Merge pull request #209 from OWASP/develop

merge master
OWASP · May 30, 2024 · f1cf662 · f1cf662
2 parents 15135b0 + a8bb4fb
commit f1cf662
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 14 deletions.
diff --git a/docs/glossary.md b/docs/glossary.md
@@ -53,23 +53,34 @@ comments: false
 
 ## A {#a}
 
-[]()
+
+[Adversarial attack](#adversarial_attack)  
+Type of attack which seeks to trick machine learning models into misclassifying inputs by maliciously tampering with input data
 
 ## B {#b}
 
 []()
 
 ## C {#c}
 
-[]()
+[Classification](#classification)  
+Process of arranging things in groups which are distinct from each other, and are separated by clearly determined lines of demarcation
 
 ## D {#d}
 
-[]()
+[Data labeling](#data_labeling)  
+Process of assigning tags or categories to each data point in a dataset
+
+[Data poisoning](#data_poisoning)  
+Type of attack that inject poisoning samples into the data
+
+[Deep learning](#deep_learning)  
+Family of machine learning methods based on artificial neural networks with long chains of learnable causal links between actions and effects
 
 ## E {#e}
 
-[]()
+[Ensemble](#ensemble)  
+See: [Model Ensemble](#model_ensemble)
 
 ## F {#f}
 
@@ -85,7 +96,14 @@ comments: false
 
 ## I {#i}
 
-[]()
+[Input Validation](#input_validation)  
+Input validation is a technique for checking potentially dangerous inputs in order to ensure that the inputs are safe for processing within the code, or when communicating with other components
+
+[Intrusion Detection Systems (IDS)](#ids)  
+Security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner
+
+[Intrusion Prevention System (IPS)](#ips)  
+System that can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets
 
 ## J {#j}
 
@@ -101,39 +119,54 @@ comments: false
 
 ## M {#m}
 
-[]()
+[MLOps](#mlops)  
+The selection, application, interpretation, deployment, and maintenance of machine learning models within an AI-enabled system
+
+[Model](#model)  
+Detailed description or scaled representation of one component of a larger system that can be created, operated, and analyzed to predict actual operational characteristics of the final produced component
+
+[Model ensemble](#model_ensemble)  
+Art of combining a diverse set of learners (individual models) together to improvise on the stability and predictive power of the model
 
 ## N {#n}
 
 []()
 
 ## O {#o}
 
-[]()
+[Obfuscation](#obfuscation)  
+Defense mechanism in which details of the model or training data are kept secret by adding a large amount of valid but useless information to a data store 
+
+[Overfitting](#overfitting)  
+Overfitting is when a statistical model begins to describe the random error in the data rather than the relationships between variables. This occurs when the model is too complex
 
 ## P {#p}
 
-[]()
+[Perturbation](#perturbation)  
+Noise added to an input sample
 
 ## Q {#q}
 
 []()
 
 ## R {#r}
 
-[]()
+[Regularisation](#regularisation)  
+Controlling model complexity by adding information in order to solve ill-posed problems or to prevent overfitting
 
 ## S {#s}
 
-[]()
+[Spam](#spam)  
+The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages
 
 ## T {#t}
 
 []()
 
 ## U {#u}
 
-[]()
+[Underfitting](#underfitting)  
+Underfitting is when a data model is unable to capture the relationship between the input and output variables accurately, generating a high error rate on both the training set and unseen data
 
 ## V {#v}
 

diff --git a/...ecurity Top 10 - A Practical Approach.pdf → ...ecurity Top 10 - A Practical Approach.pdf b/...ecurity Top 10 - A Practical Approach.pdf → ...ecurity Top 10 - A Practical Approach.pdf
diff --git a/tab_glossary.md b/tab_glossary.md
@@ -77,6 +77,9 @@ Process of assigning tags or categories to each data point in a dataset
 [Data poisoning](#data_poisoning)  
 Type of attack that inject poisoning samples into the data
 
+[Deep learning](#deep_learning)  
+Family of machine learning methods based on artificial neural networks with long chains of learnable causal links between actions and effects
+
 ## E {#e}
 
 [Ensemble](#ensemble)  
@@ -96,11 +99,14 @@ See: [Model Ensemble](#model_ensemble)
 
 ## I {#i}
 
+[Input Validation](#input_validation)  
+Input validation is a technique for checking potentially dangerous inputs in order to ensure that the inputs are safe for processing within the code, or when communicating with other components
+
 [Intrusion Detection Systems (IDS)](#ids)  
-Security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner.
+Security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner
 
 [Intrusion Prevention System (IPS)](#ips)  
-System that can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets.
+System that can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets
 
 ## J {#j}
 
@@ -139,7 +145,8 @@ Overfitting is when a statistical model begins to describe the random error in t
 
 ## P {#p}
 
-[]()
+[Perturbation](#perturbation)  
+Noise added to an input sample
 
 ## Q {#q}