[REFERENCE] InfoSec Abbreviations 🔡

Published by Alicia's Notes 🚀, View original

Background: While getting started in information security, I kept coming across acronyms I wasn't familiar with/ had forgotten. So I have started compiling a list, for future reference. I will keep this list updated, as I go along 😚

Common InfoSec Abbreviations

  • AES: Advanced Encryption Standard
  • C2: Command & Control (sometimes CC)
  • CBSP: Cloud-Based Security Providers
  • CSP: Content Security Policy
  • CORS: Cross-Origin Resource Sharing
  • CVSS: Common Vulnerability Scoring System
  • DAST: Dynamic Application Security Testing
  • DLP: Data-loss Prevention
  • DDoS: Distributed Denial of Service
  • DES: Data Encryption Standard
  • DOS: Dinial of Service
  • DSA: Digital Signature Algorithm
  • EDR: Endpoint Detection & Response
  • IPSec: Internet Protocol Security
  • IIoT: (Industrial) Internet of Things
  • MFA: Multi-Factor Authentication
  • PAM: Privilege Access Management
  • PIM: Privilege Identity Management
  • RAT: Remote Adimistration Tool
  • SAST: Static Application Security Testing
  • SPF: Sender Policy Framework
  • SSE: Server-Side Encryption
  • STS: Security Token Service
  • TLS: Transport Layer Security
  • WAF: Web Application Firewall
  • WAP: Web Application Protection
  • XSS: Cross-Site Scripting

Of course, there are other, much more complete glossaries, but they can get overwhelming- these are the basics, and my personal resource. For some much more complete lists, see:

🡆 A lot of acronyms: via InfoSec Matter
🡆 Glossary of Terms: via NICCS (National Initiative for Cybersecurity Careers and Studies in the US)