Glossary

Common terms used within the Teleseer knowledge base and application.

General

ASN: a globally unique identifier that defines a group of one or more IP prefixes

bro/zeek: a powerful framework for network traffic analysis and security monitoring

CVE: Common Vulnerabilities and Exposures. Metric used to identify how insecure an Asset is. Values can be looked up at https://www.cve.org/

GreyNoise: a cybersecurity platform that collects and analyzes Internet-wide scan and attack traffic

IPinfo: an IP address geolocation lookup to include geographic location, company name, domain, and what type of company it is

PCAP: a network collection file containing packet data of network traffic

PCAPNG: PCAP next generation file. Similar to PCAP but contains additional metadata in packet header

RDNS: Reverse DNS lookup which is used to query the DNS to determine the domain name associated with an IP address

Accounts

DUA: Data Under Analysis is the total uncompressed amount of data that Teleseer has processed and stored for your account

Team: a collection of Projects that share a common access

User: an individual end user with access to one or more Teams

Application

Asset: a device that appears within the Topology

Broadcast Domain: the portion of the network sharing the same layer 2 segment in which all assets can reach other by broadcasting on this layer

External Hosts: Assets identified being in the public IP address space

Inspector: contains detailed information about the selected Asset or Timeline Session

Inventory: a table of Assets within the current Project

Projects: an object used to ingest uploaded files. Opening a Project will view the corresponding topology

Tag: a word used to identify a particular Project or Asset

Timeline: a historical listing of all sessions which occurred within the given file set

Topology: the reconstructed network diagram

Upload: an uploaded file (of a supported file type)

Vulnerable: this Asset has been identified has having a common vulnerability