Managed security services (MSS) is a systematic approach to managing an organization's security needs. The services may be conducted in house or outsourced to a service provider that oversees other companies' network and information system security. Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies. There are products available from a number of vendors to help organize and guide the procedures involved. This diverts the burden of performing the chores manually, which can be considerable, away from administrators.
Machine learning is the use of algorithms to learn and generate new findings from a large set of data. As a science, machine learning evolved from pattern recognition and computational learning theory, and is now used to analyze large data sets and generate findings from these sets.
Next-generation antivirus is a marketing term applied by some EDR vendors to attempt to differentiate from legacy antivirus solutions. Unfortunately, NGAV technologies allow attacker bypass which is often too late to prevent damanag and loss

Lateral movement usually involves activities related to reconnaissance, credentials stealing, and infiltrating other computers.

The kernel is a computer program that is the core of a computer's operating system, with complete control over everything in the system. It is the first program loaded on start-up. It handles the rest of start-up as well as input/output requests from software, translating them into data-processing instructions for the central processing unit. It handles memory and peripherals like keyboards, monitors, printers, and speakers. Security companies that provide kernel-level protection can protect against hte most advanced and targeted cyber attacks.
Incident response threat hunting is a new method to help companies figure out if they are under attack in real-time, before damage and loss of critical assets
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
Indicators of Compromise (IOC) are pieces of forensic data, such as data found in system log entries or files, that identify potentially malicious activity on a system or network.
Heuristics is a scanning method that looks for malware-like behavior patterns. It is commonly used to detect new or not-yet-known malware.
Hash values can be thought of as fingerprints for files. The contents of a file are processed through a cryptographic algorithm, and a unique numerical value – the hash value - is produced that identifies the contents of the file. If the contents are modified in any way, the value of the hash will also change significantly. Two algorithms are currently widely used to produce hash values: the MD5 and SHA1 algorithms.