Acronyms (and contractions)

Here are all acronyms together in one place because it’s often difficult to know whether an acronym is from Security, Networking, Finance, etc.

Overview

More about Security

This list includes acronyms from several domains: Cryptography, Security, IoT, IT, Finance, Business.

Additionally, Glossaries provide definitions:

https://github.com/mikepound/tls-exercises/blob/master/glossary.pdf
2FA = Two-Factor Authentication
3DES = Triple Digital Encryption Standard
A11Y = Accessibility (numeronym of 11 letters between a and y)
ABAC = Attribute Based Access Control
AC = Alternating Current (as in electrical wall plugs)
ACI = Azure Container Instance (Microsoft)
ACL = Access Control List (defines CRUD permissions for an identity)
ACM = AWS Certificate Manager
ACR = Azure Container Registry (Microsoft)
AD = Active Directory (Microsoft’s branding for technologies which control access by users and groups)
ADC = Analog to Digital Converter
ADC = AWS Direct Connect Amazon
AEAD = Authenticated Encryption with Associated Data (cipher used in TLS)
AES = Advanced Encryption Standard (symmetric encryption algorithm)
AHOD = All Hands On Deck
AI = Artificial Intelligence
AICPA = Association of International Certified Professional Accountants
AKA = Also Known As (common vernacular)
AKS = Azure Kubernetes Service (Microsoft)
AKV = Azure Key Vault
ALB = Application Load Balancer (Amazon)
ALE = Annualized Loss Expectancy
ALEER = Adopt Land Ex pand Extend Renew
ALM = Application Lifecycle Management (all that goes into managing building and maintaining software applications)
AM = Account Manager
AMA = Ask Me Anything
AMA = Azure Marketplace Application (such as HashiCorp Consul Service)
AMI = Amazon Machine Image (Amazon and Azure image containing operating system and apps)
AMQP = Advanced Message Queuing Protocol
API = Application Programming Interface
APJ = Asia + Pacific + Japan
APM = Application Performance Monitoring
APT = Advanced Persistent Threat
ARM = Advanced RISC Machine (type of computer chip)
ARN = Amazon Resource Name (Amazon)
ARO = Annual Rate of Occurrence
ARP = Address Resolution Protocol (Networking)
ARR = Annual Recurring Revenue
ASG = Auto Scaling Groups (Amazon)
ASIC = Application-Specific Integrated Circuit
ASM = AWS Secrets Manager (Amazon)
ASN = Autonomous System Number.
ATARC = Advanced Technology Academic Research Center (non-profit collaborative forum on emerging technology challenges like zero trust)
ATO = Authority To Operate (FEDRAMP designation for production-ready state)
AuthN = Authentication (contraction)
AuthZ = Authorization (contraction)
AWS = Amazon Web Services (cloud services provider)
B2B = Business to Business (marketing)
B2C = Business to Consumer (marketing)
BANT = Budget + Authority + Need + Timeframe (framework for buyer readiness)
BAU = Business Administration Unit
BBS = BitBucket Server (self-managed edition of BitBucket source version manager from Atlassian)
BCDR = Business Continuity and Disaster Recovery
BCP = Business Continuity Plan
BDM = Business Decision Maker
BDR = Business Development Representative
BEC = Business Email Compromise (spoofing emails to impersonate your company‚Äôs supervisors or CEO or vendors)
BGP = Border Gateway Protocol
BHAG = Big Hairy Audacious Goal
BIA = Business Impact Assessment
BIOS = Basic Input Output System
BKM = Best Known Method
BLE = Bluetooth Low Energy
BOM = Bill of Material
BPMN = Business Process Model Notation
BRB = Be Right Back (internet slang)
BTP = Behavioral Threat Protection
BTW = By The Way
BU = Business Unit
BVA = Business Value Assessment
BYOK = Bring Your Own Key
C2E = Commercial Cloud Enterprise
CA = Certificate Authority (issues cryptographic certificates)
CaC = Configuration as Code
CAF = Cloud Adoption Framework
CAGR = Compound Annual Growth Rate
CAIQ = Consensus Assessments Initiative Questionnaire
CAM = Corporate Account Manager (role)
CAP = Common Alerting Protocol (XEP-127)
CAPEX = Capital Expenditures (impacts Asset Balance Statements and can be amortized over time)
CAPTCHA = Completely Automated Public Turing (test) to tell Computers and Humans Apart
CASB = Cloud Access Security Broker (enterprise management software to mediate cloud service access by users across all types of devices)
CCB = Change Control Board (organization)
CCE = Critical Customer Escalation
CCM = Cloud Controls Matrix (from CSA)
CCM = Continuous Controls Monitoring
CCM = Customer Communications Management
CCP = Crisis Communication Plan
CDK = Cloud Development Kit (Amazon)
CDM = Continuous Diagnostics and Mitigation
CDN = Content Distribution Network
CEO = Chief Executive Officer
CfCT = Customizations for Control Tower Amazon
CD = Continuous Deployment (into Production for Productive use)
CE = Community Edition
CF = CloudFormation
CI = Continuous Integration
CIAN = Customer Identity and Access Management
CIDR = Classless Inter-Domain Routing
CIEM = Cloud Infrastructure and Entitlement Management (invented by Gartner)
CIS = Center for Internet Security
CISA = Cybersecurity and Infrastructure Security Agency (US government organization)
CKL = Compromised Key List
CKMS = Cryptographic Key Management System
CLI = Command Line Interface
CMK = Customer-Managed Key (for encryption)
CMP = Cloud Management Platform (for easier use of multiple clouds)
CN = Common Name (a human-readable name of the subject in certificates)
CNAME = Canonical Name Record (DNS)
CNI = Container Network Interface (Kubernetes)
CMDB = Configuration Management Database (ITIL term for where all aspects of the system is defined)
COBRA = Customer Onboarding and Rapid Adoption (HashiCorp term)
COGS = Cost of Goods Sold (Financial Accounting)
COSO = Committee of Sponsoring Organization
COTS = Commercial Off-The-Shelf (Software vs. custom-built)
CPA = Certified Public Accountant
CPU = Central Processing Unit
CRD = Custom Resource Definition (Extends Kubernetes API)
CRI = Container Runtime Interface (Kubernetes)
CRR = Cross-Region Replication
CRL = Certificate Revocation List
CRM = Customer Relationship Management
CRT = Common Release Tooling (built on top of GitHub Actions CI/CD)
CS = Customer Success (organization)
CSA = Cloud Security Alliance
CSB = Cloud Service Broker
CSC = Cloud Service Customer
CSE = Customer Success Engineer
CSI = Container Storage Interface (Kubernetes)
CSM = Customer Success Manager
CSP = Cloud Service Provider
CSP = Cryptographic Service Provider
CSPM = Cloud Security Posture Management
CSQL = Customer Success Qualified Lead (HashiCorp internal term)
CSR = Certificate Signing Request
CTA = Call To Action
CTAP = Client To Authenticator Protocol
CTI = Cyber Threat Intelligence
CTO = Chief Technology Officer
CTS = Consul-Terraform Sync (HashiCorp product)
CVE = Common Vulnerabilities and Exposures (identified through the US CISA database)
CWE = Common Weakness Enumerations (known in programming source code)
CWPP = Cloud Workload Protection Platform
DaaS = Data as a Service
DA = Developer Advocate
DB = Database
DC = Data Center (in the context of Consul - a set of Consul nodes within a region)
DCAP = Data-Centric Audit Protection
DDD = Domain Driven Design
DDoS = Distributed Denial of Service Attack
DEK = Data Encryption Key (Microsoft secret held to protect data stored in SQL servers)
DEI = Diversity + Equity + Inclusion
DES = Digital Encryption Standard (56 bits)
DHCP = Dynamic Host Configuration Protocol (automatically assigns IP addresses to devices on a network)
DHS = Department of Homeland Security (US government organization)
DLP = Data Loss Prevention
DMZ = Demilitarized Zone
DNC = Do Not Connect
DNS = Domain Name Service
DOD = Department of Defense (US government organization)
DPIA = Data Protection Impact Assessment
DR = Disaster Recovery
DRI = Directly Responsible Individual (Coined by Apple for the person to make sure that a task is completed)
DRP = Disaster Recovery Plan (to transition from alternative business processes back to regular processes.)
DRPO = Defense Research & Development Organization
DRY = Don’t Repeat Yourself
DSC = Digital Signature Algorithm (algorithm for signatures)
DTC = Diagnostic Trouble Code
DTLS = Datagram Transport Layer Security
DUT = Device Under Test
DX = Developer eXperience
E2E = End-to-End
EA = Enterprise Architect
EAL = Evaluation Assurance Level (1-7 of Common Criteria)
EAM = Externalized Authorization Management
EAP = Extensible Authentication Protocol (a framework for port-based access control which uses the same three primary components that are used in the RADIUS standard.)
EAR = Export Administration Regulations (US)
EBS = Elastic Block Store (Amazon)
ECDSA = Elliptic Curve Digital Signature Algorithm (algorithm for signatures)
EDI = Electronic Data Interchange
EE = Enterprise Edition
EIN = Employer Identification Number
EC2 = Elastic Cloud Compute
ECR = Elastic Container Registry (Amazon service)
ECS = Elastic Container Service (Amazon service)
ECU = EC2 compute unit (Amazon)
EDA = Event Driven Architecture (Serverless)
EDM = External Dependency Management (NIST)
EDR = Endpoint Detection and Remediation
EFS = Elastic File System (Amazon)
EFT = Electronic Funds Transfer
ELA = Enterprise License Agreement
EMR = Elastic Map Reduce (Amazon)
EKM = Extensible Key Management (HashiCorp Vault feature)
EKS = Elastic Kubernetes Service (Amazon)
ELB = Elastic Load Balancer
EMEA = Europe + Middle East + Africa
EMI = Electro-Magnetic Interference
ENI = Elastic Network Interface (Amazon)
EPS = Earnings Per Share
ETL = Extract Transform and Load
EOQ = End of Quarter
EOM = End of Month
EO = Executive Order
EOY = End of Year
ERM = Enterprise Risk Management
ERP = Enterprise Resource Planning (SAP does this)
EU = European Union
EV = Extended Validation (certificate)
FBL = Feedback Loop
FDE = Full Disk Encryption
FEDRAMP = Federal Risk and Authorization Management Program
FIDO2 = Fast IDentity Online (Spec for web authorization using devices with PKI instead of passwords)
FIFO = First In - First Out
FIM = Federated Identity Management
FIM = File Integrity Monitoring
FN = False Negative (test result that missed catching a bad/malicious sample)
FOMO = Fear Of Missing Out
FP = False Positive (test result that identified a legitimate sample as bad/malicious)
FQDN = Fully-qualified Domain Name
FTE = Full Time Employee/Equivalent
FQDN = Fully Qualified Domain Name
FSM = Finite State Machine
FYE = Fiscal Year End
FUD = Fear Uncertainty and Doubt
GAPP = Generally Accepted Privacy Principles (developed by accountants)
GA = General Availability
GAM = Global Account Manager (job role)
GB = Gigabytes (173741824 bytes or 1024 megabytes)
GCE = Google Compute Engine
GCP = Google Cloud Platform
GCM = Galois/Counter Mode (mode of operation for symmetric-key cryptographic block ciphers)
GDPR = General Data Protection Regulation (EU Regulation 2016/679)
GHA = GitHub Actions (SVM cloud purchased by Microsoft)
GID = Group Identifier (used in Kubernetes)
GKE = Google Kubernetes Engine (manages container images within Google cloud)
GKS = Google Kubernetes Service (runs container images within Google-managed Kubernetes)
GLB = Global Load Balancing
GNM = Global Network Manager (HashiCorp product feature)
GNU = GNU is Not Unix (a recursive acronym for the set of commands in Linux Bash scripts)
GPG = GNU Privacy Guard (software program to handle encryption)
GPS = Global Positioning System
GRC = Governance Risk and Compliance
gRPC = Global Remote Procedure Call (a protocol to connect services)
GSI = Global System Integrator
GTM = Go To Market
GUI = Graphical User Interface
GW = Gateway
H2M = Human to Machine (interface)
HA = High Availability
HC = HashiCorp
HCL = HashiCorp Configuration Language
HD = High Definition
HCM = Human Capital Management (system for HR processes)
HCP = HashiCorp Cloud Provider
HCS = HashiCorp Consul Service (SaaS on Azure)
HIPAA = Health Insurance Portability and Accountability Act
HiPPO = Highest Paid Person‚Äôs Opinions
HMI = Human-Machine Interface
HPA = HorizontalPodAutoscaler (Kubernetes)
HPC = High Performance Compute
HR = Human Resources
HSM = Hardware Security Module
HTML = HyperText Markup Language
HTTPS = HyperText Transfer Protocol Secure (the protocol that uses port 443)
HVA = High Value Asset
HVN = HashiCorp Virtual Network
I18N = Internationalization (numeronym - 18 letters between “i” and “n”)
IA = Interoperability Agreement (between enterprises)
IaaS = Infrastructure as a Service
IaC = Infrastructure as Code
IAB = Internet Architecture Board (maintains an ethics-related statement concerning the use of the Internet. A technical advisory group of researchers and technical professionals responsible for Internet growth and management strategy and standards oversight.)
IAM = Identity and Access Management
IAST = Interactive Application Security Testing
IC = Integrated Circuit
ICFR = Internal Control over Financial Reporting
ICMP = Internet Control Message Protocol (used by the Linux ping command)
ICS = Industrial Control System
ICT = Information and Communication Technology
ICYMI = In Case You Missed It
ID = Identifier
IDaaS = Identity as a Service
IDE = Integrated Development Environment
IdP = Identity Provider (such as Okta)
IDP = Internal Developer Platform
IDS = Intrusion detection system (A detective control used to detect attacks after they occur. A signature-based IDS (also called definition-based) uses a database of predefined traffic patterns. An anomaly-based IDS (also called behavior-based) starts with a performance baseline of normal behavior and compares network traffic against this baseline. An IDS can be either host-based (HIDS) or network-based (NIDS).
IEM = Infrastructure Event Management (AWS service to ensure high traffic can be accomodated)
IETF = Internet Engineering Task Force
IGA = Identity Governance and Administration
IIoT = Industrial Internet of Things
ILT = Instructor-Led Training
IM = Internet Messaging
IOCs = Indicators of Compromise
IOPS = Input Output Per Second (Amazon)
IOT = Internet of Things
IP = Internet Protocol
IPAM = IP Address Manager (AWS feature that manages CIDR ranges)
IPE = Information Produced by the Entity
IPS = Intrusion Protection System (detect or prevent network security attacks such as brute force attacks)
IPsec = Internet Protocol security
IPO = Initial Public Offering
IRL = In Real Life (internet slang)
IRT = Incident Response Team
ISO = International Standards Organization
ISP = Internet Service Provider (company that provides access to the internet)
ISV = Independent Software Vendor
IT = Information Technologies
ITAR = International Traffic in Arms Regulations (US)
ITIL = Information Technology Infrastructure Library
ITSM = IT Service Management (implemented of Service Now)
ITU = International Telecommunication Union (defined X.509 certificate format)
JSON = JavaScript Notation
JWT = JSON Web Token (Internet standard for creating data with optional signature and/or optional encryption whose payload payload holds JSON that asserts some number of claims)
K8s = Kubernetes (numeronym of 8 letters between K and S)
KANBAN = japanese word for visual signal (adopted for managing software workflow)
KDC = Key Distribution Center
KEK = Key Encryption Key (key to encrypt the DEK)
KMIP = Key Management Interoperability Protocol
KMS = Key Management Service (Amazon)
KPI = Key Performance Indicator
KTS = Kubernetes Threat Detection (Google service)
KRI = Key Recovery Information
KV = Key-Value (data storage format)
KYC = Know Your Customer
LAMP = Linux OS + Apache web server + MySQL DB + PHP/Perl/Python (open-source web development technology stack)
L18N = Localization (numeronym of 18 letters between L and N)
LAN = Local Area Network
LDAP = Lightweight Directory Access Protocol (used by Linux to manage user and group access)
LIFO = Last In - Last Out
LLC = Limited Liability Company
LMS = Learning Management System
LTM = Last Twelve Months
MAC = Media Access Control (address of NIC card)
MAC = Message Authentication Code (a tag appended to a message to verify its authenticity)
MAP = Minimum Acceptable Product
MBR = Master Boot Record
MDM = Mobile Device Management
MFA = Multi-Factor Authentication
MIT = Most Important Task
MitB = Man-in-the-Browser (attack vector)
MitM = Man-in-the-Middle (an attack in a form of active interception allowing an attacker to intercept traffic and insert malicious code sent to other clients. Kerberos provides mutual authentication and helps prevent MITM attacks)
ML = Machine Learning
MSA = Master Service Agreement
MSI = Managed Service Identity
MTD = Month-To-Date
mTLS = Mutual TLS
MOR = Minimum Operating Requirements (describes the minimum environmental and connectivity requirements in order to operate computer equipment)
MSI = Microsoft Software Installer (file extension for Microsoft Windows installer files)
MTD = Maximum Tolerable Downtime
MQTT = MQ Telemetry Transport
MTA = Mail Transfer Agent
MTTD = Mean Time To Detect
MTTR = Mean Time To Restore/Resolution
MTU = Maximum Transmission Unit (networking)
MVP = Minimum Viable Product
MY = Multi-Year
NAC = Network Admission Control/Controller (Cisco)
NAD = Network Access Devices
NAT = Network Address Translation (allows devices on a private network to communicate with a public network through a networking gateway)
NB = No Problem
NFR = Non-Functional Requirements
NDA = Non-Disclosure Agreement
NDAA = National Defense Authorization Act of 2020 and 2021
NDE = Net Dollar Expansion
NDRR = Net Dollar Retention Rate
NFS = Network File System
NGFW = Next-Generation firewall (Originally from Palo Alto - it examines application data to filter traffic at the highest application layer of networks)
NIA = Network Interface (HashiCorp product feature)
NIC = National Interface Card
NIST = National Institute of Standards and Technology (US)
NLB = Network Load Balancer (Amazon)
NPS = Net Promoter Score
NSG = Network Security Group (Azure)
NTA = Network Traffic Anomaly
NTM = Next Twelve Months
NTP = Network Time Protocol
NVD = National Vulnerability Database (weaknesses in the computational logic code maintained by the US government for the world)
OCI = Container Open Initiative (for Kubernetes to replace Docker)
OCSP = Online Certificate Status Protocol
OCM = Organizational Change Management
OEM = Original Equipment Manufacturer
OLAP = OnLine Analytical Processing (A business intelligence approach that allows users to analyze large amounts of data from different points of view)
OKR = Objectives and Key Results
OIDC = OpenID Connect (open authentication protocol that profiles and extends OAuth 2.0 to add an identity layer. OIDC allows clients to confirm an end user‚Äôs identity using authentication by an authorization server.)
OOP = Object Oriented Programming
OPA = Open Policy Agent (Policy as Code agent from Styra used in Kubernetes Admission Controller and Terraform)
OPEX = Operating Expenditures (impacts Profit and Loss statement for current periods)
OS = Operating System
OSCAL = Open Security Controls Assessment Language (NIST-defined format for communicating CVEs)
OSCP = Online Certificate Status Protocol (used to obtain the revocation status of X.509 digital certificates)
OSS = Open Source Software
OTP = One Time Password
OU = Organizational Unit
OWASP = Open Web Application Security Project
PaaS = Platform as a Service
PaC = Policy as Code
PAM = Privileged Access Management
PAT = Port Address Translation
PBC = Provided By Client (SOC term)
PC = Personal Computer (refers to a Microsoft Windows machine)
PCI = Peripheral Components Interconnect
PCI DSS = Payment Card Industry Data Security Standard (private regulation by credit card processors to prevent identity theft)
PDD = Project Delivery Document (HashiCorp doc containing IS project scope prerequisites scheduling info etc.)
PDF = Portable Document Format (the format created by Adobe to create a univerally accessible file containing graphics and text)
PEP = Policy Enforcement Point (filters requests and makes eXtensible Access Control Markup Language (XACML) to a Policy Decision Point (PDP)
PFS = Perfect Forward Secrecy
PHI = Protected Health Information
PID = Process Identifier
PII = Personally Identifiable Information
PIN = Personal Identification Number (a secret consisting of a small number)
PKI = Public Key Infrastructure (manages cryptographic certificates)
PM = Product Management/Manager
P&L = Profit and Loss
PMM = Product Marketing Manager (organizational role)
PMO = Project Management Office
PoC = Proof of Concept
POLP = Principle of Least Privilege
PPTP = Point-to-Point Tunneling Protocol
PR = Pull Request (GitHub feature for suggesting code changes and integrating them into the main code base)
PS = Professional Services
PSE = Professional Services Engineer
PSK = Pre-Shared Key
PUA = Potentially Unwanted Application
PV = Persistent Volume (Kubernetes)
PVC = Persistent Volume Claim (Kubernetes)
QA = Quality Assurance
QBR = Quarterly Business Review
QKD = Quantum Key Distribution (secures communication using a cryptographic protocol involving quantum computing with lasers)
QoQ = Quarter on Quarter
QoS = Quality of Service
RACI = Responsible + Accountable + Consulted + Informed (Responsibility Assignment Matrix)
RAID = Redundant Array of Independent Disks
RAM = Random Access Memory
RASP = Runtime Application Self-Protection
RBAC = Role Based Access Control
RBG = Random Bit Generator
RCA = Root Cause Analysis
RCE = Root Code Execution
RDP = Remote Desktop Protocol (Microsoft technology for users to access a Windows computer remotely)
RDS = Relational Database Service (AWS cloud SQL service)
REST = Representational State Transfer
RFI = Request for Information
RFP = Request for Proposal
RFQ = Request for Quote
RGB = Red Green Blue (colors)
RISC = Reduced Instruction Set Computing
RMF = Risk Management Framework
ROA = Return on Assets
ROE = Return on Equity
ROI = Return on Investment
ROM = Read-only Memory
ROS = Return on Sales
RPA = Robotic Process Automation
RPC = Remote Procedure Call
RPO = Recovery Point Objective
RPS = Requests Per Second
RSA = Resident System Engineer (role within HashiCorp)
RSA = Rivest‚ÄìShamir‚ÄìAdleman (an encryption algorithm and company named based on the initials of its inventors)
RTC = Real Time Clock
RTO = Recovery Time Objective
RUM = Resources Under Management (HashiCorp Terraform at scale)
S3 = Simple Storage Service (Amazon file service)
SaaS = Software as a Service
SAML = Security Assertion Markup Language (XML-based standard for authentication and authorization)
SAP = Systems Applications and Product (large German ERP software company)
SAP = System Assessment Plan
SARs = System Assessment Results
SASE = Secure Access Service Edge (Trust Broker SaaS by Palo Alto Prisma zScaler Cato Cloudfare)
SAST = Static Application Security Testing
SBOM = Software Bill of Materials
SCA = Software Composition Analysis (identify vulnerable components in containers)
SCADA = Supervisory Control And Data Acquisition
SCC = Security Command Center (Google’s SOC service)
SCEP = Simple Certificate Enrollment Protocol
SCM = Source Control Manager (such as GitHub)
SCP = Service Control Policies (in AWS to govern the use of other IAM policies)
SCSS = Sidecar Container Security Stack
SEA = Solutions Engineering & Architecture (HashiCorp pre and post sale grouping)
SDK = Software Development Kit
SDN = Software-Defined Networking (used by AWS - an advancement to BGP used on public networks)
SDLC = System Development Life Cycle
SDP = Software Defined Perimeter
SES = Simple Email Service (Amazon)
SF = Service Fabric (Azure)
SHA = Secure Hash Algorithm (a method to identify whether a file has been altered - also used by GitHub to create an index)
SI = Systems Integrator
SIEM = Security Information and Event Management
SIG = Special Interest Group
SIRT = Security Incident Response Team (work in a SOC department)
SLA = Service Level Agreement
SLE = Single Loss Expectancy
SLI = Service Level Indicator
SLO = Service Level Objective
SLSA = Supply chain Levels for Software Artifacts (4-level framework for ensuring the integrity of software)
SME = Subject Matter Expert
SMI = Service Mesh Interface
SNMP = Simple Network Management Protocol
SMaaS = Service Mesh as a Service
SMTP = Simple Mail Transfer Protocol
SNS = Simple Notification Service (Amazon service send and receive notifications from the cloud)
SOAP = Simple Object Access Protocol (uses XML)
SOC = Security Operations Center
SOA = Service Oriented Architecture
SOP = Standard Operating Procedure
SOX = Sarbanes-Oxley Act
SQL = Structured Query Language
SPI = Service Provider Interface
SPIFFE = Secure Production Identity Framework for Everyone (spec used by Consul Connect service mesh for establishing service identities)
SQS = Simple Queue Service (Amazon hosted queues)
SOAR = Security Orchestration Automation and Response
SOW = Statement of Work
SPI = Secure Personal Information
SPOC = Single Point of Contact
SPOF = Single Point of Failure
SRA = Security Reference Architecture
SRE = Site Reliability Engineer (job role)
SSAE = Statement on Standards for Attestation Engagements
SSD = Solid-State Drive
SSE = Security Service Edge
SSE = Server-Side Encryption
SSDLC = Secure Software Development Lifecycle
SSH = Secure Shell (a Linux feature to enable remote access of computers)
SSL = Secure Sockets Layer
SSN = Social Security Number (used by the US government to unique identify an individual)
SSO = Single Sign On
SSP = System Security Plan
SSRF = Server Side Request Forgery
SSRM = Shared Security Responsibility Model
STS = Security Token Service (Amazon service)
STS = StatefulSets (Kubernetes)
SUT = System Under Test
SVID = SPIFFE Verifiable Identity Document (cryptographic file used by a workload to prove its identity to a resource or caller)
SWG = Secure Web Gateway
TAM = Total Addressable Market
TB = TerraByte
TBD = To Be Decided (common vernacular)
TDE = Transparent Data Encryption (HashiCorp Vault feature to substitute encrypted values in databases instead of HSMs)
TDM = Technical Decision Maker (vs. Business Decision Maker)
TFC = Terraform Cloud (SaaS Terraform offering)
TFE = Terraform Enterprise (self-installed/managed Terraform)
TIC = Trusted Internet Connection
TIN = Tax Identification Number
TCSEC = Trusted Computer System Evaluation Criteria
TCO = Total Cost of Ownership
TDD = Test-Driven Development
TDM = Technical Decision Maker
TFE = Terraform Enterprise
TGW = Transit GateWay (in AWS cloud)
TH = Threat Hunting
TIP = Threat Intelligence Platform
TLD = Top Level Domain (the letters after the last dot on URLs processed by DNS)
TLS = Transport Layer Security
TMI = Too Much Information (common vernacular)
TOE = Target of Evaluation (what is being evaluated by the Common Criteria EAL)
TOFU = Trust On First Use
TOTP = TIme-based One Time Password
TPM = Trusted Platform Module
TPRM = Third Party Risk Management
TSC = Trust Service Criteria
TSI = Trustworthy Software Initiative (UK)
TTL = Time to Value (marketing term)
TTL = Time To Live
TTP = Trusted Third Party
TTS = Text To Speech
UAT = User Acceptance Test
UCS = User
UDS = Unified Diagnostic Services (use in vehicles)
UEBA = User and Entity Behavior Analytics (detect any anomalous behavior - deviations from normal patterns of usage which have security implications)
UEFI = Unified Extensible Firmware Interface (spec. replaces BIOS for boot-up)
UEM = Unified Endpoint Management
UDP = User Datagram Protocol (networking)
UML = Unified Modeling Language
URI = Universal Resource Identifier
URL = Universal Resource Locator
URM = Under-Represented Minority
USB = Universal Service Bus
UTC = Coordinated Universal Time (the new term for GMT)
UTF = Unicode Transformation Format
UX = User eXperience
VAT = Value Added Tax
VBO = Value Based Outcome
VCS = Version Control System
VDP = Vulnerability Disclosure Program
VIP = Virtual IP (address)
VLAN = Virtual Local Area Network
VM = Virtual Machine
VoIP = Voice over Internet Protocol
VRRP = Virtual Router Redundancy Protocol
VRM = Vendor Risk Management
VPA = Vertical Pod Autoscaler (Kubernetes)
VPC = Virtual Private Cloud (Amazon)
VPN = Virtual Private Network
VSM = Value Stream Mapping
vTPM = Virtual Trusted Platform Module
VUCA = Volatile + Uncertain + Complex + Ambiguous
W3C = World Wide Web Consortium
WAAP = Web application and API protection (a comprehensive security approach as enhancement over web application firewalls)
WABD = Well Architected By Design
WAF = Web Application Firewall (Amazon)
WAF = Well Architected Framework
WBS = Work Breakdown Structure
WEP = Wired Equivalent Privacy
WIP = Work In Process
WPA = Wi-Fi Protected Access
WSDL = Web Services Description Language
X.509 = none (certificate format used for HTTPS on web servers digitally sign application code secure email and authenticate devices to corporate networks)
XaaS = Anything as a Service
XKX = External Key Store (Amazon service to store secrets outside of AWS)
XDR = Extended Detection and Response (Palo Alto Network’s new SaaS-based approach to threat detection and response that integrates multiple security products to provide holistic protection against cyberattacks unauthorized access and misuse.)
XML = Extensible Markup Language
XMPP = Extensible Message and Presence Protocol
YAML = YAML Ain’t Markup Language (Human-readable data-serialization text format)
YTD = Year-To-Date
ZT = Zero Trust
ZTA = Zero Trust Architecture
ZTS = Zero Trust Security
ZTNA = Zero Trust Network Access/Architecture

More about Security

This is one of a series about cyber security:

Wilson Mar

Acronyms (and contractions)

More about Security

You might also enjoy (View all posts)