HTTP | Hypertext Transfer Protocol |
REST | Representational State Transfer |
TFTP | Trivial File Transfer Protocol |
MOU | Memorandum of Understanding |
CVSS | Common Vulnerability Scoring System |
SPF | Sender Policy Framework |
SSO | Single Sign-on |
CHD | Cardholder Data |
DR | Disaster Recovery |
UEBA | User and Entity Behavior Analytics |
DNS | Domain Name Service |
ZTNA | Zero Trust Network Access |
SLA | Service-level Agreement |
USB | Universal Serial Bus |
C2 | Command and Control |
CIS | Center for Internet Security |
GDB | GNU Debugger |
IR | Incident Response |
PCI DSS | Payment Card Industry Data Security Standard |
IT | Information Technology |
ZAP | Zed Attack Proxy |
IoC | Indicators of Compromise |
SWG | Secure Web Gateway |
LDAPS | Lightweight Directory Access Protocol |
NDA | Non-disclosure Agreement |
TLS | Transport Layer Security |
EDR | Endpoint Detection and Response |
IPS | Intrusion Prevention System |
PII | Personally Identifiable Information |
BCP | Business Continuity Plan |
MSF | Metasploit Framework |
MSSP | Managed Security Service Provider |
APT | Advanced Persistent Threat |
DLP | Data Loss Prevention |
XSS | Cross-site Scripting |
DDoS | Distributed Denial of Service |
URL | Uniform Resource Locator |
ACL | Access Control List |
LFI | Local File Inclusion |
CSRF | Cross-site Request Forgery |
MTTD | Mean Time to Detect |
RXSS | Reflected Cross-site Scripting |
TCP | Transmission Control Protocol |
ARP | Address Resolution Protocol |
CERT | Computer Emergency Response Team |
SOAR | Security Orchestration, Automation, and Response |
BGP | Border Gateway Protocol |
SSRF | Server-side Request Forgery |
SIEM | Security Information and Event Management |
DKIM | Domain Keys Identified Mail |
CDN | Content Delivery Network |
OWASP | Open Web Application Security Project |
SFTP | Secure File Transfer Protocol |
SDLC | Software Development Life Cycle |
KPI | Key Performance Indicator |
HIDS | Host-based Intrusion Detection System |
LOI | Letter of Intent |
MSP | Managed Service Provider |
POC | Proof of Concept |
NGFW | Next-generation Firewall |
WAN | Wide Area Network |
SCADA | Supervisory Control and Data Acquisition |
IaaS | Infrastructure as a Service |
DoS | Denial of Service |
ICS | Industrial Control Systems |
CA | Certificate Authority |
SAML | Security Assertion Markup Language |
TTP | Tactics, Techniques, and Procedures |
RFI | Remote File Inclusion |
XXE | XML External Entity |
SNMP | Simple Network Management Protocol |
PAM | Privileged Access Management |
RDP | Remote Desktop Protocol |
CI/CD | Continuous Integration and Continuous Delivery |
JSON | JavaScript Object Notation |
DMARC | Domain-based Message Authentication, Reporting, and Conformance |
WAF | Web Application Firewall |
ICMP | Internet Control Message Protocol |
OSSTMM | Open Source Security Testing Methodology Manual |
IDS | Intrusion Detection System |
BIA | Business Impact Analysis |
SOC | Security Operations Center |
OS | Operating System |
SQL | Structured Query Languge |
IP | Internet Protocol |
ITIL | Information Technology Infrastructure Library |
VM | Virtual Machine |
LAN | Local Area Network |
PLC | Programmable Logic Controller |
BC | Business Continuity |
VLAN | Virtual LAN |
API | Application Programming Interface |
PID | Process Identifier |
SLO | Service-level Objective |
OpenVAS | Open Vulnerability Assessment Scanner |
MTTR | Mean Time to Repair |
COBIT | Control Objectives for Information and Related Technologies |
NAC | Network Access Control |
MAC | Media Access Control |
CVE | Common Vulnerabilities and Exposures |
CASB | Cloud Access Security Broker |
OT | Operational Technology |
SASE | Secure Access Secure Edge |
SSL | Secure Sockets Layer |
URI | Uniform Resource Identifier |
PKI | Public Key Infrastructure |
HTTPS | Hypertext Transfer Protocol Secure |
XDR | Extended Detection Response |
FTP | File Transfer Protocol |
SMTP | Simple Mail Transfer Protocol |
MFA | Multifactor Authentication |
FIM | File Integrity Monitoring |
STIX | Structured Threat Information Expression |
XML | Extensible Markup Language |
ISO | International Organization for Standardization |
SDN | Software-defined Networking |
GPO | Group Policy Objects |
NIDS | Network-based Intrusion Detection System |
NTP | Network Time Protocol |
HIPS | Host-based Intrusion Prevention System |
CSIRT | Cybersecurity Incident Response Team |
SaaS | Software as a Service |
TRACE | Trade Reporting and Compliance Engine |
RCE | Remote Code Execution |
SMB | Server Message Block |
PHP | Hypertext Preprocessor |
AV | Antivirus |
VPN | Virtual Private Network |