The process of attacking vulnerability in a program is called exploiting.

When attackers use an external program or script to perform an attack, this attacking program is often called an exploit or exploit script.

For a system composed of software, users, and resources, you have a securitypolicy, which is simply a list of what's allowed and what's forbidden.

Security is often described as resting on three components: confidentiality (privacy), integrity (can’t alter data by 3rd party), and availability (resist DoS attacks.).

Auditing an application is the process of analyzing application code (in source or binary form) to uncover vulnerabilities that attackers might exploit.

Black box testing is a method of evaluating a software system by manipulating only its exposed interfaces.

This process of automated black box testing is called fuzz-testing, and fuzz-testing tools include generic "dumb" and protocol-aware "intelligent" fuzzers.