and cryptocurrency space, enabling users to own and control their digital identities without relying on central authorities.
Authorization
The process of granting or denying specific permissions and access rights to a user or entity based on their authenticated identity.
Background Screening
Services that compile and help verify employment, criminal, financial, and other records for people and organizations.
Centralized Authorization
A security approach where access control decisions for multiple systems or applications are managed from a single, unified point of policy enforcement and management.
Data Access Governance
Systems for gaining visibility and enforcing access control policies on unstructured data (spreadsheets, documents, PDFs, etc.).
Directory Services
A repository for collecting information about users, devices, and resources for authentication and authorization. LDAP is a common standard for directory services.
Identity Governance and Administration (IGA)
Systems for administering accounts and credentials, access provisioning, and access reviews.
Identity Threat Detection and Response (IDTR)
Identifying, investigating, and mitigating malicious activities targeting user identities and credentials.
Identity Wallets
Identity stores that allow users to manage and share their digital identity credentials and data.
Physical Access Control
Solutions that manage physical identities and access to physical locations and spaces.
Privileged Access Management (PAM)
Systems for managing privileged (elevated) access for users, shared accounts, secrets, keys, and other high risk credentials.
Web3 Authorization
The decentralized process of granting or restricting access to resources and actions in blockchain and decentralized applications, based on verified digital identities and smart contracts.
Infrastructure Security
Protection of critical physical and virtual systems, networks, and assets.
Cloud Security
Technologies and controls designed to protect data, applications, and infrastructure hosted in cloud environments from threats and vulnerabilities.
Cloud Infrastructure Entitlements Management (CIEM)
Tools to help companies manage permissions and detect excessive or risky access in cloud environments.
Cloud Security Posture Management (CSPM)
Continuous management, monitoring, policy enforcement, and compliance for cloud environment configurations.
Processes and tools for securing containers and workloads within different cloud environments.
Integrated security solutions designed to protect cloud-native applications by combining capabilities like workload protection, cloud security posture management, and application security.
Container Security
Measures and practices to protect containerized applications and their underlying infrastructure from threats and vulnerabilities throughout the container lifecycle.
SaaS Security
Strategies and measures implemented to protect data, applications, and services hosted on Software as a Service (SaaS) platforms.
Email Security
Tools used to protect email accounts and content from unauthorized access, threats, and malicious activities.
Anti-Spam and Anti-Phishing
Security measures designed to detect, block, and prevent unwanted or deceptive emails, such as spam and phishing attempts, from reaching users.
Email Archiving
Storing, preserving, and organizing email communications for long-term retention, easy retrieval, and compliance purposes.
Email Encryption
Encrypting email messages in transit and/or at rest to protect their content from being read by anyone other than the intended recipients.
Phishing Simulation
A training tool that sends simulated phishing emails to users, testing their ability to recognize and respond to phishing attacks.
Secure Email Gateways (SEGs)
Security solutions that monitor and filter incoming and outgoing emails to protect against spam, viruses, phishing attacks, and other email-based threats.
Endpoint Security
Protecting network-connected devices such as computers, mobile phones, and tablets from threats and unauthorized access.
Endpoint Detection and Response (EDR)
Tools installed on endpoints to record key activity for monitoring and threat investigations.
Endpoint Privilege Management (EPM)
Approach and tools for protecting against execution of malware and unapproved applications on endpoints.
Software to protect endpoints from threats, including malware, ransomware, phishing, and data theft.
File Integrity Monitoring
Solutions to monitor changes in operating system, database, and application files.
Host Encryption
The process of encrypting the data stored on a host, such as a server or a computer, to protect it against unauthorized access and ensure its confidentiality.
Host Intrusion Prevention System (HIPS)
Endpoint-based intrusion detection and prevention system to monitor and analyze internals and network traffic on the endpoint for prevention and detection of threats.
Mobile Device Management (MDM)
Technology used to secure, monitor, manage, and support mobile devices deployed across mobile operators, service providers, and enterprises.
Mobile Security
Tools protect sensitive information stored on mobile devices, including smartphones, tablets, and wearables.
Network Security
Practices to protect networks and data from unauthorized access, attacks, or misuse.
DDoS Mitigation
Services to throttle and prevent distributed denial of service attack disruptions.
DNS Security
Protecting the Domain Name System (DNS) from threats and ensuring the integrity and availability of DNS queries and responses.
Firewalls
Network security devices to regulate network traffic based on rules.
Microsegmentation
Techniques and tools to logically divide networks into security segments with specific controls based on the risk and requirements of each segment.
Network Access Control (NAC)
Systems that provide visibility and control of devices accessing a network.
Network Detection and Response (NDR)
Solutions that continuously monitor network traffic for malicious activities and anomalies, facilitating rapid detection and response to threats.
SSL Visibility
Tools that provide visibility into encrypted network traffic for monitoring and threat analysis.
Wireless Security
Prevention of damage and unauthorized access via wireless networks.
Secure Access Service Edge (SASE)
A network architecture that combines WAN capabilities with cloud-native security functions to support dynamic, secure access to apps and data.
Cloud Access Security Brokers (CASB)
Platforms to help secure and manage use of cloud-based SaaS applications and infrastructure.
Data Loss/Leakage Prevention (DLP)
Systems to detect and prevent transmission of sensitive data.
Device Trust
A security approach that evaluates and verifies the trustworthiness of a device based on its attributes and configuration before granting it access.
Remote Browser Isolation (RBI)
Technology that executes web browsing sessions in a remote, isolated environment, protecting the user's device from direct exposure to potential internet threats.
Secure Web Browsers
Security-focused web browsers and isolation for enterprises.
Secure Web Gateway (SWG)
Systems to filter user-initiated internet traffic and enforce corporate and regulatory content policies.
Software-Defined Wide Area Network (SD-WAN)
A networking approach that uses software to control, optimize, and secure traffic routing across wide area networks.
Virtual Private Networks (VPN)
Systems that enable users to securely and privately browse public internet sites and access private networks across a public network.
Zero Trust Network Access (ZTNA)
Products that broker access to applications and network resources based on identity and context.
Organizations providing broad industry coverage, including analysis, events, news, and more.
Analysts
Firms and independent analysts covering cybersecurity companies and trends.
Books
Authors writing books about cybersecurity topics.
Events
Conferences and events related to cybersecurity.
News
Media and independent journalists covering cybersecurity news and events.
Publications
Magazines, journals, and other digital media about cybersecurity topics.
Physical Security
Measures and controls to protect people, assets, and facilities from physical actions and events that could cause serious loss or damage.
Connected Car Security
Protection of vehicle electronic systems, software, and data from malicious attacks.
Connected Home Security
Protection of home electronic systems, software, and data from malicious attacks.
Firmware Security
Protecting the firmware of computers or devices from compromise.
Internet of Things (IoT) Security
Security for Internet of Things (IoT) devices and connected networks.
Operational Technology (OT) Security
Tools to monitor and control the security of Operational Technology (OT) and Industrial Control Systems (ICS).
Security Operations
Practices, processes, and technologies to continuously monitor, assess, and defend IT infrastructure against cybersecurity threats and incidents.
Digital Forensics and Incident Response (DFIR)
Investigation of security incidents through the collection and analysis of digital evidence and implementation of measures to manage and mitigate their impact.
Cloud Investigationand Response Automation (CIRA)
Automated data collection and analysis across multi-cloud environments for cloud incident investigations.
Deception
Tools and techniques to deceive and catch attackers by imitating real assets as traps and decoys.
Forensics
Tracking and analysis of data on networks, mobile devices, computers, and storage devices for cybercrime investigations.
Intelligence
Collection, analysis, and dissemination of information about current and potential cyber threats and vulnerabilities.
Open Source Intelligence (OSINT)
Collection of publicly available data and information sources to provide actionable intelligence.
Threat Intelligence
Collection of intelligence used to understand current or future threats to an organization.
Intrusion Detection and Prevention
Technologies that monitor network and system activities for malicious actions or policy violations and automatically take actions to block or prevent potential incidents.
Canaries
Decoy data or systems strategically placed within a network to detect and alert on unauthorized access or malicious activity, functioning as an early warning system.
Honeypots
Decoy servers, systems, or data to attract and analyze attacks, helping to understand threat tactics and enhance network defenses.
Intrusion Detection System (IDS)/Intrusion Prevention System (IPS)
Systems to monitor and prevent network traffic using recognized security threat profiles.
Monitoring and Operations
Continuous surveillance and management of an organization's IT environment to detect, analyze, respond to, and mitigate cybersecurity threats and incidents.
Analytics
Data analytics platforms to proactively monitor and analyze security data.
Cybersecurity ETL
Processes and tools to extract, normalize, and enrich security data from multiple tools.
Employee Monitoring
Monitoring tools for logging and measuring employee activity and productivity.
Extended Detection and Response (XDR)
Systems to aggregate and analyze data to improve threat detection and incident response.
Platforms to visualize, monitor, optimize, troubleshoot, and report on the health and availability of networks.
Observability
Software for application and infrastructure monitoring, tracing, diagnostics, performance, and security.
Security Data Lakes
A centralized repository that stores large volumes of raw security data from various sources within commercial cloud data platforms, enabling advanced analytics and threat detection.
Tools to consolidate and correlate log data for identification of security incidents.
Security Orchestration, Automation, and Response (SOAR)
Automation to increase the speed, reliability, and accuracy of security operations workflows.
User and Entity Behavior Analytics (UEBA)
Processes and tools to detect threats based on patterns in user behavior.
Service Management
Planning, delivering, operating, and controlling information technology services offered to customers, focusing on aligning IT processes and services with business needs.
Asset Management
Processes and tools for identifying and managing IT assets and their potential security risks.
Configuration Management Database (CMDB)
A database for storing information about hardware and software assets. CMDBs are primarily used for IT Service Management; however, much of the data is applicable to security operations.
Patch and System Management
Processes and tools for keeping applications and infrastructure up to date with patches to address bugs and vulnerabilities.
Vulnerability Assessment and Management
Systematically identifying, evaluating, treating, and reporting on security vulnerabilities in systems and software to minimize the risk of attacks.
Attack Surface Management (ASM)
The continuous process of identifying, cataloging, monitoring, and minimizing exposed and potentially exploitable points in an organization's environment.
Cyber Range
Platforms for hands-on cybersecurity attack training and practice.
External Attack Surface Management (EASM)
Identifying, analyzing, and securing an organization's publicly exposed systems, services, and data to mitigate risks from external threats.
Penetration Testing
Intentional attacks on applications, networks, and infrastructure to identify exploitable vulnerabilities.
Social Engineering
Techniques to manipulate people into exposing confidential information, allowing unauthorized access, and other human-exploitable vulnerabilities.
Vulnerability Management and Testing
Processes and tools for discovering, classifying, prioritizing, and remediating software and infrastructure vulnerabilities.
Services
Specialized service offerings to protect digital assets, systems, and networks from cyber threats, vulnerabilities, and attacks.
Managed Services
Outsourcing of specific security processes or functions to a third-party provider, who manages and delivers these services under a contractual agreement.
Incident Response (IR)
specialized assistance from external experts to effectively manage and mitigate the impact of cybersecurity incidents to recover and minimize damage.
Managed Detection and Response (MDR)
Outsourced management and monitoring for advanced cybersecurity functions and systems, including threat intelligence, threat hunting, and incident response.
Managed Security Service Provider (MSSP)
Outsourced management and monitoring for basic cybersecurity functions and systems.
Outsourcing
External management of specific cybersecurity functions (typically operational tasks).
Professional Services
Specialized, knowledge-based services provided by experts in security strategy, implementation, or operations to support clients' specific business needs.
Boutique
Specialized cybersecurity, privacy, or risk consulting practices within small professional services firms.
Large
Cybersecurity, privacy, and risk consulting practices within large professional services firms.
Talent Marketplaces
Specialized platforms that connect freelancers or job seekers with organizations or individuals looking to hire specific security skills or expertise for short-term or project-based work.
Crowdsourcing
Public platforms for specific cybersecurity services, such as bug bounties.
Freelance Consulting
Platforms for short-term cybersecurity gigs or contracts for 1099 workers through an employer.
