Abertay Ethical Hacking Society
Search…
Contributing
Society Events
Members
Other
Infosec Terms
A glossary of Infosec terms and abbreviations.
#
- 2FA: 2 Factor Authentication
A
- AD: Active Directory
- AES: Advanced Encryption Standard
- AMSI: Anti-Malware Scan Interface
- AP: Access Point
- APT: Advanced Persisten Threat
- AV: Antivirus
B
- BoF: Buffer Overflow
C
- C2 (CC): Command and Control
- CBSP: Cloud-based Security Providers
- CISA: Certified Information Systems Auditor
- CISM: Certified Information Security
- CISSP: Certified Information Systems Security Professional
- CS: Cobolt Strike
- CSP: Content Security Polic
- CVE; Common Vulnerabilities and Exposures
- CVSS: Common Vulnerability Scoring System
D
- DDoS: Distributed Denial of Service
- DES: Data Encryption Standard
- DLP: Data-loss Prevention
- DOS: Dinial of Service
- DSA: Digital Signature Algorithm
E
- EDR: Endpoint Detection and Response
- EPT: External Penetration Testing
- ES: Enterprise Security
F
- FDE: Full Disk Encryption
- FW: Firewall
G
- GPG: GNU Privacy Guard
- GRE: Generic Routing Encapsulation
- GSM: Global System for Mobile (communications)
H
- HIPS: Host IPS (Intrusion Prevention System)
- HMAC: Hash-based Message Authentication Code
- HPP: HTTP Parameter Pollution
- HSTS: HTTP Strict Transport Security
I
- (I)IoT: (Industrial) Internet of Things
- IAM: Identity Access Management
- IAST: Interactive Application Security Testing
- ICE: Intrusion Countermeasures Electronics
- ICS: Incident Command System
- ICS: Industrial Control System
- ID: Information Disclosure
- IDS: Intrusion Detection System
- IPS: Intrusion Prevention System
- IPT: Internal Penetration Testing
- IPsec: Internet Protocol Security
- IR: Incident Response
- ISM: Information Security Manual
- ISMS: Information Security Management System
J
- JCE: Java Cryptography Extension
K
- KC: Kill Chain
- KLCP: Kali Linux Certified Professional
L
- LE: Let's Encrypt
- LOIC: Low Orbit Ion Cannon
- LPA: Least Privilege Access
- LPE: Local Privilege Escalation
M
- MD5: Message Digest 5 (hash)
- MDR: Managed Detection and Response
- MFA: Multi-Factor Authentication
- MISP: Malware Information Sharing Platform
- MSCT: Microsoft Security Compliance Toolkit
- MSSP: Managed Security Service Provider
- MitM: Man-in-the-Middle
N
- NCSC: CCPLP NCSC Certified Cybersecurity Professional - Lead Practitioner
- NCSC: CCPP NCSC Certified Cybersecurity Professional - Practitioner
- NCSC: CCPSP NCSC Certified Cybersecurity Professional - Senior Practitioner
- NCSC: National Cyber Security Centre
- NCS: National Cybersecurity Strategy
- NGFW: Next Generation Firewall
- NIDS: Network IDS (Intrusion Detection System)
- NIPS: Network IPS (Intrusion Prevention System)
- NSE: 4 NSE 4 - FortiNET Network Security Professional
- NSE: 7 NSE 7 - FortiNET Network Security Architect
- NSE: 8 NSE 8 - Fortinet Network Security Expert
O
- OPSA: ISECOM OSSTMM Professional Security Analyst
- OPSEC: Operations Security
- OPSE: ISECOM OSSTMM Professional Security Expert
- OPST: ISECOM OSSTMM Professional Security Tester
- OSCE: Offensive Security Certified Expert
- OSCP: Offensive Security Certified Professional
- OSEE: Offensive Security Exploitation Expert
- OSEP: Offensive Security Experienced Penetration Tester
- OSINT: Open Source Intelligence
- OSSTMM: Open Source Security Testing Methodology Manual
- OSWP: Offensive Security Wireless Professional
- OTP: One-time Password
- OT: Operational Technology
- OWASP: Open Web Application Security Project
P
- PACES: Pentester Academy Certified Enterprise Security Specialist
- PAM: Privilege Access Management
- PCAP: Packet Capture
- PCNSA: Palo Alto Networks Certified Network Security Administrator
- PCNSE: Palo Alto Networks Certified Network Security Engineer
- PE: Privilege Escalation
- PEBCAK: Problem Exists Between Chair and Keyboard
- PEBKAC: Problem Exists Between Keyboard And Chair
- PERSEC: Personal Security (military)
- PFS: Perfect Forward Secrecy
- PGP: Pretty Good Privacy
- PII: Personally Identifiable Infomation
- PIM: Privilege Identity Management
- PIN: Personal Identification Number
- PKI: Public Key Infrastructure
- PLC: Programmable Logic Controllers
- PLD: Payload
- POA&M: Plan of Action & Mitigation
- PS: Powershell
- PT: Penetration Test
- PTR: Penetration Test Request
- Pentest+: CompTIA Pentest+
- PoC: Point of Concept
- PrivEsc: Privilege Escalation
Q
- QSA: Quality Security Assessor
R
- RAT: Remote (Adimistration/Access) Too
- RBA: Risk-based Assessment
- RCA: Root Cause Analysis
- RCE: Remote Code Executionl
S
- SAST: Static Application Security Testing
- SIEM: Security Information and EVent Management
- SOC: Security Operations Centre
- SPF: Sender Policy Framework
- SQLi: SQL Injection
- SSCP - Systems Security Certified Practitioner
- SSE: Server-Side Encryption
- SSH: Secure Shell
- STS: Security Token Service
T
- TI: Threat Intelligence
- TLS: Transport Layer Security
- TOR: The Onion Router
- TPM: Trusted Platform Module
U
V
- VA: Vulnerability Assessment
- VAPT: Vulnerability Assessment and Penetration Test
- VDP: Vulnerability Disclosure Program
- VLOM: Vulnerability Lifecycle Management
- VM: Vulnerability Management
- VMP: Vulnerability Management Program
- VR: Vulnerability Research
- VSA: Vendor Security Assessment
W
- WAF: Web Application Firewall
- WAP: Web Application Protection
- WAPT: Web Application Penetration Test
- WCE: Windows Credentials Editor
- WIDS: Wireless Intrusion Detection System
- WIPS: Wireless Intrusion Prevention System
- WPA: Wi-Fi Protected Access
X
- XXE: XML External Entities
- XSS: Cross-Site Scripting
Y
Z
- ZT: Zero Trust
Last modified 7mo ago