Acronyms.csv

ID,Acronymn,EQ,Definition,Type
*,2FA,=,Two-Factor Authentication,
*,3DES,=,Triple Digital Encryption Standard,
*,A11Y,=,Accessibility,(numeronym of 11 letters between a and y)
*,ABAC,=,Attribute Based Access Control,
*,AC,=,Alternating Current,(as in electrical wall plugs)
*,ACI,=,Azure Container Instance,(Microsoft)
*,ACL,=,Access Control List,(defines CRUD permissions for an identity)
*,ACM,=,AWS Certificate Manager,
*,ACR,=,Azure Container Registry,(Microsoft)
*,AD,=,Active Directory,(Microsoft's branding for technologies which control access by users and groups)
*,ADC,=,Analog to Digital Converter,
*,ADC,=,AWS Direct Connect,Amazon
*,AEAD,=,Authenticated Encryption with Associated Data,(cipher used in TLS)
*,AES,=,Advanced Encryption Standard,(symmetric encryption algorithm)
*,AHOD,=,All Hands On Deck,
*,AI,=,Artificial Intelligence,
*,AICPA,=,Association of International Certified Professional Accountants,
*,AKA,=,Also Known As,(common vernacular)
*,AKS,=,Azure Kubernetes Service,(Microsoft)
*,ALB,=,Application Load Balancer,(Amazon)
*,ALE,=,Annualized Loss Expectancy,
*,ALEER,=,Adopt Land Ex pand Extend Renew,
*,ALM,=,Application Lifecycle Management,(all that goes into managing building and maintaining software applications)
*,AM,=,Account Manager,
*,AMA,=,Ask Me Anything,
*,AMA,=,Azure Marketplace Application,(such as HashiCorp Consul Service)
*,AMI,=,Amazon Machine Image,(Amazon and Azure image containing operating system and apps)
*,API,=,Application Programming Interface,
*,APJ,=,Asia + Pacific + Japan,
*,APM,=,Application Performance Monitoring,
*,APT,=,Advanced Persistent Threat,
*,ARM,=,Advanced RISC Machine,(type of computer chip)
*,ARN,=,Amazon Resource Name,(Amazon)
*,ARO,=,Annual Rate of Occurrence,
*,ARP,=,Address Resolution Protocol,(Networking)
*,ASG,=,Auto Scaling Groups,(Amazon)
*,ASIC,=,Application-Specific Integrated Circuit,
*,ASM,=,AWS Secrets Manager,(Amazon)
*,ASN,=,Autonomous System Number.
*,ATARC,=,Advanced Technology Academic Research Center,(non-profit collaborative forum on emerging technology challenges like zero trust)
*,ATO,=,Authority To Operate,(FEDRAMP designation for production-ready state)
*,AuthN,=,Authentication,(contraction)
*,AuthZ,=,Authorization,(contraction)
*,AWS,=,Amazon Web Services,(cloud services provider)
*,B2B,=,Business to Business,(marketing)
*,B2C,=,Business to Consumer,(marketing)
*,BANT,=,Budget + Authority + Need + Timeframe,(framework for buyer readiness)
*,BAU,=,Business Administration Unit,
*,BBS,=,BitBucket Server,(self-managed edition of BitBucket source version manager from Atlassian)
*,BCDR,=,Business Continuity and Disaster Recovery,
*,BCP,=,Business Continuity Plan,
*,BDM,=,Business Decision Maker,
*,BGP,=,Border Gateway Protocol,
*,BIA,=,Business Impact Assessment,
*,BIOS,=,Basic Input Output System,
*,BKM,=,Best Known Method,
*,BLE,=,Bluetooth Low Energy,
*,BOM,=,Bill of Material,
*,BPMN,=,Business Process Model Notation,
*,BRB,=,Be Right Back,(internet slang)
*,BTP,=,Behavioral Threat Protection,
*,BTW,=,By The Way,
*,BVA,=,Business Value Assessment,
*,BYOK,=,Bring Your Own Key,
*,C2E,=,Commercial Cloud Enterprise,
*,CA,=,Certificate Authority,(issues cryptographic certificates)
*,CaC,=,Configuration as Code,
*,CAF,=,Cloud Adoption Framework,
*,CAGR,=,Compound Annual Growth Rate,
*,CAIQ,=,Consensus Assessments Initiative Questionnaire,
*,CAM,=,Corporate Account Manager,(role)
*,CAP,=,Common Alerting Protocol,(XEP-127)
*,CAPEX,=,Capital Expenditures,(impacts Asset Balance Statements and can be amortized over time)
*,CAPTCHA,=,Completely Automated Public Turing (test) to tell Computers and Humans Apart,
*,CASB,=,Cloud Access Security Broker,(enterprise management software to mediate cloud service access by users across all types of devices)
*,CCB,=,Change Control Board,(organization)
*,CCE,=,Critical Customer Escalation,
*,CCM,=,Cloud Controls Matrix,(from CSA)
*,CCM,=,Continuous Controls Monitoring,
*,CCM,=,Customer Communications Management,
*,CCP,=,Crisis Communication Plan,
*,CDK,=,Cloud Development Kit,(Amazon)
*,CDM,=,Continuous Diagnostics and Mitigation,
*,CDN,=,Content Distribution Network,
*,CEO,=,Chief Executive Officer,
*,CfCT,=,Customizations for Control Tower,Amazon
*,CD,=,Continuous Deployment,(into Production for Productive use)
*,CE,=,Community Edition,
*,CF,=,CloudFormation,
*,CI,=,Continuous Integration,
*,CIAN,=,Customer Identity and Access Management,
*,CIDR,=,Classless Inter-Domain Routing,
*,CIEM,=,Cloud Infrastructure and Entitlement Management,(invented by Gartner)
*,CIS,=,Center for Internet Security,
*,CISA,=,Cybersecurity and Infrastructure Security Agency,(US government organization)
*,CKL,=,Compromised Key List,
*,CKMS,=,Cryptographic Key Management System,
*,CLI,=,Command Line Interface,
*,CMK,=,Customer-Managed Key,(for encryption)
*,CMP,=,Cloud Management Platform,(for easier use of multiple clouds)
*,CN,=,Common Name,(a human-readable name of the subject in certificates)
*,CNAME,=,Canonical Name Record,(DNS)
*,CNI,=,Container Network Interface,(Kubernetes)
*,CMDB,=,Configuration Management Database,(ITIL term for where all aspects of the system is defined)
*,COBRA,=,Customer Onboarding and Rapid Adoption,(HashiCorp term)
*,COGS,=,Cost of Goods Sold,(Financial Accounting)
*,COSO,=,Committee of Sponsoring Organization,
*,COTS,=,Commercial Off-The-Shelf,(Software vs. custom-built)
*,CPA,=,Certified Public Accountant,
*,CPU,=,Central Processing Unit,
*,CRD,=,Custom Resource Definition,(Extends Kubernetes API)
*,CRI,=,Container Runtime Interface,(Kubernetes)
*,CRR,=,Cross-Region Replication,
*,CRL,=,Certificate Revocation List,
*,CRM,=,Customer Relationship Management,
*,CS,=,Customer Success,(organization)
*,CSA,=,Cloud Security Alliance,
*,CSB,=,Cloud Service Broker,
*,CSC,=,Cloud Service Customer,
*,CSE,=,Customer Success Engineer,
*,CSI,=,Container Storage Interface,(Kubernetes)
*,CSM,=,Customer Success Manager,
*,CSP,=,Cloud Service Provider,
*,CSP,=,Cryptographic Service Provider,
*,CSPM,=,Cloud Security Posture Management,
*,CSR,=,Certificate Signing Request,
*,CTA,=,Call To Action,
*,CTI,=,Cyber Threat Intelligence,
*,CTO,=,Chief Technology Officer,
*,CTS,=,Consul-Terraform Sync,(HashiCorp product)
*,CVE,=,Common Vulnerabilities and Exposures,(identified through the US CISA database)
*,CWE,=,Common Weakness Enumerations,(known in programming source code)
*,CWPP,=,Cloud Workload Protection Platform,
*,DA,=,Developer Advocate,
*,DB,=,Database,
*,DC,=,Data Center,(in the context of Consul - a set of Consul nodes within a region)
*,DCAP,=,Data-Centric Audit Protection,
*,DDD,=,Domain Driven Design,
*,DDoS,=,Distributed Denial of Service Attack,
*,DEK,=,Data Encryption Key,(Microsoft secret held to protect data stored in SQL servers)
*,DEI,=,Diversity + Equity + Inclusion,
*,DES,=,Digital Encryption Standard,(56 bits),
*,DHCP,=,Dynamic Host Configuration Protocol,(automatically assigns IP addresses to devices on a network)
*,DHS,=,Department of Homeland Security,(US government organization)
*,DLP,=,Data Loss Prevention,
*,DMZ,=,Demilitarized Zone,
*,DNC,=,Do Not Connect,
*,DNS,=,Domain Name Service,
*,DOD,=,Department of Defense,(US government organization)
*,DPIA,=,Data Protection Impact Assessment,
*,DR,=,Disaster Recovery,
*,DRI,=,Directly Responsible Individual,(Coined by Apple for the person to make sure that a task is completed)
*,DRP,=,Disaster Recovery Plan,(to transition from alternative business processes back to regular processes.)
*,DRPO,=,Defense Research & Development Organization,
*,DRY,=,Don't Repeat Yourself,
*,DSC,=,Digital Signature Algorithm,(algorithm for signatures)
*,DTC,=,Diagnostic Trouble Code,
*,DTLS,=,Datagram Transport Layer Security,
*,DUT,=,Device Under Test,
*,DX,=,Developer eXperience,
*,E2E,=,End-to-End,
*,EA,=,Enterprise Architect,
*,EAL,=,Evaluation Assurance Level,(1-7 of Common Criteria)
*,EAM,=,Externalized Authorization Management,
*,EAP,=,Extensible Authentication Protocol,(a framework for port-based access control which uses the same three primary components that are used in the RADIUS standard.)
*,EAR,=,Export Administration Regulations,(US)
*,EBS,=,Elastic Block Store,(Amazon)
*,ECDSA,=,Elliptic Curve Digital Signature Algorithm,(algorithm for signatures)
*,EDI,=,Electronic Data Interchange,
*,EE,=,Enterprise Edition,
*,EIN,=,Employer Identification Number,
*,EC2,=,Elastic Cloud Compute,
*,ECR,=,Elastic Container Registry,(Amazon service)
*,ECS,=,Elastic Container Service,(Amazon service)
*,ECU,=,EC2 compute unit,(Amazon)
*,EDM,=,External Dependency Management,(NIST)
*,EDR,=,Endpoint Detection and Remediation,
*,EFS,=,Elastic File System,(Amazon)
*,EFT,=,Electronic Funds Transfer,
*,ELA,=,Enterprise License Agreement,
*,EMR,=,Elastic Map Reduce,(Amazon)
*,EKM,=,Extensible Key Management,(HashiCorp Vault feature)
*,EKS,=,Elastic Kubernetes Service,(Amazon)
*,ELB,=,Elastic Load Balancer,
*,EMEA,=,Europe + Middle East + Africa,
*,EMI,=,Electro-Magnetic Interference,
*,ENI,=,Elastic Network Interface,(Amazon)
*,EPS,=,Earnings Per Share,
*,ETL,=,Extract Transform and Load,
*,EOQ,=,End of Quarter,
*,EOM,=,End of Month,
*,EO,=,Executive Order,
*,EOY,=,End of Year,
*,ERM,=,Enterprise Risk Management,
*,ERP,=,Enterprise Resource Planning,(SAP does this)
*,EU,=,European Union,
*,EV,=,Extended Validation,(certificate)
*,FBL,=,Feedback Loop,
*,FDE,=,Full Disk Encryption,
*,FEDRAMP,=,Federal Risk and Authorization Management Program,
*,FIDO2,=,Fast IDentity Online,(Spec for web authorization using devices with PKI instead of passwords)
*,FIFO,=,First In - First Out,
*,FIM,=,Federated Identity Management,
*,FIM,=,File Integrity Monitoring,
*,FN,=,False Negative,(test result that missed catching a bad/malicious sample)
*,FOMO,=,Fear Of Missing Out,
*,FP,=,False Positive,(test result that identified a legitimate sample as bad/malicious)
*,FQDN,=,Fully-qualified Domain Name,
*,FTE,=,Full Time Employee/Equivalent,
*,FQDN,=,Fully Qualified Domain Name,
*,FSM,=,Finite State Machine,
*,FYE,=,Fiscal Year End,
*,FUD,=,Fear Uncertainty and Doubt,
*,GAPP,=,Generally Accepted Privacy Principles,(developed by accountants)
*,GA,=,General Availability,
*,GAM,=,Global Account Manager,(job role)
*,GB,=,Gigabytes,(173741824 bytes or 1024 megabytes)
*,GCE,=,Google Compute Engine,
*,GCP,=,Google Cloud Platform,
*,GCM,=,Galois/Counter Mode,(mode of operation for symmetric-key cryptographic block ciphers)
*,GDPR,=,General Data Protection Regulation,(EU Regulation 2016/679)
*,GID,=,Group Identifier,(used in Kubernetes)
*,GKE,=,Google Kubernetes Engine,(manages container images within Google cloud)
*,GKS,=,Google Kubernetes Service,(runs container images within Google-managed Kubernetes)
*,GLB,=,Global Load Balancing,
*,GNM,=,Global Network Manager,(HashiCorp product feature)
*,GNU,=,GNU is Not Unix,(a recursive acronym for the set of commands in Linux Bash scripts)
*,GPG,=,GNU Privacy Guard,(software program to handle encryption)
*,GPS,=,Global Positioning System,
*,GRC,=,Governance Risk and Compliance,
*,gRPC,=,Global Remote Procedure Call,(a protocol to connect services)
*,GSI,=,Global System Integrator,
*,GTM,=,Go To Market,
*,GUI,=,Graphical User Interface,
*,GW,=,Gateway,
*,H2M,=,Human to Machine,(interface)
*,HA,=,High Availability,
*,HC,=,HashiCorp,
*,HCL,=,HashiCorp Configuration Language,
*,HD,=,High Definition,
*,HCM,=,Human Capital Management,(system for HR processes)
*,HCP,=,HashiCorp Cloud Provider,
*,HCS,=,HashiCorp Consul Service,(SaaS on Azure)
*,HIPAA,=,Health Insurance Portability and Accountability Act,
*,HiPPO,=,Highest Paid Person’s Opinions,
*,HMI,=,Human-Machine Interface,
*,HPA,=,HorizontalPodAutoscaler,(Kubernetes)
*,HPC,=,High Performance Compute,
*,HR,=,Human Resources,
*,HSM,=,Hardware Security Module,
*,HTML,=,HyperText Markup Language,
*,HTTPS,=,HyperText Transfer Protocol Secure,(the protocol that uses port 443)
*,HVA,=,High Value Asset,
*,HVN,=,HashiCorp Virtual Network,
*,I18N,=,Internationalization,(numeronym - 18 letters between "i" and "n")
*,IA,=,Interoperability Agreement,(between enterprises)
*,IaaS,=,Infrastructure as a Service,
*,IaC,=,Infrastructure as Code,
*,IAB,=,Internet Architecture Board,(maintains an ethics-related statement concerning the use of the Internet. A technical advisory group of researchers and technical professionals responsible for Internet growth and management strategy and standards oversight.)
*,IAM,=,Identity and Access Management,
*,IAST,=,Interactive Application Security Testing,
*,IC,=,Integrated Circuit,
*,ICFR,=,Internal Control over Financial Reporting,
*,ICMP,=,Internet Control Message Protocol,(used by the Linux ping command)
*,ICS,=,Industrial Control System,
*,ICT,=,Information and Communication Technology,
*,ICYMI,=,In Case You Missed It,
*,ID,=,Identifier,
*,IDaaS,=,Identity as a Service,
*,IDE,=,Integrated Development Environment,
*,IdP,=,Identity Provider,(such as Okta)
*,IDS,=,Intrusion detection system,(A detective control used to detect attacks after they occur. A signature-based IDS (also called definition-based) uses a database of predefined traffic patterns. An anomaly-based IDS (also called behavior-based) starts with a performance baseline of normal behavior and compares network traffic against this baseline. An IDS can be either host-based (HIDS) or network-based (NIDS).
*,IEM,=,Infrastructure Event Management,(AWS service to ensure high traffic can be accomodated)
*,IETF,=,Internet Engineering Task Force,
*,IGA,=,Identity Governance and Administration,
*,IIoT,=,Industrial Internet of Things,
*,ILT,=,Instructor-Led Training,
*,IM,=,Internet Messaging,
*,IOCs,=,Indicators of Compromise,
*,IOPS,=,Input Output Per Second,(Amazon)
*,IOT,=,Internet of Things,
*,IP,=,Internet Protocol,
*,IPAM,=,IP Address Manager,(AWS feature that manages CIDR ranges)
*,IPE,=,Information Produced by the Entity,
*,IPS,=,Intrusion Protection System,(detect or prevent network security attacks such as brute force attacks)
*,IPsec,=,Internet Protocol security,
*,IPO,=,Initial Public Offering,
*,IRL,=,In Real Life,(internet slang)
*,IRT,=,Incident Response Team,
*,ISO,=,International Standards Organization,
*,ISP,=,Internet Service Provider,(company that provides access to the internet)
*,ISV,=,Independent Software Vendor,
*,IT,=,Information Technologies,
*,ITAR,=,International Traffic in Arms Regulations,(US)
*,ITIL,=,Information Technology Infrastructure Library,
*,ITSM,=,IT Service Management,(implemented of Service Now)
*,ITU,=,International Telecommunication Union,(defined X.509 certificate format)
*,JSON,=,JavaScript Notation,
*,JWT,=,JSON Web Token,(Internet standard for creating data with optional signature and/or optional encryption whose payload payload holds JSON that asserts some number of claims)
*,K8s,=,Kubernetes,(numeronym of 8 letters between K and S)
*,KANBAN,=,japanese word for visual signal,(adopted for managing software workflow)
*,KDC,=,Key Distribution Center,
*,KEK,=,Key Encryption Key,(key to encrypt the DEK)
*,KMIP,=,Key Management Interoperability Protocol,
*,KMS,=,Key Management Service,(Amazon)
*,KPI,=,Key Performance Indicator,
*,KTS,=,Kubernetes Threat Detection,(Google service)
*,KRI,=,Key Recovery Information,
*,KV,=,Key-Value,(data storage format)
*,KYC,=,Know Your Customer,
*,LAMP,=,Linux OS + Apache web server + MySQL DB + PHP/Perl/Python,(open-source web development technology stack)
*,L18N,=,Localization,(numeronym of 18 letters between L and N)
*,LAN,=,Local Area Network,
*,LDAP,=,Lightweight Directory Access Protocol,(used by Linux to manage user and group access)
*,LIFO,=,Last In - Last Out,
*,LLC,=,Limited Liability Company,
*,LMS,=,Learning Management System,
*,LTM,=,Last Twelve Months,
*,MAC,=,Media Access Control,(address of NIC card)
*,MAC,=,Message Authentication Code,(a tag appended to a message to verify its authenticity)
*,MAP,=,Minimum Acceptable Product,
*,MBR,=,Master Boot Record,
*,MDM,=,Mobile Device Management,
*,MFA,=,Multi-Factor Authentication,
*,MIT,=,Most Important Task,
*,MitB,=,Man-in-the-Browser,(attack vector)
*,MitM,=,Man-in-the-Middle,(an attack in a form of active interception allowing an attacker to intercept traffic and insert malicious code sent to other clients. Kerberos provides mutual authentication and helps prevent MITM attacks)
*,ML,=,Machine Learning,
*,MSA,=,Master Service Agreement,
*,MSI,=,Managed Service Identity,
*,MTD,=,Month-To-Date,
*,mTLS,=,Mutual TLS,
*,MOR,=,Minimum Operating Requirements,(describes the minimum environmental and connectivity requirements in order to operate computer equipment)
*,MSI,=,Microsoft Software Installer,(file extension for Microsoft Windows installer files)
*,MTD,=,Maximum Tolerable Downtime,
*,MQTT,=,MQ Telemetry Transport,
*,MTA,=,Mail Transfer Agent,
*,MTTD,=,Mean Time To Detect,
*,MTTR,=,Mean Time To Restore/Resolution,
*,MTU,=,Maximum Transmission Unit,(networking)
*,MVP,=,Minimum Viable Product,
*,NAC,=,Network Admission Control/Controller,(Cisco)
*,NAD,=,Network Access Devices,
*,NAT,=,Network Address Translation,(allows devices on a private network to communicate with a public network through a networking gateway)
*,NB,=,No Problem,
*,NFR,=,Non-Functional Requirements,
*,NDA,=,Non-Disclosure Agreement,
*,NDAA,=,National Defense Authorization Act of 2020 and 2021,
*,NDE,=,Net Dollar Expansion,
*,NDRR,=,Net Dollar Retention Rate,
*,NFS,=,Network File System,
*,NGFW,=,Next-Generation firewall,(Originally from Palo Alto - it examines application data to filter traffic at the highest application layer of networks)
*,NIA,=,Network Interface,(HashiCorp product feature)
*,NIC,=,National Interface Card,
*,NIST,=,National Institute of Standards and Technology,(US)
*,NLB,=,Network Load Balancer,(Amazon)
*,NPS,=,Net Promoter Score,
*,NSG,=,Network Security Group,(Azure)
*,NTA,=,Network Traffic Anomaly,
*,NTM,=,Next Twelve Months,
*,NTP,=,Network Time Protocol,
*,NVD,=,National Vulnerability Database,(weaknesses in the computational logic code, maintained by the US government for the world)
*,OCI,=,Container Open Initiative,(for Kubernetes to replace Docker)
*,OCSP,=,Online Certificate Status Protocol,
*,OCM,=,Organizational Change Management,
*,OEM,=,Original Equipment Manufacturer,
*,OLAP,=,OnLine Analytical Processing,(A business intelligence approach that allows users to analyze large amounts of data from different points of view)
*,OKR,=,Objectives and Key Results,
*,OIDC,=,OpenID Connect,(open authentication protocol that profiles and extends OAuth 2.0 to add an identity layer. OIDC allows clients to confirm an end user’s identity using authentication by an authorization server.)
*,OOP,=,Object Oriented Programming,
*,OPA,=,Open Policy Agent,(Policy as Code agent from Styra used in Kubernetes Admission Controller and Terraform)
*,OPEX,=,Operating Expenditures,(impacts Profit and Loss statement for current periods)
*,OS,=,Operating System,
*,OSCAL,=,Open Security Controls Assessment Language,(NIST-defined format for communicating CVEs)
*,OSCP,=,Online Certificate Status Protocol,(used to obtain the revocation status of X.509 digital certificates)
*,OSS,=,Open Source Software,
*,OTP,=,One Time Password,
*,OU,=,Organizational Unit,
*,OWASP,=,Open Web Application Security Project,
*,PaaS,=,Platform as a Service,
*,PaC,=,Policy as Code,
*,PAM,=,Privileged Access Management,
*,PAT,=,Port Address Translation,
*,PBC,=,Provided By Client,(SOC term)
*,PC,=,Personal Computer,(refers to a Microsoft Windows machine)
*,PCI,=,Peripheral Components Interconnect,
*,PCI DSS,=,Payment Card Industry Data Security Standard,(private regulation by credit card processors to prevent identity theft)
*,PDD,=,Project Delivery Document,(HashiCorp doc containing IS project scope, prerequisites, scheduling info, etc.)
*,PDF,=,Portable Document Format,(the format created by Adobe to create a univerally accessible file containing graphics and text)
*,PEP,=,Policy Enforcement Point,(filters requests and makes eXtensible Access Control Markup Language (XACML) to a Policy Decision Point (PDP)
*,PFS,=,Perfect Forward Secrecy,
*,PHI,=,Protected Health Information,
*,PID,=,Process Identifier,
*,PII,=,Personally Identifiable Information,
*,PIN,=,Personal Identification Number,(a secret consisting of a small number)
*,PKI,=,Public Key Infrastructure,(manages cryptographic certificates)
*,PM,=,Product Management/Manager,
*,P&L,=,Profit and Loss,
*,PMM,=,Product Marketing Manager,(organizational role)
*,PMO,=,Project Management Office,
*,PoC,=,Proof of Concept,
*,POLP,=,Principle of Least Privilege,
*,PPTP,=,Point-to-Point Tunneling Protocol,
*,PR,=,Pull Request,(GitHub feature for suggesting code changes and integrating them into the main code base)
*,PS,=,Professional Services,
*,PSE,=,Professional Services Engineer,
*,PSK,=,Pre-Shared Key,
*,PUA,=,Potentially Unwanted Application,
*,PV,=,Persistent Volume,(Kubernetes)
*,PVC,=,Persistent Volume Claim,(Kubernetes)
*,QA,=,Quality Assurance,
*,QBR,=,Quarterly Business Review,
*,QKD,=,Quantum Key Distribution,(secures communication using a cryptographic protocol involving quantum computing with lasers)
*,QoQ,=,Quarter on Quarter,
*,QoS,=,Quality of Service,
*,RACI,=,Responsible + Accountable + Consulted + Informed,(Responsibility Assignment Matrix)
*,RAID,=,Redundant Array of Independent Disks,
*,RAM,=,Random Access Memory,
*,RASP,=,Runtime Application Self-Protection,
*,RBAC,=,Role Based Access Control,
*,RCA,=,Root Cause Analysis,
*,RCE,=,Root Code Execution,
*,RDP,=,Remote Desktop Protocol,(Microsoft technology for users to access a Windows computer remotely)
*,RDS,=,Relational Database Service,(AWS cloud SQL service)
*,REST,=,Representational State Transfer,
*,RGB,=,Red Green Blue,(colors)
*,RISC,=,Reduced Instruction Set Computing,
*,RBG,=,Random Bit Generator,
*,RCA,=,Root Cause Analysis,
*,RFI,=,Request for Information,
*,RFP,=,Request for Proposal,
*,RFQ,=,Request for Quote,
*,RMF,=,Risk Management Framework,
*,ROA,=,Return on Assets,
*,ROE,=,Return on Equity,
*,ROI,=,Return on Investment,
*,ROM,=,Read-only Memory,
*,ROS,=,Return on Sales,
*,RPA,=,Robotic Process Automation,
*,RPC,=,Remote Procedure Call,
*,RPO,=,Recovery Point Objective,
*,RPS,=,Requests Per Second,
*,RSA,=,Resident System Engineer,(role within HashiCorp)
*,RSA,=,Rivest–Shamir–Adleman,(an encryption algorithm named based on the initials of those who invented it, and the company they founded)
*,RTC,=,Real Time Clock,
*,RTO,=,Recovery Time Objective,
*,RUM,=,Resources Under Management,(HashiCorp Terraform at scale)
*,S3,=,Simple Storage Service,(Amazon file service)
*,SaaS,=,Software as a Service,
*,SAML,=,Security Assertion Markup Language,(XML-based standard for authentication and authorization)
*,SAP,=,Systems Applications and Product,(large German ERP software company)
*,SAP,=,System Assessment Plan,
*,SARs,=,System Assessment Results,
*,SASE,=,Secure Access Service Edge,(Trust Broker SaaS by Palo Alto Prisma, zScaler, Cato, Cloudfare)
*,SAST,=,Static Application Security Testing,
*,SBOM,=,Software Bill of Materials,
*,SCA,=,Software Composition Analysis,(identify vulnerable components in containers)
*,SCADA,=,Supervisory Control And Data Acquisition,
*,SCC,=,Security Command Center,(Google's SOC service)
*,SCEP,=,Simple Certificate Enrollment Protocol,
*,SCM,=,Source Control Manager,(such as GitHub)
*,SCP,=,Service Control Policies,(in AWS to govern the use of other IAM policies)
*,SCSS,=,Sidecar Container Security Stack,
*,SEA,=,Solutions Engineering & Architecture,(HashiCorp pre and post sale grouping)
*,SDK,=,Software Development Kit,
*,SDN,=,Software-Defined Networking,(used by AWS - an advancement to BGP used on public networks)
*,SDLC,=,System Development Life Cycle,
*,SDP,=,Software Defined Perimeter,
*,SES,=,Simple Email Service,(Amazon)
*,SF,=,Service Fabric,(Azure)
*,SHA,=,Secure Hash Algorithm,(a method to identify whether a file has been altered - also used by GitHub to create an index)
*,SI,=,Systems Integrator,
*,SIEM,=,Security Information and Event Management,
*,SIG,=,Special Interest Group,
*,SIRT,=,Security Incident Response Team,(work in a SOC department)
*,SLA,=,Service Level Agreement,
*,SLE,=,Single Loss Expectancy,
*,SLI,=,Service Level Indicator,
*,SLO,=,Service Level Objective,
*,SLSA,=,Supply chain Levels for Software Artifacts,(4-level framework for ensuring the integrity of software)
*,SME,=,Subject Matter Expert,
*,SMI,=,Service Mesh Interface,
*,SNMP,=,Simple Network Management Protocol,
*,SMaaS,=,Service Mesh as a Service,
*,SMTP,=,Simple Mail Transfer Protocol,
*,SNS,=,Simple Notification Service,(Amazon service send and receive notifications from the cloud)
*,SOAP,=,Simple Object Access Protocol,(uses XML)
*,SOC,=,Security Operations Center,
*,SOA,=,Service Oriented Architecture,
*,SOP,=,Standard Operating Procedure,
*,SOX,=,Sarbanes-Oxley Act,
*,SQL,=,Structured Query Language,
*,SPI,=,Service Provider Interface,
*,SPIFFE,=,Secure Production Identity Framework for Everyone,(spec used by Consul Connect service mesh for establishing service identities)
*,SQS,=,Simple Queue Service,(Amazon hosted queues)
*,SOAR,=,Security Orchestration Automation and Response,
*,SOW,=,Statement of Work,
*,SPI,=,Secure Personal Information,
*,SPOC,=,Single Point of Contact,
*,SPOF,=,Single Point of Failure,
*,SRA,=,Security Reference Architecture,
*,SRE,=,Site Reliability Engineer,(job role)
*,SSAE,=,Statement on Standards for Attestation Engagements,
*,SSD,=,Solid-State Drive,
*,SSE,=,Security Service Edge,
*,SSE,=,Server-Side Encryption,
*,SSDLC,=,Secure Software Development Lifecycle,
*,SSH,=,Secure Shell,(a Linux feature to enable remote access of computers)
*,SSL,=,Secure Sockets Layer,
*,SSN,=,Social Security Number,(used by the US government to unique identify an individual)
*,SSO,=,Single Sign On,
*,SSP,=,System Security Plan,
*,SSRF,=,Server Side Request Forgery,
*,SSRM,=,Shared Security Responsibility Model,
*,STS,=,Security Token Service,(Amazon service)
*,STS,=,StatefulSets,(Kubernetes)
*,SUT,=,System Under Test,
*,SVID,=,SPIFFE Verifiable Identity Document,(cryptographic file used by a workload to prove its identity to a resource or caller)
*,SWG,=,Secure Web Gateway,
*,TAM,=,Total Addressable Market,
*,TB,=,TerraByte,
*,TBD,=,To Be Decided,(common vernacular)
*,TDE,=,Transparent Data Encryption,(HashiCorp Vault feature to substitute encrypted values in databases instead of HSMs)
*,TDM,=,Technical Decision Maker,(vs. Business Decision Maker)
*,TFC,=,Terraform Cloud,(SaaS Terraform offering)
*,TFE,=,Terraform Enterprise,(self-installed/managed Terraform)
*,TIC,=,Trusted Internet Connection,
*,TIN,=,Tax Identification Number,
*,TCSEC,=,Trusted Computer System Evaluation Criteria,
*,TCO,=,Total Cost of Ownership,
*,TDD,=,Test-Driven Development,
*,TDM,=,Technical Decision Maker,
*,TFE,=,Terraform Enterprise,
*,TGW,=,Transit GateWay,(in AWS cloud)
*,TH,=,Threat Hunting,
*,TIP,=,Threat Intelligence Platform,
*,TLD,=,Top Level Domain,(the letters after the last dot on URLs processed by DNS)
*,TLS,=,Transport Layer Security,
*,TMI,=,Too Much Information,(common vernacular)
*,TOE,=,Target of Evaluation,(what is being evaluated by the Common Criteria EAL)
*,TOTP,=,TIme-based One Time Password,
*,TPM,=,Trusted Platform Module,
*,TPRM,=,Third Party Risk Management,
*,TSC,=,Trust Service Criteria,
*,TSI,=,Trustworthy Software Initiative,(UK)
*,TTL,=,Time to Value,(marketing term)
*,TTL,=,Time To Live,
*,TTP,=,Trusted Third Party,
*,TTS,=,Text To Speech,
*,UAT,=,User Acceptance Test,
*,UCS,=,User,
*,UDS,=,Unified Diagnostic Services,(use in vehicles)
*,UEBA,=,User and Entity Behavior Analytics,(detect any anomalous behavior - deviations from normal patterns of usage which have security implications)
*,UEFI,=,Unified Extensible Firmware Interface,(spec. replaces BIOS for boot-up)
*,UEM,=,Unified Endpoint Management,
*,UDP,=,User Datagram Protocol,(networking)
*,UML,=,Unified Modeling Language,
*,URI,=,Universal Resource Identifier,
*,URL,=,Universal Resource Locator,
*,URM,=,Under-Represented Minority,
*,UTC,=,Coordinated Universal Time,(the new term for GMT)
*,USB,=,Universal Service Bus,
*,UX,=,User eXperience,
*,VAT,=,Value Added Tax,
*,VBO,=,Value Based Outcome,
*,VCS,=,Version Control System,
*,VDP,=,Vulnerability Disclosure Program,
*,VIP,=,Virtual IP,(address)
*,VLAN,=,Virtual Local Area Network,
*,VM,=,Virtual Machine,
*,VoIP,=,Voice over Internet Protocol,
*,VRRP,=,Virtual Router Redundancy Protocol,
*,VRM,=,Vendor Risk Management,
*,VPA,=,Vertical Pod Autoscaler,(Kubernetes)
*,VPC,=,Virtual Private Cloud,(Amazon)
*,VPN,=,Virtual Private Network,
*,VSM,=,Value Stream Mapping,
*,vTPM,=,Virtual Trusted Platform Module,
*,VUCA,=,Volatile + Uncertain + Complex + Ambiguous,
*,W3C,=,World Wide Web Consortium,
*,WAAP,=,Web application and API protection,(a comprehensive security approach as enhancement over web application firewalls)
*,WABD,=,Well Architected By Design,
*,WAF,=,Web Application Firewall,(Amazon)
*,WAF,=,Well Architected Framework,
*,WBS,=,Work Breakdown Structure,
*,WEP,=,Wired Equivalent Privacy,
*,WIP,=,Work In Process,
*,WPA,=,Wi-Fi Protected Access,
*,WSDL,=,Web Services Description Language,
*,X.509,=,none,(certificate format used for HTTPS on web servers, digitally sign application code, secure email, and authenticate devices to corporate networks)
*,XaaS,=,Anything as a Service,
*,XDR,=,Extended Detection and Response,"(Palo Alto Network's new SaaS-based approach to threat detection and response that integrates multiple security products to provide holistic protection against cyberattacks unauthorized access and misuse.)"
*,XML,=,Extensible Markup Language,
*,XMPP,=,Extensible Message and Presence Protocol,
*,YAML,=,YAML Ain't Markup Language,(Human-readable data-serialization text format)
*,YTD,=,Year-To-Date,
*,ZT,=,Zero Trust,
*,ZTA,=,Zero Trust Architecture,
*,ZTS,=,Zero Trust Security,
*,ZTNA,=,Zero Trust Network Access/Architecture,