A mechanism used in computer security used to detect or counteract unauthorized access of information systems.
Points in a software environment where an attacker can attempt to enter or extract data from the system.