SIEM | Security Information and Event Management |
DoS | Denial of Service |
PKCS | Public Key Cryptography Standards |
PPTP | Point-to-Point Tunneling Protocol |
SAE | Simultaneous Authentication of Equals |
SFTP | Secured File Transfer Protocol |
SHA | Secure Hashing Algorithm |
TTP | Tactics, Techniques, and Procedures |
L2TP | Layer 2 Tunneling Protocol |
MSP | Managed Service Provider |
P12 | PKCS #12 |
HDD | Hard Disk Drive |
HVAC | Heating, Ventilation Air Conditioning |
NAC | Network Access Control |
URI | Uniform Resource Identifier |
API | Application Programming Interface |
CYOD | Choose Your Own Device |
DSL | Digital Subscriber Line |
ECB | Electronic Code Book |
IoC | Indicators of Compromise |
IR | Incident Response |
PAT | Port Address Translation |
GCM | Galois Counter Mode |
IaC | Infrastructure as Code |
ESP | Encapsulated Security Payload |
ML | Machine Learning |
OVAL | Open Vulnerability Assessment Language |
PBKDF2 | Password-based Key Derivation Function 2 |
WPA | Wi-Fi Protected Access |
CMS | Content Management System |
MTU | Maximum Transmission Unit |
NGFW | Next-generation Firewall |
DNS | Domain Name System |
OSPF | Open Shortest Path First |
RTOS | Real-time Operating System |
SOAR | Security Orchestration, Automation, Response |
XOR | Exclusive Or |
BPDU | Bridge Protocol Data Unit |
PHI | Personal Health Information |
CIO | Chief Information Officer |
OT | Operational Technology |
SLE | Single Loss Expectancy |
AV | Antivirus |
NIPS | Network-based Intrusion Prevention System |
Authentication | Protocol |
TSIG | Transaction Signature |
SPF | Sender Policy Framework |
UTM | Unified Threat Management |
APT | Advanced Persistent Threat |
GPG | Gnu Privacy Guard |
GRE | Generic Routing Encapsulation |
LEAP | Lightweight Extensible Authentication Protocol |
S/MIME | Secure/Multipurpose Internet Mail Extensions |
ASLR | Address Space Layout Randomization |
CASB | Cloud Access Security Broker |
BIOS | Basic Input/Output System |
OID | Object Identifier |
POP | Post Office Protocol |
HIPS | Host-based Intrusion Prevention System |
CSRF | Cross-site Request Forgery |
IDEA | International Data Encryption Algorithm |
ESN | Electronic Serial Number |
HTTP | Hypertext Transfer Protocol |
OSINT | Open-source Intelligence |
OTA | Over the Air |
SSH | Secure Shell |
DLP | Data Loss Prevention |
EDR | Endpoint Detection and Response |
MTTF | Mean Time to Failure |
URL | Universal Resource Locator |
BIA | Business Impact Analysis |
WIPS | Wireless Intrusion Prevention System |
NTP | Network Time Protocol |
SDLC | Software Development Lifecycle |
SQLi | SQL Injection |
XSRF | Cross-site Request Forgery |
MFD | Multifunction Device |
PBX | Private Branch Exchange |
SCAP | Security Content Automation Protocol |
SRTP | Secure Real-Time Protocol |
SSD | Solid State Drive |
CAR | Corrective Action Report |
IdP | Identity Provider |
ISP | Internet Service Provider |
NFC | Near Field Communication |
CSU | Channel Service Unit |
MSSP | Managed Security Service Provider |
NTFS | New Technology File System |
PFS | Perfect Forward Secrecy |
WIDS | Wireless Intrusion Detection System |
ATT&CK | Adversarial Tactics, Techniques, and Common Knowledge |
DAC | Discretionary Access Control |
MDF | Main Distribution Frame |
SED | Self-encrypting Drives |
HSM | Hardware Security Module |
MOU | Memorandum of Understanding |
PSK | Pre-shared Key |
RTBH | Remotely Triggered Black Hole |
SAN | Subject Alternative Name |
SCEP | Simple Certificate Enrollment Protocol |
VTC | Video Teleconferencing |
WAP | Wireless Access Point |
NDA | Non-disclosure Agreement |
TACACS+ | Terminal Access Controller Access Control System |
MTTR | Mean Time to Recover |
SCADA | Supervisory Control and Data Acquisition |
CCTV | Closed-circuit Television |
USB | OTG USB On the Go |
WO | Work Order |
CHAP | Challenge Handshake Authentication Protocol |
DEP | Data Execution Prevention |
GPO | Group Policy Object |
IaaS | Infrastructure as a Service |
MFA | Multifactor Authentication |
PaaS | Platform as a Service |
PAP | Password Authentication Protocol |
SMTP | Simple Mail Transfer Protocol |
SWG | Secure Web Gateway |
TGT | Ticket Granting Ticket |
WAF | Web Application Firewall |
ARP | Address Resolution Protocol |
COOP | Continuity of Operation Planning |
FRR | False Rejection Rate |
GPU | Graphics Processing Unit |
OCSP | Online Certificate Status Protocol |
PAM | Pluggable Authentication Modules |
STIX | Structured Threat Information eXchange |
NIST | National Institute of Standards & Technology |
OAUTH | Open Authorization |
ECC | Elliptic Curve Cryptography |
SD-WAN | Software-defined Wide Area Network |
SMTPS | Simple Mail Transfer Protocol Secure |
DKIM | DomainKeys Identified Mail |
MDM | Mobile Device Management |
CERT | Computer Emergency Response Team |
EAP | Extensible Authentication Protocol |
UAV | Unmanned Aerial Vehicle |
VPC | Virtual Private Cloud |
TPM | Trusted Platform Module |
CIA | Confidentiality, Integrity, Availability |
IAM | Identity and Access Management |
MMS | Multimedia Message Service |
CP | Contingency Planning |
CRC | Cyclical Redundancy Check |
FTPS | Secured File Transfer Protocol |
ICS | Industrial Control Systems |
PPP | Point-to-Point Protocol |
RTP | Real-time Transport Protocol |
SOC | Security Operations Center |
XML | Extensible Markup Language |
CVSS | Common Vulnerability Scoring System |
MSA | Master Service Agreement |
TOTP | Time-based One-time Password |
AIS | Automated Indicator Sharing |
DDoS | Distributed Denial of Service |
DES | Digital Encryption Standard |
CAPTCHA | Completely Automated Public Turing Test to Tell Computers and Humans Apart |
GPS | Global Positioning System |
PCI | DSS Payment Card Industry Data Security Standard |
PUP | Potentially Unwanted Program |
WEP | Wired Equivalent Privacy |
MFP | Multifunction Printer |
SAML | Security Assertions Markup Language |
RAID | Redundant Array of Inexpensive Disks |
RDP | Remote Desktop Protocol |
RTO | Recovery Time Objective |
SDLM | Software Development Lifecycle Methodology |
TLS | Transport Layer Security |
CIRT | Computer Incident Response Team |
P2P | Peer to Peer |
PCAP | Packet Capture |
ALE | Annualized Loss Expectancy |
FDE | Full Disk Encryption |
LDAP | Lightweight Directory Access Protocol |
MTBF | Mean Time Between Failures |
OS | Operating System |
PAC | Proxy Auto Configuration |
PKI | Public Key Infrastructure |
SaaS | Software as a Service |
SoC | System on Chip |
PED | Personal Electronic Device |
VDI | Virtual Desktop Infrastructure |
HA | High Availability |
SNMP | Simple Network Management Protocol |
SPIM | Spam over Internet Messaging |
UEM | Unified Endpoint Management |
ACL | Access Control List |
DHCP | Dynamic Host Configuration Protocol |
DMARC | Domain Message Authentication Reporting and Conformance |
MBR | Master Boot Record |
BGP | Border Gateway Protocol |
ICMP | Internet Control Message Protocol |
IRC | Internet Relay Chat |
POTS | Plain Old Telephone Service |
RACE | Research and Development in Advanced Communications Technologies in Europe |
VDE | Virtual Desktop Environment |
VoIP | Voice over IP |
FACL | File System Access Control List |
UDP | User Datagram Protocol |
VM | Virtual Machine |
AES-256 | Advanced Encryption Standards 256-bit |
DSA | Digital Signature Algorithm |
TCP/IP | Transmission Control Protocol/Internet Protocol |
IEEE | Institute of Electrical and Electronics Engineers |
RFID | Radio Frequency Identifier |
IPS | Intrusion Prevention System |
KDC | Key Distribution Center |
MSCHAP | Microsoft Challenge Handshake |
AES | Advanced Encryption Standard |
IKE | Internet Key Exchange |
PTZ | Pan-tilt-zoom |
RC4 | Rivest Cipher version 4 |
IDS | Intrusion Detection System |
IV | Initialization Vector |
AI | Artificial Intelligence |
PII | Personally Identifiable Information |
COPE | Corporate Owned, Personally Enabled |
DLL | Dynamic Link Library |
SASE | Secure Access Service Edge |
SMS | Short Message Service |
SOAP | Simple Object Access Protocol |
CTM | Counter Mode |
EFS | Encrypted File System |
IM | Instant Messaging |
ISSO | Information Systems Security Officer |
IMAP | Internet Message Access Protocol |
IP | Internet Protocol |
SHTTP | Secure Hypertext Transfer Protocol |
SOW | Statement of Work |
XSS | Cross-site Scripting |
ERP | Enterprise Resource Planning |
GDPR | General Data Protection Regulation |
MOA | Memorandum of Agreement |
RAS | Remote Access Server |
SEH | Structured Exception Handler |
BASH | Bourne Again Shell |
BPA | Business Partners Agreement |
HMAC | Hashed Message Authentication Code |
IDF | Intermediate Distribution Frame |
PDU | Power Distribution Unit |
CSO | Chief Security Officer |
IoT | Internet of Things |
RAD | Rapid Application Development |
CRL | Certificate Revocation List |
CSR | Certificate Signing Request |
IPSec | Internet Protocol Security |
SE | Linux Security-enhanced Linux |
UTP | Unshielded Twisted Pair |
HIDS | Host-based Intrusion Detection System |
SQL | Structured Query Language |
WTLS | Wireless TLS |
AP | Access Point |
DPO | Data Privacy Officer |
LAN | Local Area Network |
PGP | Pretty Good Privacy |
CA | Certificate Authority |
CSP | Cloud Service Provider |
TOC | Time-of-check |
XDR | Extended Detection and Response |
ECDSA | Elliptic Curve Digital Signature Algorithm |
TAXII | Trusted Automated eXchange of Indicator Information |
VLAN | Virtual Local Area Network |
FTP | File Transfer Protocol |
MAN | Metropolitan Area Network |
UPS | Uninterruptable Power Supply |
MAC | Message Authentication Code |
CBC | Cipher Block Chaining |
PEM | Privacy Enhanced Mail |
VLSM | Variable Length Subnet Masking |
DRP | Disaster Recovery Plan |
FIM | File Integrity Management |
MaaS | Monitoring as a Service |
NAT | Network Address Translation |
RBAC | Rule-based Access Control |
TOU | Time-of-use |
ARO | Annualized Rate of Occurrence |
CVE | Common Vulnerability Enumeration |
ISO | International Standards Organization |
NIDS | Network-based Intrusion Detection System |
RA | Registration Authority |
DBA | Database Administrator |
MD5 | Message Digest 5 |
RPO | Recovery Point Objective |
SDN | Software-defined Networking |
CFB | Cipher Feedback |
DHE | Diffie-Hellman Ephemeral |
ECDHE | Elliptic Curve Diffie-Hellman Ephemeral |
AH | Authentication Header |
HTML | Hypertext Markup Language |
PIV | Personal Identity Verification |
SLA | Service-level Agreement |
AAA | Authentication, Authorization, and Accounting |
TKIP | Temporal Key Integrity Protocol |
VBA | Visual Basic |
CTO | Chief Technology Officer |
MPLS | Multi-protocol Label Switching |
NTLM | New Technology LAN Manager |
RAT | Remote Access Trojan |
RSA | Rivest, Shamir, & Adleman |
SIM | Subscriber Identity Module |
RIPEMD | RACE Integrity Primitives Evaluation Message Digest |
SDK | Software Development Kit |
SSO | Single Sign-on |
AUP | Acceptable Use Policy |
DNAT | Destination Network Address Translation |
FPGA | Field Programmable Gate Array |
HOTP | HMAC-based One-time Password |
ROI | Return on Investment |
SSL | Secure Sockets Layer |
UAT | User Acceptance Testing |
VPN | Virtual Private Network |
BCP | Business Continuity Planning |
KEK | Key Encryption Key |
PEAP | Protected Extensible Authentication Protocol |
BYOD | Bring Your Own Device |
CCMP | Counter Mode/CBC-MAC Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
IRP | Incident Response Plan |
RADIUS | Remote Authentication Dial-in User Service |
UEFI | Unified Extensible Firmware Interface |
WPS | Wi-Fi Protected Setup |