A payload is the action that a threat performs, apart from its main behavior. Payloads can range from stealing personal information to deleting the contents of a hard drive.
Obfuscation refers to the process of concealing something important, valuable, or critical. Cybercriminals use obfuscation to conceal information such as files to be downloaded, sites to be visited, etc.
A memory-resident program has the ability to stay in the computer’s memory after execution and to continuously run. Typically backdoors stay in memory to await commands, as do . file infectors to infect files as they are opened. Some worms stay in memory to continually send email.
A malwareless attack is one in which an attacker uses existing software, allowed applications and authorized protocols to carry out malicious activities. Non-malware attacks are capable of gaining control of computers without downloading any malicious files, hence the name. Malwareless attacks are also referred to as fileless, memory-based or “living-off-the-land” attacks.
Malware is a general category of malicious code that includes viruses, worms and Trojan horse programs.
Managed security services (MSS) is a systematic approach to managing an organization's security needs. The services may be conducted in house or outsourced to a service provider that oversees other companies' network and information system security. Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies. There are products available from a number of vendors to help organize and guide the procedures involved. This diverts the burden of performing the chores manually, which can be considerable, away from administrators.
Machine learning is the use of algorithms to learn and generate new findings from a large set of data. As a science, machine learning evolved from pattern recognition and computational learning theory, and is now used to analyze large data sets and generate findings from these sets.
Next-generation antivirus is a marketing term applied by some EDR vendors to attempt to differentiate from legacy antivirus solutions. Unfortunately, NGAV technologies allow attacker bypass which is often too late to prevent damanag and loss

Lateral movement usually involves activities related to reconnaissance, credentials stealing, and infiltrating other computers.