Wilson Mar bio photo

Wilson Mar

Hello!

Email me Calendar Skype call

LinkedIn Twitter Gitter Instagram Youtube

Github Stackoverflow Pinterest

Here are all acronyms together in one place because it’s often difficult to know whether an acronym is from Security, Networking, Finance, etc.

US (English)   Español (Spanish)   Français (French)   Deutsch (German)   Italiano   Português   Estonian   اَلْعَرَبِيَّةُ (Egypt Arabic)   中文 (简体) Chinese (Simplified)   日本語 Japanese   한국어 Korean

Overview

This list includes acronyms from several domains: Cryptography, Security, IoT, IT, Finance, Business.

Additionally, Glossaries provide definitions:

  • https://github.com/mikepound/tls-exercises/blob/master/glossary.pdf

  • 2FA = Two-Factor Authentication
  • 3DES = Triple Digital Encryption Standard
  • A11Y = Accessibility (numeronym of 11 letters between a and y)
  • ABAC = Attribute Based Access Control
  • AC = Alternating Current (as in electrical wall plugs)
  • ACI = Azure Container Instance (Microsoft)
  • ACL = Access Control List (defines CRUD permissions for an identity)
  • ACM = AWS Certificate Manager
  • ACR = Azure Container Registry (Microsoft)
  • AD = Active Directory (Microsoft’s branding for technologies which control access by users and groups)
  • ADC = Analog to Digital Converter
  • ADC = AWS Direct Connect Amazon
  • AEAD = Authenticated Encryption with Associated Data (cipher used in TLS)
  • AES = Advanced Encryption Standard (symmetric encryption algorithm)
  • AHOD = All Hands On Deck
  • AI = Artificial Intelligence
  • AICPA = Association of International Certified Professional Accountants
  • AKA = Also Known As (common vernacular)
  • AKS = Azure Kubernetes Service (Microsoft)
  • AKV = Azure Key Vault
  • ALB = Application Load Balancer (Amazon)
  • ALE = Annualized Loss Expectancy
  • ALEER = Adopt Land Ex pand Extend Renew
  • ALM = Application Lifecycle Management (all that goes into managing building and maintaining software applications)
  • AM = Account Manager
  • AMA = Ask Me Anything
  • AMA = Azure Marketplace Application (such as HashiCorp Consul Service)
  • AMI = Amazon Machine Image (Amazon and Azure image containing operating system and apps)
  • AMQP = Advanced Message Queuing Protocol
  • API = Application Programming Interface
  • APJ = Asia + Pacific + Japan
  • APM = Application Performance Monitoring
  • APT = Advanced Persistent Threat
  • ARM = Advanced RISC Machine (type of computer chip)
  • ARN = Amazon Resource Name (Amazon)
  • ARO = Annual Rate of Occurrence
  • ARP = Address Resolution Protocol (Networking)
  • ARR = Annual Recurring Revenue
  • ASG = Auto Scaling Groups (Amazon)
  • ASIC = Application-Specific Integrated Circuit
  • ASM = AWS Secrets Manager (Amazon)
  • ASN = Autonomous System Number.
  • ATARC = Advanced Technology Academic Research Center (non-profit collaborative forum on emerging technology challenges like zero trust)
  • ATO = Authority To Operate (FEDRAMP designation for production-ready state)
  • AuthN = Authentication (contraction)
  • AuthZ = Authorization (contraction)
  • AWS = Amazon Web Services (cloud services provider)
  • B2B = Business to Business (marketing)
  • B2C = Business to Consumer (marketing)
  • BANT = Budget + Authority + Need + Timeframe (framework for buyer readiness)
  • BAU = Business Administration Unit
  • BBS = BitBucket Server (self-managed edition of BitBucket source version manager from Atlassian)
  • BCDR = Business Continuity and Disaster Recovery
  • BCP = Business Continuity Plan
  • BDM = Business Decision Maker
  • BDR = Business Development Representative
  • BEC = Business Email Compromise (spoofing emails to impersonate your company‚Äôs supervisors or CEO or vendors)
  • BGP = Border Gateway Protocol
  • BHAG = Big Hairy Audacious Goal
  • BIA = Business Impact Assessment
  • BIOS = Basic Input Output System
  • BKM = Best Known Method
  • BLE = Bluetooth Low Energy
  • BOM = Bill of Material
  • BPMN = Business Process Model Notation
  • BRB = Be Right Back (internet slang)
  • BTP = Behavioral Threat Protection
  • BTW = By The Way
  • BU = Business Unit
  • BVA = Business Value Assessment
  • BYOK = Bring Your Own Key
  • C2E = Commercial Cloud Enterprise
  • CA = Certificate Authority (issues cryptographic certificates)
  • CaC = Configuration as Code
  • CAF = Cloud Adoption Framework
  • CAGR = Compound Annual Growth Rate
  • CAIQ = Consensus Assessments Initiative Questionnaire
  • CAM = Corporate Account Manager (role)
  • CAP = Common Alerting Protocol (XEP-127)
  • CAPEX = Capital Expenditures (impacts Asset Balance Statements and can be amortized over time)
  • CAPTCHA = Completely Automated Public Turing (test) to tell Computers and Humans Apart
  • CASB = Cloud Access Security Broker (enterprise management software to mediate cloud service access by users across all types of devices)
  • CCB = Change Control Board (organization)
  • CCE = Critical Customer Escalation
  • CCM = Cloud Controls Matrix (from CSA)
  • CCM = Continuous Controls Monitoring
  • CCM = Customer Communications Management
  • CCP = Crisis Communication Plan
  • CDK = Cloud Development Kit (Amazon)
  • CDM = Continuous Diagnostics and Mitigation
  • CDN = Content Distribution Network
  • CEO = Chief Executive Officer
  • CfCT = Customizations for Control Tower Amazon
  • CD = Continuous Deployment (into Production for Productive use)
  • CE = Community Edition
  • CF = CloudFormation
  • CI = Continuous Integration
  • CIAN = Customer Identity and Access Management
  • CIDR = Classless Inter-Domain Routing
  • CIEM = Cloud Infrastructure and Entitlement Management (invented by Gartner)
  • CIS = Center for Internet Security
  • CISA = Cybersecurity and Infrastructure Security Agency (US government organization)
  • CKL = Compromised Key List
  • CKMS = Cryptographic Key Management System
  • CLI = Command Line Interface
  • CMK = Customer-Managed Key (for encryption)
  • CMP = Cloud Management Platform (for easier use of multiple clouds)
  • CN = Common Name (a human-readable name of the subject in certificates)
  • CNAME = Canonical Name Record (DNS)
  • CNI = Container Network Interface (Kubernetes)
  • CMDB = Configuration Management Database (ITIL term for where all aspects of the system is defined)
  • COBRA = Customer Onboarding and Rapid Adoption (HashiCorp term)
  • COGS = Cost of Goods Sold (Financial Accounting)
  • COSO = Committee of Sponsoring Organization
  • COTS = Commercial Off-The-Shelf (Software vs. custom-built)
  • CPA = Certified Public Accountant
  • CPU = Central Processing Unit
  • CRD = Custom Resource Definition (Extends Kubernetes API)
  • CRI = Container Runtime Interface (Kubernetes)
  • CRR = Cross-Region Replication
  • CRL = Certificate Revocation List
  • CRM = Customer Relationship Management
  • CRT = Common Release Tooling (built on top of GitHub Actions CI/CD)
  • CS = Customer Success (organization)
  • CSA = Cloud Security Alliance
  • CSB = Cloud Service Broker
  • CSC = Cloud Service Customer
  • CSE = Customer Success Engineer
  • CSI = Container Storage Interface (Kubernetes)
  • CSM = Customer Success Manager
  • CSP = Cloud Service Provider
  • CSP = Cryptographic Service Provider
  • CSPM = Cloud Security Posture Management
  • CSQL = Customer Success Qualified Lead (HashiCorp internal term)
  • CSR = Certificate Signing Request
  • CTA = Call To Action
  • CTAP = Client To Authenticator Protocol
  • CTI = Cyber Threat Intelligence
  • CTO = Chief Technology Officer
  • CTS = Consul-Terraform Sync (HashiCorp product)
  • CVE = Common Vulnerabilities and Exposures (identified through the US CISA database)
  • CWE = Common Weakness Enumerations (known in programming source code)
  • CWPP = Cloud Workload Protection Platform
  • DaaS = Data as a Service
  • DA = Developer Advocate
  • DB = Database
  • DC = Data Center (in the context of Consul - a set of Consul nodes within a region)
  • DCAP = Data-Centric Audit Protection
  • DDD = Domain Driven Design
  • DDoS = Distributed Denial of Service Attack
  • DEK = Data Encryption Key (Microsoft secret held to protect data stored in SQL servers)
  • DEI = Diversity + Equity + Inclusion
  • DES = Digital Encryption Standard (56 bits)
  • DHCP = Dynamic Host Configuration Protocol (automatically assigns IP addresses to devices on a network)
  • DHS = Department of Homeland Security (US government organization)
  • DLP = Data Loss Prevention
  • DMZ = Demilitarized Zone
  • DNC = Do Not Connect
  • DNS = Domain Name Service
  • DOD = Department of Defense (US government organization)
  • DPIA = Data Protection Impact Assessment
  • DR = Disaster Recovery
  • DRI = Directly Responsible Individual (Coined by Apple for the person to make sure that a task is completed)
  • DRP = Disaster Recovery Plan (to transition from alternative business processes back to regular processes.)
  • DRPO = Defense Research & Development Organization
  • DRY = Don’t Repeat Yourself
  • DSC = Digital Signature Algorithm (algorithm for signatures)
  • DTC = Diagnostic Trouble Code
  • DTLS = Datagram Transport Layer Security
  • DUT = Device Under Test
  • DX = Developer eXperience
  • E2E = End-to-End
  • EA = Enterprise Architect
  • EAL = Evaluation Assurance Level (1-7 of Common Criteria)
  • EAM = Externalized Authorization Management
  • EAP = Extensible Authentication Protocol (a framework for port-based access control which uses the same three primary components that are used in the RADIUS standard.)
  • EAR = Export Administration Regulations (US)
  • EBS = Elastic Block Store (Amazon)
  • ECDSA = Elliptic Curve Digital Signature Algorithm (algorithm for signatures)
  • EDI = Electronic Data Interchange
  • EE = Enterprise Edition
  • EIN = Employer Identification Number
  • EC2 = Elastic Cloud Compute
  • ECR = Elastic Container Registry (Amazon service)
  • ECS = Elastic Container Service (Amazon service)
  • ECU = EC2 compute unit (Amazon)
  • EDA = Event Driven Architecture (Serverless)
  • EDM = External Dependency Management (NIST)
  • EDR = Endpoint Detection and Remediation
  • EFS = Elastic File System (Amazon)
  • EFT = Electronic Funds Transfer
  • ELA = Enterprise License Agreement
  • EMR = Elastic Map Reduce (Amazon)
  • EKM = Extensible Key Management (HashiCorp Vault feature)
  • EKS = Elastic Kubernetes Service (Amazon)
  • ELB = Elastic Load Balancer
  • EMEA = Europe + Middle East + Africa
  • EMI = Electro-Magnetic Interference
  • ENI = Elastic Network Interface (Amazon)
  • EPS = Earnings Per Share
  • ETL = Extract Transform and Load
  • EOQ = End of Quarter
  • EOM = End of Month
  • EO = Executive Order
  • EOY = End of Year
  • ERM = Enterprise Risk Management
  • ERP = Enterprise Resource Planning (SAP does this)
  • EU = European Union
  • EV = Extended Validation (certificate)
  • FBL = Feedback Loop
  • FDE = Full Disk Encryption
  • FEDRAMP = Federal Risk and Authorization Management Program
  • FIDO2 = Fast IDentity Online (Spec for web authorization using devices with PKI instead of passwords)
  • FIFO = First In - First Out
  • FIM = Federated Identity Management
  • FIM = File Integrity Monitoring
  • FN = False Negative (test result that missed catching a bad/malicious sample)
  • FOMO = Fear Of Missing Out
  • FP = False Positive (test result that identified a legitimate sample as bad/malicious)
  • FQDN = Fully-qualified Domain Name
  • FTE = Full Time Employee/Equivalent
  • FQDN = Fully Qualified Domain Name
  • FSM = Finite State Machine
  • FYE = Fiscal Year End
  • FUD = Fear Uncertainty and Doubt
  • GAPP = Generally Accepted Privacy Principles (developed by accountants)
  • GA = General Availability
  • GAM = Global Account Manager (job role)
  • GB = Gigabytes (173741824 bytes or 1024 megabytes)
  • GCE = Google Compute Engine
  • GCP = Google Cloud Platform
  • GCM = Galois/Counter Mode (mode of operation for symmetric-key cryptographic block ciphers)
  • GDPR = General Data Protection Regulation (EU Regulation 2016/679)
  • GHA = GitHub Actions (SVM cloud purchased by Microsoft)
  • GID = Group Identifier (used in Kubernetes)
  • GKE = Google Kubernetes Engine (manages container images within Google cloud)
  • GKS = Google Kubernetes Service (runs container images within Google-managed Kubernetes)
  • GLB = Global Load Balancing
  • GNM = Global Network Manager (HashiCorp product feature)
  • GNU = GNU is Not Unix (a recursive acronym for the set of commands in Linux Bash scripts)
  • GPG = GNU Privacy Guard (software program to handle encryption)
  • GPS = Global Positioning System
  • GRC = Governance Risk and Compliance
  • gRPC = Global Remote Procedure Call (a protocol to connect services)
  • GSI = Global System Integrator
  • GTM = Go To Market
  • GUI = Graphical User Interface
  • GW = Gateway
  • H2M = Human to Machine (interface)
  • HA = High Availability
  • HC = HashiCorp
  • HCL = HashiCorp Configuration Language
  • HD = High Definition
  • HCM = Human Capital Management (system for HR processes)
  • HCP = HashiCorp Cloud Provider
  • HCS = HashiCorp Consul Service (SaaS on Azure)
  • HIPAA = Health Insurance Portability and Accountability Act
  • HiPPO = Highest Paid Person‚Äôs Opinions
  • HMI = Human-Machine Interface
  • HPA = HorizontalPodAutoscaler (Kubernetes)
  • HPC = High Performance Compute
  • HR = Human Resources
  • HSM = Hardware Security Module
  • HTML = HyperText Markup Language
  • HTTPS = HyperText Transfer Protocol Secure (the protocol that uses port 443)
  • HVA = High Value Asset
  • HVN = HashiCorp Virtual Network
  • I18N = Internationalization (numeronym - 18 letters between “i” and “n”)
  • IA = Interoperability Agreement (between enterprises)
  • IaaS = Infrastructure as a Service
  • IaC = Infrastructure as Code
  • IAB = Internet Architecture Board (maintains an ethics-related statement concerning the use of the Internet. A technical advisory group of researchers and technical professionals responsible for Internet growth and management strategy and standards oversight.)
  • IAM = Identity and Access Management
  • IAST = Interactive Application Security Testing
  • IC = Integrated Circuit
  • ICFR = Internal Control over Financial Reporting
  • ICMP = Internet Control Message Protocol (used by the Linux ping command)
  • ICS = Industrial Control System
  • ICT = Information and Communication Technology
  • ICYMI = In Case You Missed It
  • ID = Identifier
  • IDaaS = Identity as a Service
  • IDE = Integrated Development Environment
  • IdP = Identity Provider (such as Okta)
  • IDP = Internal Developer Platform
  • IDS = Intrusion detection system (A detective control used to detect attacks after they occur. A signature-based IDS (also called definition-based) uses a database of predefined traffic patterns. An anomaly-based IDS (also called behavior-based) starts with a performance baseline of normal behavior and compares network traffic against this baseline. An IDS can be either host-based (HIDS) or network-based (NIDS).
  • IEM = Infrastructure Event Management (AWS service to ensure high traffic can be accomodated)
  • IETF = Internet Engineering Task Force
  • IGA = Identity Governance and Administration
  • IIoT = Industrial Internet of Things
  • ILT = Instructor-Led Training
  • IM = Internet Messaging
  • IOCs = Indicators of Compromise
  • IOPS = Input Output Per Second (Amazon)
  • IOT = Internet of Things
  • IP = Internet Protocol
  • IPAM = IP Address Manager (AWS feature that manages CIDR ranges)
  • IPE = Information Produced by the Entity
  • IPS = Intrusion Protection System (detect or prevent network security attacks such as brute force attacks)
  • IPsec = Internet Protocol security
  • IPO = Initial Public Offering
  • IRL = In Real Life (internet slang)
  • IRT = Incident Response Team
  • ISO = International Standards Organization
  • ISP = Internet Service Provider (company that provides access to the internet)
  • ISV = Independent Software Vendor
  • IT = Information Technologies
  • ITAR = International Traffic in Arms Regulations (US)
  • ITIL = Information Technology Infrastructure Library
  • ITSM = IT Service Management (implemented of Service Now)
  • ITU = International Telecommunication Union (defined X.509 certificate format)
  • JSON = JavaScript Notation
  • JWT = JSON Web Token (Internet standard for creating data with optional signature and/or optional encryption whose payload payload holds JSON that asserts some number of claims)
  • K8s = Kubernetes (numeronym of 8 letters between K and S)
  • KANBAN = japanese word for visual signal (adopted for managing software workflow)
  • KDC = Key Distribution Center
  • KEK = Key Encryption Key (key to encrypt the DEK)
  • KMIP = Key Management Interoperability Protocol
  • KMS = Key Management Service (Amazon)
  • KPI = Key Performance Indicator
  • KTS = Kubernetes Threat Detection (Google service)
  • KRI = Key Recovery Information
  • KV = Key-Value (data storage format)
  • KYC = Know Your Customer
  • LAMP = Linux OS + Apache web server + MySQL DB + PHP/Perl/Python (open-source web development technology stack)
  • L18N = Localization (numeronym of 18 letters between L and N)
  • LAN = Local Area Network
  • LDAP = Lightweight Directory Access Protocol (used by Linux to manage user and group access)
  • LIFO = Last In - Last Out
  • LLC = Limited Liability Company
  • LMS = Learning Management System
  • LTM = Last Twelve Months
  • MAC = Media Access Control (address of NIC card)
  • MAC = Message Authentication Code (a tag appended to a message to verify its authenticity)
  • MAP = Minimum Acceptable Product
  • MBR = Master Boot Record
  • MDM = Mobile Device Management
  • MFA = Multi-Factor Authentication
  • MIT = Most Important Task
  • MitB = Man-in-the-Browser (attack vector)
  • MitM = Man-in-the-Middle (an attack in a form of active interception allowing an attacker to intercept traffic and insert malicious code sent to other clients. Kerberos provides mutual authentication and helps prevent MITM attacks)
  • ML = Machine Learning
  • MSA = Master Service Agreement
  • MSI = Managed Service Identity
  • MTD = Month-To-Date
  • mTLS = Mutual TLS
  • MOR = Minimum Operating Requirements (describes the minimum environmental and connectivity requirements in order to operate computer equipment)
  • MSI = Microsoft Software Installer (file extension for Microsoft Windows installer files)
  • MTD = Maximum Tolerable Downtime
  • MQTT = MQ Telemetry Transport
  • MTA = Mail Transfer Agent
  • MTTD = Mean Time To Detect
  • MTTR = Mean Time To Restore/Resolution
  • MTU = Maximum Transmission Unit (networking)
  • MVP = Minimum Viable Product
  • MY = Multi-Year
  • NAC = Network Admission Control/Controller (Cisco)
  • NAD = Network Access Devices
  • NAT = Network Address Translation (allows devices on a private network to communicate with a public network through a networking gateway)
  • NB = No Problem
  • NFR = Non-Functional Requirements
  • NDA = Non-Disclosure Agreement
  • NDAA = National Defense Authorization Act of 2020 and 2021
  • NDE = Net Dollar Expansion
  • NDRR = Net Dollar Retention Rate
  • NFS = Network File System
  • NGFW = Next-Generation firewall (Originally from Palo Alto - it examines application data to filter traffic at the highest application layer of networks)
  • NIA = Network Interface (HashiCorp product feature)
  • NIC = National Interface Card
  • NIST = National Institute of Standards and Technology (US)
  • NLB = Network Load Balancer (Amazon)
  • NPS = Net Promoter Score
  • NSG = Network Security Group (Azure)
  • NTA = Network Traffic Anomaly
  • NTM = Next Twelve Months
  • NTP = Network Time Protocol
  • NVD = National Vulnerability Database (weaknesses in the computational logic code maintained by the US government for the world)
  • OCI = Container Open Initiative (for Kubernetes to replace Docker)
  • OCSP = Online Certificate Status Protocol
  • OCM = Organizational Change Management
  • OEM = Original Equipment Manufacturer
  • OLAP = OnLine Analytical Processing (A business intelligence approach that allows users to analyze large amounts of data from different points of view)
  • OKR = Objectives and Key Results
  • OIDC = OpenID Connect (open authentication protocol that profiles and extends OAuth 2.0 to add an identity layer. OIDC allows clients to confirm an end user‚Äôs identity using authentication by an authorization server.)
  • OOP = Object Oriented Programming
  • OPA = Open Policy Agent (Policy as Code agent from Styra used in Kubernetes Admission Controller and Terraform)
  • OPEX = Operating Expenditures (impacts Profit and Loss statement for current periods)
  • OS = Operating System
  • OSCAL = Open Security Controls Assessment Language (NIST-defined format for communicating CVEs)
  • OSCP = Online Certificate Status Protocol (used to obtain the revocation status of X.509 digital certificates)
  • OSS = Open Source Software
  • OTP = One Time Password
  • OU = Organizational Unit
  • OWASP = Open Web Application Security Project
  • PaaS = Platform as a Service
  • PaC = Policy as Code
  • PAM = Privileged Access Management
  • PAT = Port Address Translation
  • PBC = Provided By Client (SOC term)
  • PC = Personal Computer (refers to a Microsoft Windows machine)
  • PCI = Peripheral Components Interconnect
  • PCI DSS = Payment Card Industry Data Security Standard (private regulation by credit card processors to prevent identity theft)
  • PDD = Project Delivery Document (HashiCorp doc containing IS project scope prerequisites scheduling info etc.)
  • PDF = Portable Document Format (the format created by Adobe to create a univerally accessible file containing graphics and text)
  • PEP = Policy Enforcement Point (filters requests and makes eXtensible Access Control Markup Language (XACML) to a Policy Decision Point (PDP)
  • PFS = Perfect Forward Secrecy
  • PHI = Protected Health Information
  • PID = Process Identifier
  • PII = Personally Identifiable Information
  • PIN = Personal Identification Number (a secret consisting of a small number)
  • PKI = Public Key Infrastructure (manages cryptographic certificates)
  • PM = Product Management/Manager
  • P&L = Profit and Loss
  • PMM = Product Marketing Manager (organizational role)
  • PMO = Project Management Office
  • PoC = Proof of Concept
  • POLP = Principle of Least Privilege
  • PPTP = Point-to-Point Tunneling Protocol
  • PR = Pull Request (GitHub feature for suggesting code changes and integrating them into the main code base)
  • PS = Professional Services
  • PSE = Professional Services Engineer
  • PSK = Pre-Shared Key
  • PUA = Potentially Unwanted Application
  • PV = Persistent Volume (Kubernetes)
  • PVC = Persistent Volume Claim (Kubernetes)
  • QA = Quality Assurance
  • QBR = Quarterly Business Review
  • QKD = Quantum Key Distribution (secures communication using a cryptographic protocol involving quantum computing with lasers)
  • QoQ = Quarter on Quarter
  • QoS = Quality of Service
  • RACI = Responsible + Accountable + Consulted + Informed (Responsibility Assignment Matrix)
  • RAID = Redundant Array of Independent Disks
  • RAM = Random Access Memory
  • RASP = Runtime Application Self-Protection
  • RBAC = Role Based Access Control
  • RBG = Random Bit Generator
  • RCA = Root Cause Analysis
  • RCE = Root Code Execution
  • RDP = Remote Desktop Protocol (Microsoft technology for users to access a Windows computer remotely)
  • RDS = Relational Database Service (AWS cloud SQL service)
  • REST = Representational State Transfer
  • RFI = Request for Information
  • RFP = Request for Proposal
  • RFQ = Request for Quote
  • RGB = Red Green Blue (colors)
  • RISC = Reduced Instruction Set Computing
  • RMF = Risk Management Framework
  • ROA = Return on Assets
  • ROE = Return on Equity
  • ROI = Return on Investment
  • ROM = Read-only Memory
  • ROS = Return on Sales
  • RPA = Robotic Process Automation
  • RPC = Remote Procedure Call
  • RPO = Recovery Point Objective
  • RPS = Requests Per Second
  • RSA = Resident System Engineer (role within HashiCorp)
  • RSA = Rivest‚ÄìShamir‚ÄìAdleman (an encryption algorithm and company named based on the initials of its inventors)
  • RTC = Real Time Clock
  • RTO = Recovery Time Objective
  • RUM = Resources Under Management (HashiCorp Terraform at scale)
  • S3 = Simple Storage Service (Amazon file service)
  • SaaS = Software as a Service
  • SAML = Security Assertion Markup Language (XML-based standard for authentication and authorization)
  • SAP = Systems Applications and Product (large German ERP software company)
  • SAP = System Assessment Plan
  • SARs = System Assessment Results
  • SASE = Secure Access Service Edge (Trust Broker SaaS by Palo Alto Prisma zScaler Cato Cloudfare)
  • SAST = Static Application Security Testing
  • SBOM = Software Bill of Materials
  • SCA = Software Composition Analysis (identify vulnerable components in containers)
  • SCADA = Supervisory Control And Data Acquisition
  • SCC = Security Command Center (Google’s SOC service)
  • SCEP = Simple Certificate Enrollment Protocol
  • SCM = Source Control Manager (such as GitHub)
  • SCP = Service Control Policies (in AWS to govern the use of other IAM policies)
  • SCSS = Sidecar Container Security Stack
  • SEA = Solutions Engineering & Architecture (HashiCorp pre and post sale grouping)
  • SDK = Software Development Kit
  • SDN = Software-Defined Networking (used by AWS - an advancement to BGP used on public networks)
  • SDLC = System Development Life Cycle
  • SDP = Software Defined Perimeter
  • SES = Simple Email Service (Amazon)
  • SF = Service Fabric (Azure)
  • SHA = Secure Hash Algorithm (a method to identify whether a file has been altered - also used by GitHub to create an index)
  • SI = Systems Integrator
  • SIEM = Security Information and Event Management
  • SIG = Special Interest Group
  • SIRT = Security Incident Response Team (work in a SOC department)
  • SLA = Service Level Agreement
  • SLE = Single Loss Expectancy
  • SLI = Service Level Indicator
  • SLO = Service Level Objective
  • SLSA = Supply chain Levels for Software Artifacts (4-level framework for ensuring the integrity of software)
  • SME = Subject Matter Expert
  • SMI = Service Mesh Interface
  • SNMP = Simple Network Management Protocol
  • SMaaS = Service Mesh as a Service
  • SMTP = Simple Mail Transfer Protocol
  • SNS = Simple Notification Service (Amazon service send and receive notifications from the cloud)
  • SOAP = Simple Object Access Protocol (uses XML)
  • SOC = Security Operations Center
  • SOA = Service Oriented Architecture
  • SOP = Standard Operating Procedure
  • SOX = Sarbanes-Oxley Act
  • SQL = Structured Query Language
  • SPI = Service Provider Interface
  • SPIFFE = Secure Production Identity Framework for Everyone (spec used by Consul Connect service mesh for establishing service identities)
  • SQS = Simple Queue Service (Amazon hosted queues)
  • SOAR = Security Orchestration Automation and Response
  • SOW = Statement of Work
  • SPI = Secure Personal Information
  • SPOC = Single Point of Contact
  • SPOF = Single Point of Failure
  • SRA = Security Reference Architecture
  • SRE = Site Reliability Engineer (job role)
  • SSAE = Statement on Standards for Attestation Engagements
  • SSD = Solid-State Drive
  • SSE = Security Service Edge
  • SSE = Server-Side Encryption
  • SSDLC = Secure Software Development Lifecycle
  • SSH = Secure Shell (a Linux feature to enable remote access of computers)
  • SSL = Secure Sockets Layer
  • SSN = Social Security Number (used by the US government to unique identify an individual)
  • SSO = Single Sign On
  • SSP = System Security Plan
  • SSRF = Server Side Request Forgery
  • SSRM = Shared Security Responsibility Model
  • STS = Security Token Service (Amazon service)
  • STS = StatefulSets (Kubernetes)
  • SUT = System Under Test
  • SVID = SPIFFE Verifiable Identity Document (cryptographic file used by a workload to prove its identity to a resource or caller)
  • SWG = Secure Web Gateway
  • TAM = Total Addressable Market
  • TB = TerraByte
  • TBD = To Be Decided (common vernacular)
  • TDE = Transparent Data Encryption (HashiCorp Vault feature to substitute encrypted values in databases instead of HSMs)
  • TDM = Technical Decision Maker (vs. Business Decision Maker)
  • TFC = Terraform Cloud (SaaS Terraform offering)
  • TFE = Terraform Enterprise (self-installed/managed Terraform)
  • TIC = Trusted Internet Connection
  • TIN = Tax Identification Number
  • TCSEC = Trusted Computer System Evaluation Criteria
  • TCO = Total Cost of Ownership
  • TDD = Test-Driven Development
  • TDM = Technical Decision Maker
  • TFE = Terraform Enterprise
  • TGW = Transit GateWay (in AWS cloud)
  • TH = Threat Hunting
  • TIP = Threat Intelligence Platform
  • TLD = Top Level Domain (the letters after the last dot on URLs processed by DNS)
  • TLS = Transport Layer Security
  • TMI = Too Much Information (common vernacular)
  • TOE = Target of Evaluation (what is being evaluated by the Common Criteria EAL)
  • TOFU = Trust On First Use
  • TOTP = TIme-based One Time Password
  • TPM = Trusted Platform Module
  • TPRM = Third Party Risk Management
  • TSC = Trust Service Criteria
  • TSI = Trustworthy Software Initiative (UK)
  • TTL = Time to Value (marketing term)
  • TTL = Time To Live
  • TTP = Trusted Third Party
  • TTS = Text To Speech
  • UAT = User Acceptance Test
  • UCS = User
  • UDS = Unified Diagnostic Services (use in vehicles)
  • UEBA = User and Entity Behavior Analytics (detect any anomalous behavior - deviations from normal patterns of usage which have security implications)
  • UEFI = Unified Extensible Firmware Interface (spec. replaces BIOS for boot-up)
  • UEM = Unified Endpoint Management
  • UDP = User Datagram Protocol (networking)
  • UML = Unified Modeling Language
  • URI = Universal Resource Identifier
  • URL = Universal Resource Locator
  • URM = Under-Represented Minority
  • USB = Universal Service Bus
  • UTC = Coordinated Universal Time (the new term for GMT)
  • UTF = Unicode Transformation Format
  • UX = User eXperience
  • VAT = Value Added Tax
  • VBO = Value Based Outcome
  • VCS = Version Control System
  • VDP = Vulnerability Disclosure Program
  • VIP = Virtual IP (address)
  • VLAN = Virtual Local Area Network
  • VM = Virtual Machine
  • VoIP = Voice over Internet Protocol
  • VRRP = Virtual Router Redundancy Protocol
  • VRM = Vendor Risk Management
  • VPA = Vertical Pod Autoscaler (Kubernetes)
  • VPC = Virtual Private Cloud (Amazon)
  • VPN = Virtual Private Network
  • VSM = Value Stream Mapping
  • vTPM = Virtual Trusted Platform Module
  • VUCA = Volatile + Uncertain + Complex + Ambiguous
  • W3C = World Wide Web Consortium
  • WAAP = Web application and API protection (a comprehensive security approach as enhancement over web application firewalls)
  • WABD = Well Architected By Design
  • WAF = Web Application Firewall (Amazon)
  • WAF = Well Architected Framework
  • WBS = Work Breakdown Structure
  • WEP = Wired Equivalent Privacy
  • WIP = Work In Process
  • WPA = Wi-Fi Protected Access
  • WSDL = Web Services Description Language
  • X.509 = none (certificate format used for HTTPS on web servers digitally sign application code secure email and authenticate devices to corporate networks)
  • XaaS = Anything as a Service
  • XKX = External Key Store (Amazon service to store secrets outside of AWS)
  • XDR = Extended Detection and Response (Palo Alto Network’s new SaaS-based approach to threat detection and response that integrates multiple security products to provide holistic protection against cyberattacks unauthorized access and misuse.)
  • XML = Extensible Markup Language
  • XMPP = Extensible Message and Presence Protocol
  • YAML = YAML Ain’t Markup Language (Human-readable data-serialization text format)
  • YTD = Year-To-Date
  • ZT = Zero Trust
  • ZTA = Zero Trust Architecture
  • ZTS = Zero Trust Security
  • ZTNA = Zero Trust Network Access/Architecture

More about Security

This is one of a series about cyber security:

  1. SOC2
  2. CAIQ (Consensus Assessment Initiative Questionnaire) by cloud vendors

  3. Git Signing
  4. Hashicorp Vault
  5. OPA

  6. WebGoat known insecure PHP app and vulnerability scanners
  7. Test for OWASP using ZAP on the Broken Web App

  8. Encrypt all the things

  9. AWS Security (certification exam)
  10. AWS IAM (Identity and Access Management)

  11. Cyber Security
  12. Security certifications