[Glossary]

The language of AI security.

60 plain-language definitions for the agent era, from agents and MCP to compliance, and how Cerbera fits into each.

AI Security

20 terms

Core concepts for securing AI across every surface.

Agent
Software that uses an AI model to plan and take actions on your behalf, calling tools, reading data, and chaining steps with limited human oversight.
Agentic AI
AI that acts autonomously toward a goal. Because it reads, calls tools, and takes actions, the blast radius of a mistake reaches far beyond a single chat reply.
AI client
Any application a person uses to reach an AI model, such as a coding assistant, a chatbot, or a browser extension.
AI firewall
A control point that inspects every prompt, response, and tool call in real time, then blocks or redacts anything that breaks policy.
AI gateway
A single layer that all AI traffic flows through so it can be inspected, governed, and logged in one place. See Transparent proxy.
Browser AI
AI features and chatbots used inside the web browser, where most employees interact with AI day to day, and where many point tools have no visibility.
Coding agent
An AI client that reads and writes code and runs commands in the IDE, CLI, or CI, such as Cursor, Claude Code, or Copilot.
Guardrails
Rules and filters that constrain what an AI system can receive or produce, such as blocking secrets or filtering unsafe output.
Hallucination
When a model produces confident output that is factually wrong or entirely fabricated.
Large language model (LLM)
An AI model trained on large text corpora that generates and reasons over natural language, such as GPT, Claude, or Gemini.
MCP (Model Context Protocol)
An open protocol that lets AI clients connect to external tools and data sources in a standard way.
MCP server
A service that exposes tools or data to AI clients over MCP. A rogue or over-permissioned one can inherit broad access to internal systems.
Model
The underlying AI that turns a prompt into a response, whether hosted, local, or embedded inside a product feature.
Prompt
The input sent to an AI model, including the user text, the system instructions, and any attached context.
Retrieval-augmented generation (RAG)
Supplying a model with relevant documents at query time so its answers are grounded in your own data.
Redaction
Replacing a sensitive value in a prompt, such as a secret or PII, with a placeholder before it reaches the model, so work continues without leaking data.
Surfaces
The places AI meets your data: models, MCP servers, the browser, and AI clients. Cerbera governs all four from one proxy.
System prompt
The hidden instructions that set a model's role and rules before any user input is added.
Tool call
When an agent invokes an external function or MCP tool to read data or take an action in the real world.
Transparent proxy
A proxy that inspects traffic in line with negligible latency, so users never notice it. Cerbera runs as one on the endpoint.

Threats & Risks

10 terms

How AI gets misused, and the data that leaks when it does.

Data exfiltration
Sensitive data leaving your control, often when an employee pastes secrets, source code, or regulated data into an AI tool.
Indirect prompt injection
A prompt injection hidden inside content the model later reads, such as a web page, a file, or a tool result, rather than typed by the user.
Jailbreak
A crafted input that bypasses a model's safety or policy restrictions to make it do something it should refuse.
Prompt injection
An attack that smuggles instructions into a prompt to make the model ignore its rules or take unintended actions.
Rogue MCP server
An unapproved or malicious MCP server that connects to AI clients and can exfiltrate data or gain access no one sanctioned.
Secrets
Credentials such as API keys, tokens, and passwords that must never reach an external model.
Sensitive data exposure
When confidential data is left accessible or sent somewhere it should not be, such as into an AI prompt or an over-permissioned tool.
Shadow AI
AI tools, agents, and MCP servers adopted without approval, spreading faster than any review process can track.
Software supply chain security
Securing the third-party code, packages, models, and MCP servers your systems depend on, including the ones an agent pulls in.
Zero-day vulnerability
A flaw that is exploited before a fix exists, leaving no time to patch in advance.

Security Controls

16 terms

The safeguards that keep AI usage inside the lines.

Audit trail
A tamper-evident record of who did what and when, used to prove controls work and to investigate incidents.
Continuous monitoring
Always-on checking of controls and posture so drift and new risks are caught between audits, not after them.
Data loss prevention (DLP)
Detecting and stopping sensitive data from leaving the organization. In the AI era this happens at the prompt level, before data reaches a model.
Endpoint detection and response (EDR)
Software that monitors endpoints for malicious activity and lets teams investigate and respond.
Encryption at rest
Protecting stored data by encrypting it so it is unreadable without the keys.
Encryption in transit
Protecting data as it moves across networks, typically with TLS.
Fine-grained access control
Deciding exactly who can use which AI, with which data, on which surface, enforced automatically by team, role, and data type.
Identity and access management (IAM)
The systems and policies that govern who can access what, and how identities are authenticated and authorized.
Least privilege
Granting each user, service, or agent only the access it needs, and nothing more.
MDM (Mobile Device Management)
Software for centrally deploying and configuring applications across a fleet of company devices. Cerbera deploys and removes through any MDM in one click.
Multi-factor authentication (MFA)
Requiring two or more independent factors to sign in, so a stolen password alone is not enough.
Penetration testing
An authorized simulated attack that finds exploitable weaknesses before real attackers do.
Role-based access control (RBAC)
Granting permissions by role rather than to individuals, so access stays consistent and easy to review.
SIEM
Security Information and Event Management: a platform that aggregates logs and security events to detect and investigate threats. Cerbera streams AI signals to your SIEM.
Vulnerability scanning
Automated checks that find known weaknesses in systems and software.
Zero trust
A security model that trusts no request by default and verifies every access, regardless of network location.

Compliance & Frameworks

10 terms

The standards and regulations that govern AI and security.

EU AI Act
The European Union regulation that classifies AI systems by risk and sets transparency, human oversight, and documentation obligations.
GDPR
The European Union regulation governing how personal data is collected, processed, transferred, and protected.
GRC (Governance, Risk, and Compliance)
The discipline of aligning security controls with business risk and regulatory obligations.
ISMS
Information Security Management System: the set of policies, processes, and controls that manage information security risk, as defined by ISO 27001.
ISO 27001
The international standard for an information security management system, covering controls across people, process, and technology.
ISO 42001
The international standard for an AI management system, covering AI risk treatment, governance, and continual improvement.
NIST Cybersecurity Framework (CSF)
A widely used framework that organizes security work into Identify, Protect, Detect, Respond, and Recover.
Risk assessment
Identifying, analyzing, and prioritizing risks so you can decide which to treat first.
SOC 2
An attestation that a company meets trust service criteria for security, availability, confidentiality, processing integrity, and privacy.
Vendor risk management
Assessing and monitoring the security of third parties, including the AI vendors your company adopts.

Cerbera Platform

4 terms

Terms specific to Cerbera and how it is built.

Bastion
The managed security company behind Cerbera, which runs SOC 2 and ISO 27001 programs for startups and SMBs.
Cerbera
The security platform for the agent era. Discover, secure, and govern every AI model, agent, and MCP server from one transparent proxy. Built by Bastion.
Forward-deployed engineering
Cerbera engineers who work as an extension of your team to integrate, customize, and ship, instead of leaving you with software alone.
Managed policy engine
A catalog of pre-built policies, authored and kept current by Cerbera's team, with audit-ready evidence for ISO 42001, the EU AI Act, and SOC 2.

[Go deeper]

See these terms in action.

Read the Agentic AI Security Framework, or book a demo to see how Cerbera secures every surface.