The terms
we actually
use.

Advanced phishing technique where the attacker interposes a proxy between the victim and the legitimate service (Microsoft 365, Google Workspace). The proxy captures the password AND the post-MFA session cookie in real time, bypassing classical TOTP or SMS MFA.

A family of attacks that consists in compromising a professional mailbox — or impersonating one — to obtain fraudulent bank transfers, intercept commercial correspondence, or steal sensitive data. Among the most profitable attack vectors observed in 2026.

A secure physical site that brings together the servers, storage, network and redundant cooling and power systems required to operate an information system reliably. Hexceos operates its own multi-site datacenter in France.

French cybersecurity risk-analysis method published and maintained by ANSSI. Its latest version, EBIOS Risk Manager (2018), structures analysis into five workshops — framing, risk sources, strategic scenarios, operational scenarios, risk treatment.

An EDR (Endpoint Detection and Response) solution continuously monitors endpoints — workstations and servers — to detect, analyse and respond to malicious behaviour, going beyond what a traditional antivirus can see.

European regulation 2016/679, applicable since 25 May 2018. Governs the collection and processing of personal data of EU residents — purposes, legal basis, retention, data subject rights, obligations of the controller and its processors.

Mandatory French certification for any organisation hosting personal health data, framed by the 26 February 2018 decree. Covers six distinct scopes (sites, hardware, platform, virtualisation, administration, backup) and applies to any provider that handles health data, including foreign ones serving French customers.

International standard that defines the requirements for establishing, operating and continuously improving an Information Security Management System (ISMS). Certification is delivered by an accredited body after an initial audit followed by annual surveillance audits.

Quebec law assented to in September 2021, progressively in force since 2022 and fully effective since September 2024. Governs the collection, use and sharing of personal information in Quebec, with a sanctions regime equivalent to the European GDPR.

Authentication method that requires at least two distinct factors to verify a user's identity. Typically combines something you know (password), something you have (key, smartphone) and something you are (biometrics).

Open knowledge base that maps the tactics, techniques and procedures (TTPs) used by adversaries observed in the wild. The global reference framework to structure detection engineering, threat hunting and security control evaluation.

MTTR (Mean Time To Respond) measures the average time between a security alert being raised and the start of a qualified response — containment, isolation, or active investigation. It is the single most useful operational metric to compare two SOC offers.

European Directive 2022/2555, known as "NIS2", mandates cybersecurity measures for essential and important entities across 18 critical sectors (energy, healthcare, transport, finance, digital infrastructure, etc.). Transposed into French law in 2025, with personal liability for executives.

Canadian federal law on the protection of personal information in the private sector, in force since 2000. Governs the collection, use and disclosure of personal data by private commercial organisations in Canada, in complement to provincial-specific laws.

A SIEM collects, normalises and stores logs and security events from across an IT estate, then provides search, correlation and reporting capabilities. It is the long-term memory of a security operations team and the backbone of many compliance requirements.

A Security Operations Center is a team — combined with tools and processes — that monitors security telemetry continuously, qualifies alerts, and responds to incidents. A managed SOC delivers this capability as a service for organisations that cannot run one internally 24/7.

An XDR (Extended Detection and Response) platform unifies telemetry from endpoints, cloud workloads, identity providers, network and email, then applies behavioural detection across silos to spot multi-vector attacks early.

Remote-access model that replaces the traditional VPN with continuous authentication and least-privilege access enforced application by application. No user is implicitly trusted, even inside the corporate network.