Contents
🔐 General Security Terms
| Acronym | Meaning |
|---|---|
| CIA | Confidentiality, Integrity, Availability (core triad of infosec) |
| APT | Advanced Persistent Threat |
| TTP | Tactics, Techniques, and Procedures |
| IOC | Indicator of Compromise |
| IOA | Indicator of Attack |
| SOC | Security Operations Centre |
| SIEM | Security Information and Event Management |
| SOAR | Security Orchestration, Automation, and Response |
| IR | Incident Response |
| DFIR | Digital Forensics and Incident Response |
| EDR | Endpoint Detection and Response |
| XDR | Extended Detection and Response |
🧠 Frameworks & Methodologies
| Acronym | Meaning |
|---|---|
| MITRE ATT&CK | MITRE Adversarial Tactics, Techniques & Common Knowledge |
| NIST | National Institute of Standards and Technology |
| CSF | Cybersecurity Framework (NIST CSF) |
| ISO/IEC | International Organisation for Standardisation / International Electrotechnical Commission |
| PCI DSS | Payment Card Industry Data Security Standard |
| GDPR | General Data Protection Regulation |
| HIPAA | Health Insurance Portability and Accountability Act |
💻 Networking & Protocols
| Acronym | Meaning |
|---|---|
| IP | Internet Protocol |
| TCP | Transmission Control Protocol |
| UDP | User Datagram Protocol |
| DNS | Domain Name System |
| VPN | Virtual Private Network |
| NAT | Network Address Translation |
| IDS/IPS | Intrusion Detection/Prevention System |
| MAC | Media Access Control (also: Message Authentication Code) |
| DHCP | Dynamic Host Configuration Protocol |
📊 Tools & Technology
| Acronym | Meaning |
|---|---|
| ACL | Access Control List |
| IAM | Identity and Access Management |
| MFA | Multi-Factor Authentication |
| DLP | Data Loss Prevention |
| FIM | File Integrity Monitoring |
| AV | Antivirus |
| WAF | Web Application Firewall |
| NGFW | Next-Generation Firewall |
🎯 Attack & Threat Types
| Acronym | Meaning |
|---|---|
| DoS/DDoS | Denial of Service / Distributed Denial of Service |
| MITM | Man in the Middle |
| SQLi | SQL Injection |
| XSS | Cross-Site Scripting |
| CSRF/XSRF | Cross-Site Request Forgery |
| RAT | Remote Access Trojan |
| C2/C&C | Command and Control |
| FUD | Fully Undetectable (malware) |
🧰 Certifications
| Acronym | Meaning |
|---|---|
| CISSP | Certified Information Systems Security Professional |
| CISM | Certified Information Security Manager |
| CEH | Certified Ethical Hacker |
| OSCP | Offensive Security Certified Professional |
| CySA+ | Cybersecurity Analyst+ |
| Security+ | CompTIA Security+ |
| GCIH | GIAC Certified Incident Handler |
| SSCP | Systems Security Certified Practitioner |