Cybersecurity Acronyms & Abbreviations

This list aims to capture globally used acronyms and abbreviations within the cybersecurity industry.

I have generally not included vendor or location-specific abbreviations. For example NIST is included as it is widely relevant, but CES is not as it is used only by Tenable in their product. Some may have snuck in however.

In future I will update to link the entries to glossary explanations.

To update or add an item please open a pull request or issue on the repository.

Acronyms & Abbreviations List

2FA - Two Factor Authentication; see also MFA

3DES - Triple Data Encryption Algorithm (Also TDEA or Triple DEA)

ABAC - Attribute Based Access Control

ACL - Access Control List

AES - Advanced Encryption Standard

AMSI - Anti-Malware Scan Interface

APRA - Australian Prudential Regulation Authority

APT - Advanced Persistent Threat

ASLR - Address Space Layout Randomisation

ASVS - (OWASP) Application Security Verification Standard

ATT&CK - (MITRE) Adversarial Tactics, Techniques, and Common Knowledge

Authn - Authentication

Authz - Authorization

AV - Anti-Virus

BAS - Breach & Attack Simulation

BCP - Business Continuity Plan

BEC - Business Email Compromise

BGH - Big Game Hunting

BIA - Business Impact Analysis

BSIMM - Building Security In Maturity Model

C2 - Command & Control

CA - Certificate Authority

CASB - Cloud Access Security Broker

CAPEC - Common Attack Pattern Enumeration and Classification

CCM - Cloud Controls Matrix

CCSP - Certified Cloud Security Professional (ISC2)

CDR - Content Disarm & Reconstruction

CERT - Computer Emergency Response Team

CIA - Confidentiality; Integrity; Availability

CIS - Center for Internet Security

CISA - Cybersecurity and Infrastructure Security Agency

CISO - Chief Information Security Officer

CISSP - Certified Information Systems Security Professional (ISC2)

CMF - Collection Management Framework

CMM - Capability Maturity Model

CoA - Course of Action

CORS - Cross Origin Resource Sharing

CREST - CREST is not an acronym

CSA - Cloud Security Alliance

CSAF - Common Security Advisory Framework

CSO - Chief Security Officer

CSP - Content Security Policy

CSPM - Cloud Security Posture Management

CSRF - Cross Site Request Forgery

CTF - Capture the Flag

CTI - Cyber Threat Intelligence

CVE - Common Vulnerabilities and Exposures

CVRF - Common Vulnerability Reporting Framework (now CSAF)

CVS - Common Vulnerability Score

CVSS - Common Vulnerability Scoring System

CWE - Common Weakness Enumeration

CWPP - Cloud Workload Protection Platforms

DAST - Dynamic Application Security Testing

DDoS - Distributed Denial of Service

DEP - Data Execution Prevention

DES - Data Encryption Standard

DFIR - Digital Forensics and Incident Response

DKIM - DomainKeys Identified Mail

DLP - Data Loss Prevention

DLS - Dedicated Leak Site

DMARC - Domain-based Message Authentication, Reporting & Conformance

DNSSEC - Domain Name System Security Extensions

DoH - DNS over HTTPS

DOM - Document Object Model

DoS - Denial of Service

DREAD - Damage; Reproducability; Exploitability; Affected Users; Discoverability

DSS - Data Security Standard (See PCI)

EASM - Externam Attack Surface Management

EDR - Endpoint Detection and Response, sometimes known as Endpoint Threat Detection and Response (ETDR)

EICAR - European Institute for Computer Antivirus Research

EPP - Endpoint Protection Platform

EPSS - Exploit Prediction Scoring System


FAIR - Factor Analysis of Information Risk

FiDO - Fast IDentity Online

FIM - File Integrity Monitoring

FIRST - Forum of Incident Response and Security Teams

FTPS - FTP-SSL or FTP Secure

FPC - Full Packet Capture

GCM - Galois/Counter Mode

GDPR - General Data Protection Regulation


GRC - Governance, Risk & Compliance

HIDS - Host Intrusion Detection System (also NIDS for Network)

HIPAA - Health Insurance Portability and Accountability Act

HIPS - Host Intrusion Prevention System

HSM - Hardware Security Module

HSTS - HTTP Strict Transfer Protocol

IAST - Interactive Application Security Testing

IDAM - Identity & Access Management

IDOR - Insecure Direct Object Reference

IdP - Identity Provider

IDS - Intrusion Detection System

IETF - Internet Engineering Task Force

IOA - Indicators of Attack

IOC - Indicators of Compromise

IPE - Intelligence Preperation of the Environment

IPS - Intrusion Protection System

IPSec - Internet Protocol Security

IR - Incident Response

IRM - Integrated Risk Management

IRP - Incident Response Playbook

ISC2 - International Information System Security Certification Consortium

ISMS - Information Security Management System

ISO - International Organization for Standardization

ISS - Information System Security

JIT - Just in Time (SAML)

JWT - JSON Web Token

KCM - Kill Chain Model

LANGSEC - Language Security

LFI - Local File Inclusion

LOLBin - Living off the Land Binary (also LOLScripts, LOLBAS)

MD5 - Message-digest Algorithm

MDFT - Mobile Device Forensic Tool

MFA - Multi Factor Authentication

MITM - Man in the middle (also Person in the middle)

MITRE - Not an acronym - “a name that was meaningless and without connotations, but with an attractive feel.”

MSSP - Managed Security Services Provider

MSTIC - Microsoft Threat Intelligence Center

mTLS - Mutual Transport Layer Security

NAC - Network Access Control / also NACL (Network Access Control List)

NDA - Non Disclosure Agreement

NDB - Notifiable Data Breache(s)

NDR - Network Detection & Response

NIDS - Network Intrustion Detection System

NIST - National Institute of Standards and Technology (US)

NGCI - Next Generation Cyber Infrastructure

NGFW - Next Generation Firewall

NMS - Network Management System

NTA - Network Traffic Analysis

NVD - National Vulnerability Database

NX - No-Execute

OASIS - Organisation for the Advancement of Structured Information Standards

OAuth - Open Authorization

ODoH - Oblivious DNS over HTTPS

OIDC - OpenID Connect

OPSec - Operational Security

OSCAL - Open Security Controls Assessment Language

OSCP - Offensive Security Certified Professional

OSINT - Open Source Intelligence

OTP - One Time Pad ( sometimes One Time Password)

OWASP - Open Web Application Security Project

PaC - Policy as Code

PASTA - Process for Attack Simulation & Threat Analysis

PCI - Payment Card Industry (Also PCI DSS - Data Security Standard)

PIC - Position-independent Code

PIE - Position-independent Executable

PGP - Pretty Good Privacy. See also GPG

PoC - Proof of Concept

PFS - Perfect Forward Secrecy

PTES - Penetration Testing Execution Standard

PUP - Potentially Unwanted Program

RaaS - Ransomware as a Service

RASP - Runtime Application Self-Protection

RAT - Remote Access Trojan

RBAC - Role Based Access Control

RCE - Remote Code Execution

RFC - Request For Comments

ROP - Return-oriented programming

RP - Return Pointer

RSA - Rivest–Shamir–Adleman

RTR - Rapid Threat Response

SABSA - Sherwood Applied Business Security Architecture

SAML - Security Assertion Markup Language

SANS - SysAdmin, Audit, Network, and Security

SAQ - Self-Assessment Questionnaire

SARIF - Static Analysis Results Interchange Format

SASE - Secure Access Service Edge

SAST - Static Application Security Testing

SCA - Source Composition Analysis

SCAP - Security Content Automation Protocol

SCIM - System for Cross-domain Identity Management

SDLC - Software Development Lifecycle (also sometimes System Development Lifecycle)

SSDLC - Secure Software Development Lifecycle

SECCOMP - Secure Computing

SET - Social Engineering Toolkit

SFP - Saved Frame Pointer

SFTP - SSH File Transfer Protocol

SHA - Secure Haching Algorithm

SIEM - Security Incident & Event Management

SOA - Statemenet of Applicability

SOAR - Security Orchestration & Response

SOC - Security Operations Center

SOC (1,2,3) - System and Organization Controls

SOX - Sarbanes-Oxley Act

SPF - Sender Policy Framework

SQLi - SQL Injection

SSH - Secure Shell

SSL - Secure Sockets Layer

SSO - Single Sign-on

SSRF - Server Side Request Forgery

SSS - Stack Smashing Protector

SSVC - Stakeholder-Specific Vulnerability Categorization

STIG - Security Technical Implementation Guide

STIX - Structured Threat Information Expression

STRIDE - Spoofing; Tampering; Repudiation; Information disclosure; Denial of service; Elevation of Privilege

SWOT - Strengths, Weaknesses, Opportunities, and Threats (SWOT Analysis)

TARA - Threat Agent Risk Assessment

TAXII - Trusted Automated Exchange of Intelligence Information

TI - Threat Intelligence

TIP - Threat Intelligence Platform

TLP - Traffic Light Protocol

TLS - Transport Layer Security

TOGAF - The Open Group Architecture Framework

TPM - Transport Platform Module

TPRM - Third Party Risk Management

TTP - Tactics, Techniques, and Procedures

U2F - Universal Two Factor

UAC - User Access Control

UEBA - User and entity behavior analytics

VAP - Very Attacked Person

VM - Vulnerability Management (also Virtual Machine outside of infosec)

VPN - Virtual Private Network

WAF - Web Application Firewall

WEP - Wired Equivalent Privacy

WPA - Wi-Fi Protected Access

WPS - Wi-Fi Protected Setup

XACML - eXtensible Access Control Markup Language

XDR - eXtended Detection and Response

XFS - Cross Frame Scripting

XSS - Cross Site Scripting

XXE - XML External Entity