TAG Cyber
Services : Cybersecurity

TAG Cyber Taxonomy

The TAG Cyber Taxonomy includes major categories that correspond to state-of-the-art cybersecurity approaches. The taxonomy serves as a foundation for TAG Cyber Research as a Service (RaaS), Content as a Service (CaaS), and Advisory.

  • Application Security

    Protects applications from threats by identifying, fixing, and preventing security vulnerabilities in software.

    Application programming interface (API) security involves visibility and mitigation, often based on best practices, required to address vulnerabilities in web APIs.

    1.02 - Application Security Testing

    1.03 - Application Security Posture Management

    1.04 - Runtime Application Security

    1.05 - SBOM/SCA

    1.0

  • Attack Surface Management

    Reduces the opportunities for unauthorized access by minimizing the number of exploitable points in a system.

    2.01 - Bug Bounty Services

    2.02 - External Attack Surface Management

    2.03 - Automated Pen Testing/Red Teams

    2.04 - Breach and Attack Simulation

    2.05 - Security Ratings Platforms

    2.0

  • Authentication

    Authentication is the process of validating a reported identity, usually in the context of client and server interaction.

    3.01 - Biometrics

    3.02 - Multi-Factor Authentication

    3.03 - Passwordless Authentication

    3.04 - Password Management

    3.05 - Single Sign-On (SSO)

    3.0

  • Cloud Security

    Secures data and applications that operate in cloud environments against threats and unauthorized access.

    4.01 - Cloud Data Fragmentation

    4.02 - Cloud Infrastructure Entitlement Management

    4.03 - Cloud Security Posture Management

    4.04 - Cloud Workload Protection Program

    4.05 - MicroFragmentation

    4.0

  • Data Security

    Protects important data from unauthorized access, corruption, or theft throughout its lifecycle.

    5.01 - Cloud Data Security Posture Management

    5.02 - Data Access Governance

    5.03 - Data Discovery and Classification

    5.04 - Data Leakage Protection (DLP)

    5.05 - Data Privacy Platforms

    5.0

  • Email Security

    Shields email accounts and communications from cyber threats like phishing, scams, and malware

    6.01 - Anti-Phishing Tools

    6.02 - Domain-Based Message Authentication, Reporting, and Conformance (DMARC)

    6.03 - Email Encryption

    6.04 - Phish Testing and Training

    6.05 - Secure Email Gateway (SEG)

    6.0

  • Encryption and PKI

    Safeguards data by transforming it into unreadable formats for unauthorized users and managing digital certificates for secure communication.

    7.01 - Certification Authority (CA)

    7.02 - Data Encryption

    7.03 - Key and Secret Management

    Secure Sockets Layer (SSL), also known as Transport Layer Security (TLS), provides privacy, authentication, and data integrity for Internet sessions, and is supported by Certification Authorities (CAs).

    7.05 - Post-Quantum Cryptography

    7.0

  • Endpoint Security

    Defends devices like computers and mobile phones that connect to a network from threats.

    8.01 - Antivirus Software

    8.02 - Browser Isolation

    8.03 - Content Disarm and Reconstruction (CDR)

    8.04 - Endpoint Detection and Response (EDR)

    8.05 - Security Enhanced Browser

    8.0

  • Enterprise IT Infrastructure

    Protects the foundational technology systems of an organization from cyber risks including using inventory.

    9.01 - Asset Inventory

    9.02 - Backup Platform

    Database security involves the protection functions, often including encryption or masking, required to protect structured data from disclosure and integrity threats.

    9.04 - Insider Threat Protection

    9.05 - Secure Sharing and Collaboration

    9.0

  • Governance, Risk, and Compliance (GRC)

    Ensures that cybersecurity strategies align with laws, regulations, and internal policies while managing risks.

    10.01 - Continuous Compliance

    10.02 - Cyber Insurance

    10.03 - Incident Reporting

    10.04 - GRC Platform

    10.05 - Risk Management Platform

    10.0

  • Identity and Access Management (IAM)

    Controls user access to critical information within an organization, preventing unauthorized access.

    11.01 - Authorization

    11.02 - IAM Platforms

    11.03 - Identity, Anti-Fraud, and KYC

    11.04 - Identity Governance and Administration (IGA)

    11.05 - Privileged Access Management (PAM)

    11.0

  • Security Operations and Response

    Involves the continuous monitoring and analysis of an organization's security posture to manage and respond to incidents

    12.01 - Data Forensics and eDiscovery

    12.02 - Incident Response

    12.03 - SIEM Platforms

    12.04 - SOC/SOAR Support

    12.05 - Threat Hunting

    12.0

  • Managed Security Services

    Outsourced monitoring and management of security systems and devices to improve an organization's security posture.

    13.01 - DDOS Security

    13.02 - Managed Detection and Response

    13.03 - Managed Security Services Platform

    13.04 - Network Detection and Response

    13.05 - XDR Services

    13.0

  • Mobility Security

    Protects mobile devices and the networks they connect to from threats related to wireless communication.

    14.01 - IOT Security

    14.02 - Mobile App Security

    14.03 - Mobile Device Management (MDM)

    14.04 - Mobile Device Security

    14.05 - Mobility Infrastructure Security

    14.0

  • Network Security

    Protects the integrity, confidentiality, and accessibility of network and data through both hardware and software technologies.

    15.01 - Network Access Control (NAC)

    15.02 - Next-Generation Firewalls

    15.03 - Secure Access Service Edge (SASE)

    15.04 - Virtual Private Network (VPN) Services

    15.05 - Zero Trust Network Access (ZTNA)

    15.0

  • Operational Technology Security

    Secures industrial control systems and related infrastructure from cyber threats that can affect physical operations.

    16.01 - ICS/OT Device Security

    16.02 - ICS/OT Visibility

    16.03 - Unidirectional Gateways

    16.04 - Vehicle Security

    16.05 - Zero Trust OT

    16.0

  • Security Professional Services

    Provides expertise and consulting to develop and implement comprehensive cybersecurity strategies.

    17.01 - Penetration Testing

    17.02 - Security Assessment

    17.03 - Security Industry Research and Advisory

    17.04 - Security Training

    17.05 - Value Added Resellers

    17.0

  • Software Lifecycle Security

    Ensures that security is integrated at every stage of software development, from design to deployment and maintenance.

    18.01 - AI/MLOps Security

    18.02 - Container/Kubernetes Security

    18.03 - Container Scanning

    DevOps Security references the technology and process enhancements used to integrate cybersecurity into the modern software development lifecycle.

    Infrastructure as Code (IaC) Security involves addressing cybersecurity risks during the management and provisioning of virtual systems through machine-readable files.

    18.0

  • Threat and Vulnerability Management

    Identifies, assesses, and prioritizes the remediation of software vulnerabilities and threats to an organization.

    19.01 - Digital Risk Protection (DRP)

    19.02 - Security Scanning

    19.03 - Third-Party Risk Management

    19.04 - Threat and Vulnerability Platform

    19.05 - Threat intelligence

    19.0

  • Web security

    Protects web-based systems and applications from cyber threats such as hacking and malware.

    20.01 - Bot Management

    20.02 - Content Security

    20.03 - Secure Web Gateway (SWG)

    20.04 - Web Application Firewall (WAF)

    20.05 - Website scanning

    20.0