Glossary

ABAC: Attribute-based access control

Authorization and authentication model which evaluates attributes to grant user access, thus incurring high levels of access security. 

Access Control

Access control is a fundamental component of data security that dictates who’s allowed to access and use company information and resources. Through authentication and authorization, access control policies make sure users are who they say they are and that they have appropriate access to company data. Access control can also be applied to limit physical access to campuses, buildings, rooms, and data centers.

ACME: Automated Certificate Management Environment

A communications protocol that leverages an agent to automate the process of certificate signing request (CSR) generation and certificate/key rotation.

Active-Active Redundancy

Active-Active Redundancy is a high availability mode of operation whereby two or more instances of the same network device or appliance serve clients simultaneously and interchangeably. A client can connect to anyone instance and have requests served in the same way. If any of the identical instances go offline, any of the other instances can seamlessly serve requests while client sessions persist.

Active-Passive vs Active-Active Redundancy

Active-Passive Redundancy is a high availability mode of operation whereby two or more identical instances of the same network device or appliance operate simultaneously but only instances marked as active serve client requests. If an active instance goes offline, passive instances begin to operate as active nodes servicing requests. Mechanisms such as Virtual Router Redundancy Protocol (VRRP) along with floating IPs can be used to facilitate seamless network endpoint failover among the active-passive redundant instances.

Adaptive Authentication

Adaptive authentication is a method for verifying user identity and authorization levels based on factors such as location, device status, and end user behavior. Using these contextual factors, adaptive authentication intelligently chooses how a user must authenticate. Because the factors are continually assessed throughout the user session, rather than just once, this authentication method delivers zero trust and improves security.

Adaptive Security

Adaptive security is a security approach that’s used to respond to potential cyber threats in real-time by continually monitoring user sessions. It can be both more user-friendly and more secure than legacy security solutions that focus on perimeter defense and is part of a zero-trust framework.

ADP: Automated Data Processing

Implementation of technology to process data in the organization. The technology includes computers and other electronic communications that can gather, store and distribute data.

Advanced Compression

Advanced compression helps increase the performance of the application. Advanced compression techniques operate at the session layer (layer 5 of the seven-layer OSI model). Compressing homogeneous data sets while addressing all application types can help you maximize storage and reduce network bandwidth usage. In this approach, you generate more throughput, which is important for large requests, and minimize the latency for small requests. F5 BIG-IP is specifically designed to address the needs of bandwidth-intensive networks. How to manage multiple F5 Big-IP and Nginx load balancers change requests? You need ADC+

Advanced Compression

Advanced compression helps increase the performance of an application. Advanced compression techniques operate at the session layer (layer 5 of the seven-layer OSI model). Compressing homogeneous data sets while addressing all application types can help maximize storage and reduce network bandwidth usage.  In this approach, you generate more throughput, essential for oversized requests, and minimize the latency for small requests. Devices like F5 BIG-IP are specifically designed to address the needs of bandwidth-intensive networks.

AES: Advanced Encryption Standard

Symmetric encryption algorithm created by the National Institute of Science and Technology (NIST) in 2001. AES is a computer security standard for cryptographically securing top-secret electronic information.  

AJAX: Asynchronous JavaScript and XML

AJAX (Asynchronous JavaScript and XML) is a technique used for creating fast and dynamic web pages. It allows for updating parts of a web page asynchronously, without reloading the entire page. This improves the user experience by making web pages more responsive and reducing the amount of data that needs to be transferred over the network. AJAX works by making background requests to the server using JavaScript and receiving data in XML or other formats that can be easily processed with JavaScript. The updated information is then dynamically displayed on the web page without requiring a full page refresh.

ALPN: Application Layer-Protocol Negotiation

A TLS extension that permits the application layer to negotiate which protocol can be performed over a secure connection in a more efficient manner without additional round trips, to reduce website load and enhance encryption. 

ANSI: American National Standards Institute

A non-profit organization that sets standards and protocols for improving the quality and security of products and services globally.

Anti-Phishing

Anti-phishing tools monitor application traffic for attempts at harvesting private information through seemingly trusted authorities. Without anti-phishing technology, users are vulnerable to misleading identity-theft campaigns disguised in e-mail addresses and Web domains. The F5 BIG-IP® Local Traffic Manager provides comprehensive protection against phishing attacks by controlling access and updates to identity information as part of every HTTP transaction. Additionally, the BIG-IP Application Security Manager protects users from unforeseen cross-site scripting, cookie poisoning, and other tactics commonly used by malicious attackers. F5 products that utilize Anti-Phishing technology: BIG-IP Local Traffic Manager, Application Security Manager.

API

An API (Application Programming Interface) is a set of protocols, routines, and tools for building software applications and enabling communication between different systems and services.

API Gateway

An API gateway is a single-entry point for all application programming interface (API) calls made by client devices to a particular set of backend services, such as containerized web applications within a Kubernetes cluster. The API gateway sits directly between desktop and mobile clients and the different services they are trying to connect to.

The API gateway functions as a reverse proxy that fetches and aggregates appropriate resources before delivering a response to each API request. At the same time, it can perform multiple actions including IP filtering, token-based API authentication, rate limiting, and integration of web application firewall (WAF) functionality—all to support secure and reliable access to APIs as well as to microservices.

API: Application Programming Interface

Set of programming codes and protocols that acts as an intermediary between two applications and enables communication without human intervention.

Application Acceleration

Application acceleration uses a number of technologies to improve application performance and response time over network connections. Application acceleration was first implemented for web-based applications using a variety of caching techniques on both the browser and the server. Eventually, caching became inadequate as a mechanism to improve application performance and optimization of protocols became part of the solution. Optimizations were at first confined to transport layer protocols like TCP, but eventually grew to encompass application-specific protocols such as HTTP. Application acceleration overcomes network effects such as WAN latency, packet loss, and bandwidth congestion. Application acceleration also addresses application challenges that adversely affect performance such as "chatty" protocols, e.g. HTTP, CIFS, and Samba, differences in TCP/IP stack implementations, and the lack of distinction in web applications between cacheable and non-cacheable content. F5 achieves application acceleration by combining intelligent compression, WAN optimization, Layer 7 rate shaping, smart caching, SSL acceleration, and other technologies in a complementary and cohesive way.

Application Accelerator

An application accelerator enables faster delivery of application services within a network. As more and more companies do business using Web applications, reliable and seamless Web speed and functionality have become critical.

Application Delivery

Application delivery refers to the process of delivering applications over a network, ensuring high availability, performance, and security for end-users. This includes tasks such as load balancing, traffic management, security, and acceleration of applications, to name a few. The goal of application delivery is to ensure seamless access to applications, no matter where they are hosted while providing a secure and fast end-user experience. 

Application Delivery Controller

An application delivery controller is a device that is typically placed in a data center between the firewall and one or more application servers (an area known as the DMZ). First-generation application delivery controllers primarily performed application acceleration and handled load balancing between servers. The latest generation of application delivery controllers, such as the F5 BIG-IP® product family, handles a much wider variety of functions, including rate shaping and SSL offloading, as well as serving as a Web application firewall. A series of F5 devices, often located in widespread data centers within the same enterprise, is capable of working in concert by sharing a common operating system and control language. This holistic approach is termed application delivery networking. F5 products that involve an Application Delivery Controller:

• VIPRION
• BIG-IP product family

Application Firewall

An application firewall is a type of firewall that governs traffic to, from, or by an application or service. Application firewalls, or application layer firewalls, use a series of configured policies to determine whether to block or allow communications to or from an app. Traditional firewalls control data flow to and from the CPU, examining each packet as it passes through. An application firewall takes it further by controlling the execution of files or code by specific applications. This way, even if an intruder gains entry to a network or server, they can’t execute malicious code.

Application Intelligence

Application intelligence applies the understanding of the normal traffic flow during usual web application use and detects deviations from this that are recorded as actual or suspected security threats to backend application servers or network infrastructure.

Application Layer Firewall

An application firewall is a type of firewall that governs traffic to, from, or by an application or service. Application firewalls, or application layer firewalls, use a series of configured policies to determine whether to block or allow communications to or from an app. Traditional firewalls control data flow to and from the CPU, examining each packet as it passes through. An application firewall takes it further by controlling the execution of files or code by specific applications. This way, even if an intruder gains entry to a network or server, they can’t execute malicious code.

Application Layer Gateway

An application layer gateway (ALG) is a type of security software or device that acts on behalf of the application servers on a network, protecting the servers and applications from traffic that might be malicious.

Application Layer Security

Application layer security refers to ways of protecting web applications at the application layer (layer 7 of the OSI model) from malicious attacks. Since the application layer is the closest layer to the end-user, it provides hackers with the largest threat surface. Poor app layer security can lead to performance and stability issues, data theft, and in some cases the network being taken down. Examples of application-layer attacks include distributed denial-of-service attacks (DDoS) attacks, HTTP floods, SQL injections, cross-site scripting, parameter tampering, and Slowloris attacks. To combat these and more, most organizations have an arsenal of application layer security protection, such as web application firewalls (WAFs), secure web gateway services, and others.

Application Load Balancing

Application load balancing refers to load balancing client traffic to backend web servers at the application layer (layer 7) of the OSI networking model. Typically this involves load balancing at web application - HTTP/HTTPS, FTP, SMTP, DNS, SSH, etc - protocol level, health checking, server monitoring, network traffic optimization, minification, and caching.

Application Load Balancing

Load balancing is a networking term that refers to distributing the workload across multiple servers and other network resources at the application layer of the OSI network model. Typically, this involves load balancing at web application protocol level (HTTP/HTTPS, FTP, SMTP, DNS, SSH, etc.), for:

• Network health checking
• Server monitoring
• Network traffic optimization
• Minification Caching

Application Services

Application services are software solutions that improve the speed, security, and operability of applications.

Application Traffic Manager

Application traffic management refers to the methodology that F5 pioneered for intercepting, inspecting, translating, and directing Web traffic to the optimum resource based on specific business policies. It allows network administrators to apply availability, scalability, security, and performance standards to any IP-based application, significantly increasing overall network application performance.

The F5 BIG-IP® product family optimizes the filtering and routing of any IP traffic to the best application or Web service, based upon content encapsulated in a packet's header or payload. The result is a dramatic gain in operational efficiency as well as cost savings.

F5 products that support Application Traffic Management: BIG-IP product family

APT: Advanced Persistent Threat

An attack launched by a threat actor in stealth mode where he gains unauthorized access to a computer network and remains undetected for an extended period of time. 

APWG: Anti-Phishing Working Group

Founded in 2003, this is an international consortium to prevent and eradicate security frauds and identity theft caused due to phishing attacks.  

Asymmetric Deployment

Asymmetric deployment refers to a configuration where a device is placed in a single location, usually the data center. With a symmetric configuration, devices are placed at both ends of the WAN, for example at the data center (the central location) and at one or more remote locations. Asymmetric deployment offers the best return on investment and should be the first course of action. Symmetric offers maximum performance for organizations with remote offices.

Traditionally, application acceleration technologies are symmetric or asymmetric, not both. This limited flexibility makes it difficult for organization to realize maximum end-user benefits without increasing the cost and complexity of deploying a given solution.

The F5 BIG-IP® WebAcceleratorTM can support simultaneous asymmetric and symmetric acceleration, providing accelerated performance for all users regardless of location.

F5 products related to Asymmetric and Symmetric Deployments: BIG-IP Local Traffic Manager

ATD: Authorization Termination Date

Established by the authorizing official (AO) the ATD indicates the date when the security authorization expires. Organizations can choose to remove the authorization termination date if the monitoring mechanisms are robust and sufficient to provide the AO with the required information related to data security. 

AuthN: Authentication

Deals with user identity and ensures that a person or device is who or what they claim to be. This checkpoint also helps reduce the number of credentials that a user needs to provide, often through single sign-on (SSO).

AuthZ: Authorization

Process that determines whether the user has permission to access resources as requested, or read or write access to specific data. This is a critical distinction for organizations that have a fast-moving infrastructure, such as those that are part of a DevOps initiative, or digital transformation.

Azure AD: Azure Active Directory

Cloud-based identity and access management service of Microsoft which enables both on-premise and cloud-based users to access the same applications. This provides single sign-on and multi-factor authentication to protect users from cyber attacks.

Bandwidth

Bandwidth is the amount of data transferred per unit of time, measured in bits per second. There are many ways to ensure bandwidth is no longer a constraint for your organization. For example, optimizing data and using technologies such as WAN acceleration can do more to improve throughput and mitigate latency on existing networks.

Bandwith technology system

Opera sporgente dalla copertura del tetto che consente l’apertura di una finestra verticale, realizzata al fine di illuminare il vano sottostante.

BAS: Breach and Attack Simulation

IT security testing technology which helps organizations identify vulnerabilities in the security posture by mimicking the malicious attack paths used by cybercriminals.

BEAST: Browser Exploit Against SSL/TLS

Attack against the security of HTTPS connection to extract and decrypt client-server sessions using cipher block chaining encryption tactic.

Best in class automation

Opera sporgente dalla copertura del tetto che consente l’apertura di una finestra verticale, realizzata al fine di illuminare il vano sottostante.

BOTNET: Robot Network

A network of interconnected computers and devices that are infected by malware and controlled by an attacker, known as a ‘bot-herder’. Every machine that is under the control of the attacker is referred to as a ‘bot’. Botnets are used to initiate DDoS attacks, steal data and control the infected device and its connections.

Buffer Overflow

A buffer overflow is a type of security vulnerability in which an attacker inputs more data than a computer system's memory buffer can handle, causing the buffer to overflow and overwrit adjacent memory locations with malicious code. This can potentially lead to arbitrary code execution, data theft, and other security incidents.

BYOA: Bring-Your-Own-Automation

Bring-your-own-automation (BYOA) is a concept in the field of automation and IT management, where companies are able to continue using their existing solutions for automating various processes without having to switch to another solution. It involves vendors welcoming the company's existing automation tools to be part of the new solution, without requiring them to give up what they already have in place.

BYOD: Bring Your Own Device

A policy that allows employees in an organization to use their personal devices like computers, laptops, smartphones, and tablets for work-related purposes like connecting to corporate networks and accessing official data.

CA: Certificate Authority

Trusted entity that is authorized to sign, issue, and revoke digital certificates, it also validates identities and certifies ownership of public keys.

CAA: Certificate Authority Authorization

Security policy mechanism that allows a domain owner to specify which certificate authority is authorized to issue certificates for that domain.

Caching

A feature of ADCs that temporarily stores frequently accessed data in a local cache, reducing the load on servers and improving the performance of web-based applications.

CASB: Cloud Access Security Broker

Software tool that acts as a mediator between cloud service providers and users, allowing organizations to extend data security from on-prem infrastructure to the cloud.

CBA: Certificate-Based Authentication

A cryptographic mechanism that uses public key and private key encryption to validate the identity of the user, device, or machine before granting access to critical resources, networks, and applications.

CBC: Cipher Block Chaining

Encryption mode for a block cipher, where data is encrypted in specific blocks and each block depends on the previous block for decryption.

CCA: Common Cryptographic Architecture

Cryptographic platform for enabling the security of financial transactions, and enhancing support for distributed key management.

CCM: Cloud Controls Matrix

A cloud security control framework that provides standardizations for cloud security assurance and compliance. CCM is a spreadsheet containing sixteen domains related to key aspects of cloud technology.

CCPA: California Consumer Privacy Act

State-wide data protection and privacy law, which allows consumers to choose not to have their data shared with third parties.

CDN: Content Delivery Network

A Content Delivery Network (CDN) is a distributed network of servers that are deployed in multiple locations across the globe. The primary purpose of a CDN is to provide fast and reliable delivery of static or dynamic web content to users, regardless of their location. A CDN works by caching a copy of the content on multiple servers, and serving the content to users from the server that is closest to them. This reduces the latency and improves the speed of delivery, as the content does not need to be retrieved from the origin server each time a user requests it.

CEH: Certified Ethical Hacker

Cybersecurity experts who verify and assess the organization’s IT security systems and identify weaknesses and breaches in the security setup.

CEP: Certificate Enrollment Protocol

It is a protocol that Cisco and Verisign, Inc. collaboratively developed, and uses Public Key Cryptography Standards (PKCS). A typical certificate enrollment process involves the requester generating a key pair (one public, and one private key), sending only the public key to a CA along with a CSR (Certificate Signing Request), and then receiving a CA-signed public key and a TLS certificate which they can then install on an endpoint.

CHAP: Challenge Handshake Authentication Protocol

An identity-checking protocol developed by Internet Engineering Task Force (IETF). Point-to-Point Protocol servers initially used it to verify the identity of the remote clients. The protocol re-authenticates the user during an online session using a three-way handshake.

CI/CD: Continuous Integration/Continuous Deployment

CI/CD is a set of practices, tools, and methodologies for automating the build, testing, and deployment of software applications and services.

CIAC: Computer Incident Advisory Capability

Security incident response team within the U.S Department of Energy (DoE) who assist in maintaining quality in the computing environment and creating guidelines for handling security incidents.

CIAM: Customer Identity and Access Management

Process that allows organizations to obtain and manage customer data safely and control customer access to their digital properties and services.

CIFS SMB: Common Internet File System / Server Message Block

CIFS (Common Internet File System) and SMB (Server Message Block) are network protocols used for sharing files, printers, and other resources between computers. They allow a client computer to access files and resources on a server as if they were local. SMB is the older protocol, while CIFS is a variation of SMB developed to work over the Internet. Both CIFS and SMB operate at the application layer of the OSI networking model and are commonly used for file and printer sharing in Windows environments.

CIRT: Cyber Incident Response Team

Group of security professionals and analysts who respond to cyber attacks and security breaches in the organizations, and develop and coordinate mitigation efforts.

CLM: Certificate Lifecycle Management

The activity of monitoring, facilitating and executing every certificate process (certificate request, issuance, provisioning, scanning, revocation, renewal) that is necessary for uninterrupted network operations.

CMDS: Computer Misuse Detection System

The process to identify and detect the instances of network attacks by comparing the current computer activity against the expected attack path used by an intruder.

CMP: Certificate Management Protocol

It is an Internet protocol standardized by the Internet Engineering Task Force (IETF) used for obtaining X.509 digital certificates within a public key infrastructure (PKI).

Compression

A feature of ADCs that reduces the size of data transmitted over a network, improving the performance of web-based applications.

COMSEC: Communications Security

Prevention of unauthorized access to any sort of electronic communication traffic or any critical data that is transmitted or transferred. The primary aim of COMSEC is to maintain data security, integrity, and confidentiality.

Configuration Management

The process of maintaining and organizing the configuration information of network devices.

Connection Flood

A connection flood is one of the oldest and most common DDoS attacks. It’s called a “TCP connection flood” because it attempts to occupy all possible TCP connections on a server. When you flood a server with connection requests, the server won’t allow requests for legitimate links to be made, making it impossible for legitimate requests to be handled. BIG-IP LTM and BIG-IP AFM neuter the connection flood attack by isolating the connections from the rest of the system. All links are accepted, making the attacker think the attack is successful. A load balancer distributes requests across a pool of servers, ensuring that an overloaded or broken server will process no request.

Content Switching

A feature of ADCs that allows them to direct traffic to different servers based on the content of incoming requests.

Continuous Authentication

Continuous authentication is an authentication method that involves granting users access to corporate resources as long as they continue to authenticate themselves. It is based on the level of risk and contextual information about the user, such as their role, location, and type of device. Unlike traditional authentication mechanisms, this mechanism is enforced from login through the end of the user session.

CP: Certificate Policy

Defines the rules, policies, and technical details, which CA has to follow while managing digital certificates within the public key infrastructure (PKI) framework.

CPS: Certificate Practice Statement

Provides a detailed description of practices and procedures, as mentioned in Certificate Policy, required to efficiently manage, issue, renew or revoke digital certificates.

CRL: Certificate Revocation List

List of digital certificates that have been revoked by the Certificate Authorities before their actual expiration date.hese certificates are essentially invalidated and should not be trusted.

Cross-site Scripting

XSS is a security threat in web applications where hackers steal user information and infect their devices with malicious code. It allows an attacker to inject malicious code into a legitimate website, which is then executed in the browser of any visitor to the site. This can result in the theft of sensitive information, such as passwords or credit card numbers, or the compromise of the visitor's device.

CSA: Cloud Security Alliance

One of the largest organizations dedicated to promoting the use of best practices for securing cloud computing environments and providing cloud-specific research, education, and certification.

CSA: Computer Security Act

United States federal law which was enacted in 1987, “directs the National Bureau of Standards to establish a computer standards program for Federal computer systems, including guidelines for the security of such systems.”

CSP: Cloud Service Provider

A third-party organization that offers cloud-based services, infrastructure, applications, and storage facilities. Some of the notable public cloud companies are Amazon Web Services (AWS) and Google Cloud Platform (GCP).

CVSS: Common Vulnerability Scoring System

An open framework to capture the characteristics of a vulnerability and produce a numerical score that shows its severity. The qualitative analysis of the score, such as low, medium, high, or critical, helps organizations assess the criticality of the vulnerability.

DAST: Dynamic Application Security Testing

Process of analyzing and testing a web application through the front end to identify security vulnerabilities by using simulated attacks. The DAST scans are independent of the application and do not require access to the source code.

Data Layer Security

Data layer security describes the inspection of data packets to detect attempts that compromise the security of network applications. In this context, data layer security and application layer security are synonymous.

DB: Database

Systematic collection of structured information or data, which is stored in computer systems in a way so that it can be easily accessed, managed, and controlled.

DC: Domain Controller

A server that validates and authenticates requests and verifies the identity of the users requesting access to the computer network. The controller is like a gatekeeper and enforces security policies for a domain.

DCS: Data Communications System

Process of information exchange between two or multiple devices over a transmission medium. The components of DCS include sender, receiver, message, transmission medium, and protocol.

DDoS: Distributed Denial of Service

DDoS attack is the malicious attempt of a cybercriminal to flood the traffic with internet traffic and thereby prevent the servers to respond to legitimate requests.

Delivery Networking

A delivery network describes a system of computers networked together across the Internet that cooperate transparently to deliver content. You can direct requests for content to specific nodes to ensure that the content is available when users need it. You can also use Application Delivery Networking to help secure applications. F5’s application delivery network (ADN) is the first to enable consistent and reliable web content delivery to the mobile user across various environments.

DER: Distinguished Encoding Rules

DER is a certificate format that is most commonly used in Java-based platforms.

DES: Data Encryption Standard

Symmetric key algorithm for data encryption procedures created by IBM in the 1970s, and then adopted by the National Institute of Standards and Technology (NIST). The mechanism uses the same keys for encryption and decryption.

DevOps: Development and Operations

An approach that unites people, processes, and technology, and integrates workflow between software development teams and IT operations.

DevSecOps: Development, Security, and Operations

The philosophy of integrating security practices within the DevOps value chain that promotes flexible collaboration between software engineers and security teams.

DFIR: Digital Forensics Incident Response

A specialized discipline primarily focused on identifying, mitigating, and investigating online security incidents. It involves a detailed analysis of the data to gain a complete understanding of a security breach and remediate the attack.

DH: Diffie-Hellman

The cryptographic key exchange algorithm which is used to secure the electronic communication channel. This public-key protocol is named after its inventors, Whitfield Diffie and Martin Hellman.

DHCP - Dynamic Host Configuration Protocol

A protocol that automatically assigns IP addresses to devices on a network.

Diameter Edge Agent

A Diameter edge agent (DEA) is a network component in a telecommunications network that performs routing functions and acts as an interface between the core Diameter network and external networks. It acts as a relay between Diameter clients and servers and provides security, reliability, and quality of service (QoS) for Diameter signaling messages. DEA is used in IP Multimedia Subsystem (IMS) networks, 4G/LTE networks, and other data networks that use the Diameter protocol to control and manage communication sessions. It helps to reduce the load on the core network and improve the scalability and performance of the overall system.

Diameter Interfaces

Diameter interfaces refer to the communication points in a network that use the Diameter protocol to exchange messages. The Diameter protocol is used to control and manage access to resources in a network, such as a network access, authorization, and accounting. A Diameter interface is a specific point in the network where the Diameter protocol is used to communicate between different components or systems.

Diameter Load Balancer

A diameter Load Balancer is a network device evenly distributing incoming Diameter signaling traffic across multiple servers to ensure high availability, improve performance, and reduce downtime. The Load Balancer acts as a central point of traffic management and helps to avoid server overloading by distributing the traffic load across multiple servers:

Diameter Protocol

Diameter is a network protocol used in telecommunications that provides authentication, authorization, and accounting (AAA) services for network access. It is a replacement for the older RADIUS protocol and is commonly used in 4G/LTE mobile networks to manage access to network resources. The Diameter protocol is used to manage communication between network entities, such as the access device, authentication server, and policy server, to manage user access to network services and resources.

DLP: Data Loss Prevention

Set of tools and guidelines to ensure that the sensitive information is not misused, exploited, or accessed by unauthorized entities. The data loss prevention software helps the network administrators to monitor data in transmission and at rest.

DMZ: Demilitarized Zone

The DMZ or demilitarized zone is a physical or logical subnet or portion of an enterprise network that sits between the internet (firewall) and the enterprise’s LAN, adding an additional layer of security. DMZs play a key role in isolating and keeping potential target systems from internal networks and also reduces access to those systems.

DNS Flood: NXDOMAIN Flood

DNS Flood (NXDOMAIN Flood) is a type of cyber attack that targets the Domain Name System (DNS) infrastructure of an organization. This attack is designed to overwhelm the DNS servers with a large volume of requests, making it difficult for them to respond to legitimate requests. The NXDOMAIN Flood specifically targets non-existent domain names, also known as NXDOMAIN, by sending many requests for non-existent domain names to the DNS server. The server then responds with an error message indicating that the domain name does not exist, which generates additional traffic and further exacerbates the attack.

DNS: Domain Name System

System of mapping names to numerical IP addresses, allowing browsers to locate and get to websites, just like a phonebook.

DPI: Deep Packet Inspection

A method of data processing that inspects and analyzes in detail the contents of the data packets which is transmitted over a network. It ensures that the data is in the correct format and checks for any malicious code and eavesdropping intent.

DRP: Dynamic Routing Protocol

Also known as ‘adaptive routing protocol’, this is a group of algorithms and messages by which the routers exchange routing information. The protocol helps the routers to learn about new network paths and also find alternate paths during link failures.

DSS: Digital Signature Standard

A Federal Information Processing Standard (FIPS) which specifies a group of cryptographic algorithms for generating and verifying digital signatures to ensure the security of electronic documents.

Dynamic Configuration

Dynamic configuration is the ability to change the settings and policies of load balancers and other network devices dynamically in response to changing network conditions, traffic patterns, and workload demands.

EAP-TLS: Extensible Authentication Protocols-Transport Layer Security

An authentication protocol, which uses public-key certificates of both client and server to establish a secure connection. It is most commonly used to secure wireless networking, like Wifi.

EDR: Endpoint Detection and Response

Also known as ‘Endpoint Threat Detection and Response’ is a security technology solution that helps in monitoring the endpoints to mitigate security threats. It uses data analytics to identify anomalies in system behavior and suggests remediations to restore affected systems.

EDR: Enterprise Data Repository

A database infrastructure of an organization that collects, and stores structured, semi-structured or unstructured data in multiple database management systems for analytical purposes.

EFOIA: Electronic Freedom of Information Act

Federal freedom of information law that requires federal agencies “to provide the public with electronic access to any of their "Reading Room" records that they have created since November 1, 1996.”

EMM: Enterprise Mobility Management

It is a set of technology, procedures, and policies to secure and control the usage of corporate- and employee-owned mobile devices within an organization. By controlling how mobile devices interact with the enterprise infrastructure, EMM helps protect company data.

Endpoint Security

Endpoint security is the process of protecting a network’s endpoints, such as laptops, desktops, cell phones, etc. It ensures that these client devices or endpoints are not a threat before they obtain remote access to the network. Endpoint security is used to secure applications on your endpoints and keep them in place with the correct configuration. It also checks for keyloggers or other dangerous processes. The endpoint security of an SSL VPN is an essential function.

EoI: End of Life

Occurs to hardware and software when they become outdated and cannot keep up with the changing requirements of newer upgrades. Improper maintenance of Eol products exposes the network to security breaches.

ERP: Enterprise Resource Planning

A business process management software that automates and integrates an organization’s financials, supply chain, manufacturing, human resources and similar operational functions.

ESRM: Enterprise Security Risk Management

A strategy to identify the risks that can threaten the security posture of the organization. The primary objective of ESRM is to develop a holistic and portfolio view of the potential security risks and mitigation strategies.

EST: Enrollment over Secure Transport

It is a certificate management protocol that automates the issuance and provisioning of X.509 certificates. The protocol has been developed for clients that use public key infrastructure (PKI), such as web servers, applications, and endpoint devices. EST helps ensure certificates are correctly configured and deployed at scale by automating the process.

EV: Extended Validation

The highest and most secure form of SSL (Secure Sockets Layer) certificate enables encryption, data security, and verification of the legal identity of the website owner.

Extranet Access Control

Extranet access control refers to permitting or denying access to corporate assets on an internal network for non-employees (e.g., suppliers or customers) outside the network.

FDE: Full Disk Encryption

A hardware encryption technology that protects the data by encrypting the entire disk including system files and hibernation files. In case an encrypted disk is stolen or lost, the contents remain encrypted and can be accessed only by the authorized user.

FIDE: Fuzzy Inference Development Environment

A software toolkit for developing fuzzy logic-based systems, and it is used in computing, software, and applications worldwide. Fuzzy logic is a part of computer science that is often applied to approximate reasoning.

FIDO2: Fast Identity Online

The updated and newest set of specifications of FIDO Alliance, which allows users to unlock unique cryptographic login credentials and leverage common devices to easily authenticate to online services. This security model reduces the risks of password theft and phishing attacks.

File Server Consolidation

Consolidating your file server systems is the process of replacing a collection of old, lower-capacity file servers with Network Attached Storage (NAS) devices (a smaller number of higher-capacity storage devices).

FIM: File Integrity Monitoring

A security practice that verifies and monitors operating systems, application software files, and databases to detect fraud, changes in file configurations, and unauthorized access.

FIPS: Federal Information Processing Standards

Computer security standards, defined by the U.S. government, which are mandatory security requirements for implementing and designing cryptographic modules. The aim is to strengthen the security posture for safeguarding sensitive and confidential information.

GDPR: General Data Protection Regulation

Data security guidelines formulated by the European Parliament and Council, which aim to secure and protect consumer data from misuse and exploitation. GDPR compliance is mandatory for organizations within the European Union (EU) and organizations outside the EU that offer goods and services to businesses in the EU.

GET Flood

GET Flood is a type of Distributed Denial of Service (DDoS) attack that targets web servers by overwhelming them with a large volume of HTTP GET requests. The goal of this attack is to exhaust the server's resources and make it unavailable to legitimate users.

Global Namespace

A global namespace is a federation of file systems from any number of file storage devices, such as servers using NFS (network file system), CIFS (Common Internet file system), and NAS (network-attached storage) or file servers. A global namespace is an essential mechanism for managing distributed file storage, allowing access to file data regardless of physical location.

GRC: Governance, Risk, and Compliance

Formerly known as ‘Open Compliance and Ethics Group’, refers to the set of well-coordinated procedures and guidelines that are executed by every department within the organization, like internal audit, HR, IT, legal, etc for greater transparency and efficiency.

GSLB: Global Server Load Balancing

Global Server Load Balancing (GSLB) is a method of distributing network traffic across multiple servers in different geographic locations. The goal of GSLB is to ensure high availability, scalability, and performance of applications and services for users, regardless of their location.

GTK: Group Temporal Key

Encrypts traffic between all client devices associated with one access point. It denotes a hierarchy consisting of a single key to secure multicast and broadcast traffic.

Hash DoS attack

HashDoS (Hash Table Denial of Service) is a type of cyber attack that targets the hash tables used by web servers and other applications to store and retrieve data. The goal of this attack is to cause the hash table to become so congested that it becomes unavailable to legitimate users.

Health Check

A process used by load balancers to monitor the status of servers and determine if they are available to receive traffic.

HIPAA: Health Insurance Portability and Accountability Act

Federal law to protect the health information of patients from being disclosed or used without the consent of the patients. It aims to provide data privacy and security by standardizing healthcare transactions.

HMAC: Hash-based Message Authentication Code

A type of message authentication procedure, ideal for securing high-performance systems like routers, that fuels data security and integrity. A secret private key is shared between client and server for verifying and authenticating communication.

HSM: Hardware Security Module

A device used to provide an added layer of security for sensitive data. The trusted device performs a variety of critical cryptographic functions like key management, encryption, decryption, authentication and verification of digital signatures.

HSTS: HTTP Strict Transport Security

A policy mechanism that informs the web browsers that the site must be accessed using HTTPS. This helps the websites to protect against eavesdropping attacks like man-in-the-middle attacks. This is more secure than redirecting from HTTP to HTTPS as the initial HTTP connection is still prone to man-in-the-middle attacks.

HTTPS: Hypertext Transfer Protocol Secure

HTTPS is an extension of the Hypertext Transfer Protocol (HTTP). It is a security protocol to safeguard communication and data transfer between a user’s web browser and the website. HTTPS enables data encryption between server and client, thereby protecting data integrity and data confidentiality.

IA: Information Assurance

A part of information security that involves procedures to protect information systems like computer devices and networks, by maintaining data integrity, confidentiality and authentication.

IaC: Infrastructure as Code

IaC is a practice of using code to define and manage infrastructure resources, such as virtual machines, load balancers, and network devices, to automate deployment, configuration, and management.

IAM: Identity and Access Management

A framework of policies and guidelines, which allows the right users to access the right resources at the right time, and for legitimate and valid reasons. It ensures security across heterogeneous environments by preventing unauthorized access to organizations’ networks.

ICMP Flood, Ping Flood, Smurf Attack

ICMP flood, Ping flood, and Smurf attack are types of Distributed Denial of Service (DDoS) attacks that use the Internet Control Message Protocol (ICMP) to disrupt network services.

IDaaS: Identity as a Service

Cloud-based identity and access management solution to secure data both on and off-premise. This authentication infrastructure, hosted by third-party cloud providers, helps organizations prevent security threats by tightening user authentication services like multifactor authentication and single sign-on.

IDEA: International Data Encryption Algorithm

Symmetric encryption algorithm used in cryptography, it secures the data at rest and data in transit from unauthorized access.

IdM: Identity Management

Also known as identity and access management or IAM, it is a framework of organizational policies and technologies to ensure that authentic and authorized individuals have access to critical data. It helps in verifying the identity of the users before they can access organizational systems and information.

IdP: Identity Provider

A security device that authenticates every entity connected to the network, it can be computers, devices and users. It secures and manages digital identities, and provides login credentials to end-users or internet-connected devices for authenticating their identities across multiple platforms and networks.

IDPS: Intrusion Detection and Prevention System

A network security and threat prevention application that monitors network traffic for malicious activities, reports detected threats and takes preventive measures to stop an attack.

IIS: Internet Information Services

Extensible web server application created by Microsoft that runs on Windows. The Internet-based service accepts and responds to client computer requests, allowing the users to share information across the Internet servers and the Intranet.

IMAP: Internet Message Access Protocol

Standard email retrieval protocol, which stores the email messages on a mail server and allows the recipients to access and view them as if they were stored locally on their devices.

IMS: IP Multimedia Subsystem

IP Multimedia Subsystem (IMS) is a new networking technology designed to provide the right functionality to ensure seamless integration of voice, video, data, and content into one IP network.

INFOSEC: Information Security

Refers to the security strategies and practices that help organizations to secure information by mitigating security risks. It includes policy enforcement that prevents unauthorized entities from accessing sensitive information.

Intelligent Compression

Intelligent Compression helps reduce the amount of traffic required by a web page by reducing the size of the data packets. This technique is commonly used for Web applications to help reduce bandwidth requirements and improve user response time.

IoT: Internet of Things

A system of interrelated and internet-connected devices that are well-equipped with sensors, and software technologies for communicating and exchanging information between other devices and systems via the Internet, for example, wearable fitness trackers.

IP Address

A numerical label assigned to a device on a computer network, used to identify and locate the device on the network.

IP Hash

A load balancing algorithm that uses the source and destination IP addresses to determine which server to send a request to.

IP QoS

IP Quality of Service (IP QoS) is a set of technologies and techniques used to manage and prioritize network traffic based on specific criteria, such as type of application, source, and destination IP addresses, and packet size. The goal of IP QoS is to ensure that critical applications and services receive the necessary bandwidth and resources to operate effectively while non-critical traffic is given lower priority.

IP: Internet Protocol

A network layer communication protocol or set of standardized rules for transmitting and routing data so that it arrives at the right destination, thus allowing two or more devices to connect and communicate with each other.

IPSEC: Internet Protocol Security

Secure network protocol which encrypts and authenticates data packets to secure communication between computers over an Internet Protocol network. It is used to protect critical information, like financial records, and secure virtual private networks (VPN).

ISACA: Information Systems Audit and Control Association

A non-profit organization that started in 1967, for information governance, audit, control and security professionals. It provides guidance and standardized benchmarks for organizations using information systems to maintain the integrity and security of stored and transmitted data.

ISSPM: Information Systems Security Project Manager

A security professional who is responsible for identifying risks and security issues, protecting information and critical assets from security vulnerabilities, and risk mitigation.

ITAM: IT Asset Management

Process of ensuring that the organization’s assets are maintained and upgraded efficiently. It is critical from a cybersecurity perspective, as the IT assets of the organization must have the latest security updates to prevent vulnerabilities that attackers can easily exploit.

ITSM: IT Security Management

Processes that guarantee the confidentiality and integrity of the organization’s data, information, and IT services, ensure periodic testing of security measures and manage security incidents by identifying intrusions.

K8S: Kubernetes

Portable and open-source platform for managing containerized workloads that are deployed into the cloud. It is a cluster and container management tool.

KEK: Key Encryption Key

A cryptographic key that is used to encrypt and decrypt other keys to enable confidentiality and security. KEKs must be stored in a centralized manner and rotated regularly to avoid security breaches.

KMS: Key Management Service

A web service for protecting and managing symmetric and asymmetric cryptographic keys within a cryptosystem. It deals with storing, generating, exchanging, and replacing keys, as required at the user level.

KSA: Key Scheduling Algorithm

An algorithm mechanism that generates and schedules session keys for encryption and decryption. A session key is any encryption and decryption key that is randomly generated to secure a communication session.

LAN: Local Area Network

A computer network that interconnects multiple devices within a limited physical space, for instance, an office or university campus. LAN is exclusive to an organization and devices are connected via TCP/IP Ethernet or Wi-Fi.

Latency

Latency describes the time delay experienced when a data packet travels from one point to another, usually because of a large geographic distance and high round trip times.

Layer 4 Load Balancer

A load balancer that operates at the transport layer of the OSI model and uses information such as IP addresses and port numbers to distribute traffic.

Layer 7 Load Balancer

A load balancer that operates at the application layer of the OSI model and uses information such as HTTP requests and response headers to distribute traffic.

LDAP: Lightweight Directory Access Protocol

A software tool that is used to manage and access directory information. It has strong encoding mechanisms and various types of authentication through simple authentication and security layer (SASL), thus making it highly secure.

LDIF: Lightweight Directory Interchange Format

An American Standard Code for Information Interchange (ASCII) file format, which is used to exchange and synchronize data between LDAP servers and directory system agents (DSA). LDIF is commonly used to add new data into the directory or edit existing data.

LE: Let’s Encrypt

Globally acclaimed certificate authority by Internet Security Research Group (ISRG), which helps organizations obtain, manage and renew SSL/TLS certificates and domain validation (DV) certificates.

Least Connections

A load balancing algorithm that distributes network traffic based on the number of active connections to each server.

Load Balancer

A load balancer is a device or software that distributes incoming network traffic across multiple servers to optimize resource utilization, maximize throughput, minimize response time, and avoid overload.

Load Balancer Pool

A group of servers that are managed by a load balancer.

Load Balancing

Load balancing is the process of distributing network traffic across multiple servers to optimize resource utilization, maximize throughput, minimize response time, and avoid overload.

MAC: Message Authentication Code

A security code in cryptography, which is used to access specific accounts or portals. The code is added to the message request sent by the user. The message authentication code verifies that the message has been sent by the legitimate sender and the message is not tampered with.

MD: Message Digest

A numeric representation of the contents of the message or information to ensure the integrity of the data transmitted over a communication channel. To enable the authenticity of the message, it is encrypted with the sender’s private key and it can only be decrypted by the receiver who has the sender’s public key.

MDM: Mobile Device Management

It is a software tool that enables IT to secure, manage, and automate administrative policies on laptops, smartphones, tablets, and any other connected devices in an enterprise. MDM gives IT administrators the ability to safely monitor and manage the mobile devices that access confidential company information. IT staff also use MDM to enable secure bring your own device (BYOD) policies.

MEK: Master Encryption Key

A principal key that encrypts all other keys within the system. The master encryption key is stored in the secure hardware, while the other keys that are encrypted by master keys can be stored outside the secured hardware in the cryptographic feature.

MFA: Multi-factor Authentication

Core component of Identity and Access Management (IAM), where multiple layers of extensive verification procedures help in minimizing the risks of possible security breaches. Most organizations implement multi-factor authentication, like a combination of PIN, and time-based one-time password (TOTP), as it is more efficient than the single-factor authentication method.

MIB: Management Information Base

A Management Information Base is a database that contains Object Identifiers. As depicted in a hierarchical structure, the MIB is the “tree,” Each object is a “leaf” identified by an OID. Different organizations assign levels within the MIB. MIB OIDs are top-level OIDs, and lower-level OIDs belong to various organizations (such as network equipment manufacturers, who assign OIDs that extend the MIB with proprietary values).

MIC: Message Integrity Check

Security strategy for Wired Equivalent Privacy (WE) encryption found on the wireless network. It helps to prevent attacks on encrypted packets, called bit-flip attacks. In these kinds of attacks, the intruder makes slight changes to the message, retransmits it, and the user accepts the message as legitimate.

MIM: Machine Identity Management

Process of governing and orchestrating digital identities – certificates and keys – of machines, devices, workloads, applications, containers, IoT, etc. It is essential for data security, integrity, and compliance, as it authenticates communicating parties and ensures all traffic is encrypted.

MIME: Multipurpose Internet Mail Extensions

Internet standard that was proposed by Bell Communications in 1991. It allows modern-day users to send and receive data in various formats: audio, video, images, etc. over email. It is an extension of the original Simple Mail Transfer Protocol (SMTP).

MISP: Malware Information Sharing Platform

A software solution that allows users to automatically share and store indicators of compromise to facilitate threat detection and analysis and remediate security threats.

MITM: Man-in-the-Middle

An attack when a cybercriminal positions himself in the conversation between an application and a server. This type of eavesdropping attack interferes with the data transfer, allowing the perpetrator to intercept confidential data and inject malicious links in such a way that it seems legitimate to the application and server.

ML: Machine Learning

A study of computer algorithms and a branch of artificial intelligence (AI) that focuses on the automated method of data analysis, based on the idea that machines can learn data, identify patterns and make decisions.

MMC: Microsoft Management Console

A component of the Windows 2000 operating system and its successors that allows users to manage and configure the software, hardware, and network components of the operating system.

MQ: Message Queue

Simply known as ‘queue’, it means the named destination where a message can be sent. Message queuing is used in data processing and in electronic mail. It allows applications to communicate with each other by sending messages.

MRA: Mobile and Remote Access

A solution that enables secure connection in hybrid on-premise and cloud-based models. This allows users to communicate via chat message, audio, and video anywhere, on any device, and from anywhere.

MTDR: Managed Threat Detection and Response

An advanced security solution that helps in identifying and responding to attacks and security threats across the organization’s networks and endpoints.

mTLS: Mutual Transport Layer Security

mTLS is a process that establishes an encrypted TLS connection, where both parties use X.509 digital certificates to authenticate each other.

Multi-Homing

Multiple-homing is a process of configuring one machine with multiple network connections and IP addresses. The multi-homed method is designed to improve Internet performance without compromising reliability.

NAC: Network Access Control

Also known as ‘Network Admission Control,’ it is a security approach to keep unauthorized devices and users from accessing a private network. Network administrators enforce policies to define which devices are compliant with the endpoint security requirements, and will be allowed to access the network.

NAS: Network Attached Storage

A NAS (network-attached storage) device is a server dedicated to file-sharing that connects to an IP network. NAS devices communicate with client systems using NFS (network file system) or CIFS (Common Internet file system)

NCSC: National Computer Security Center

A department within the National Security Agency (NSA), provides cybersecurity guidelines and standards for optimum security of electronic communications. NCSC works with organizations and government agency partners to promote research and information security.

NDES: Network Device Enrollment Service

It is the Microsoft implementation of the Simple Certificate Enrollment Protocol (SCEP), a standard that Cisco Systems created as an addition to HTTP, Public-Key Cryptography Standards (PKCS) #10, PKCS #7, RFC 2459, and other standards to allow network devices—such as routers and switches as well as applications—to request certificate enrollment with certificate authorities (CAs).

NetOps: Network Operations

A framework for network operation strategy to boost agility and deployments. NetOps encompasses concepts like automation, visualization, and orchestration to improve efficiency and reduce response time.

NetSecOps: Network Security Operations

A practice to integrate workflows and enhance collaboration between network and security teams for maintaining operational agility. Aligning network and security teams improve performance and threat detection.

Network Automation Tools

Software tools used to automate tasks in a network, such as configuration management, network monitoring, and traffic management.

Network Monitoring

The process of observing and analyzing the performance of a network to detect and resolve issues.

Network Traffic Management

Application traffic management, also known as network traffic management, is a methodology used by companies such as F5 to inspect, redirect and translate network traffic according to company policy. As a result, network administrators can apply the rules and guidelines that allow any IP-based application to operate in a reliable, efficient, and scalable manner.

Network Virtualization

The creation of virtual networks on a physical network infrastructure, allowing multiple networks to coexist on a single physical network.

NFS: Network File System

A network file system (NFS) is a file server standard based on the client-server model. NFS enables users to view, update, and store files on a remote system as though they were working locally. The client system requires NFS client software, and the remote system requires the NFS server. Both methods require TCP/IP (or UDP for earlier versions of NFS) for file transmission and exchange.

NG-AV: Next Generation Anti-Virus

Higher level of endpoint security protection than traditional antivirus, achieved through the combination of Artificial Intelligence, Machine Learning, and Behavioral Analysis. It uses deep learning to detect known and unknown threats and uses this knowledge to predict and prevent potential attacks.

NGFW: Next-Generation Firewall

Advanced firewall technology which combines a traditional firewall with a deep packet inspection firewall that provides application control and visibility, integrated intrusion prevention, and malware detection.

NIDS: Network-Based Intrusion Detection System

Security technology that helps in detecting malicious traffic on a network. The primary objective of NIDS is to ensure that the security team gets notified when an intrusion occurs in the network

NIST: National Institute of Standards and Technology

The agency under the United States Department of Commerce whose mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.”

NMS: Network Management System

A software system used to manage and monitor network devices.

NOC: Network Operations Center

A centralized location where IT teams can monitor the performance of a network, and monitor the organization’s databases and firewalls. NOC is the first line of defense against cyberattacks that organizations might encounter.

OID: Object Identifier

Object Identifier (OID) is essential for identifying an object within the MIB. OpenIDs are specified using an “x,y” naming convention, defined by ASN.1. This naming convention uses numbers to identify MIB nodes and gives them both names and the order they appear in the MIB tree. To make it easier to search through the MIB, the OIDs are made up of numbers.

Orchestration

Orchestration is the process of automating complex workflows and interactions between different systems, applications, and devices to achieve specific business objectives.

OSI: Open Systems Intercommunication Model

A conceptual model that describes network or telecommunication systems as seven layers, each with a specific set of functions. The model separates services, protocols, and interfaces and allows users to understand how applications communicate over the Internet.

OSINT: Open Source Intelligence

Refers to the insights gathered by analyzing data collected from public data sources such as social media and broadcasts. This insight is used by organizations to analyze the market trends, competitors, etc. The data analysis is based on machine learning and deep neural algorithms.

PACS: Physical Access Control Systems

Security strategy based on the concept that individuals who have permission to enter an area can enter it. The aim is to prevent unauthorized access to organizational systems like computer devices and laptops situated within the restricted physical space.

PAM: Privileged Access Management

Cybersecurity strategy with a combination of tools and technologies to manage and monitor access to critical assets of organizations. PAM ensures the protection of privileged groups who have access to organizational networks by adding more visibility and granular control.

PAP: Password Authentication Protocol

Set of guidelines and best practices that the users must follow to manage and secure their passwords from unauthorized access. It involves a mechanism where the users’ unique ID and key are checked with the stored credentials before approving an access request.

PBAC: Policy-Based Access Control

A security strategy for controlling user access to manage security risks across interconnected systems in on-premise and off-premise networks. It is based on the concept of what a user can access based on organizational policies and responsibilities.

PBKDF: Password-Based Key Derivation Function

A specific key derivation function in a cryptographic algorithm. It is a process of taking a password and converting it into a symmetric key for cryptographic operations. The mechanism strongly relies on encryption and message authentication codes.

PCBC: Plaintext Cipher Block Chaining

An encryption method to fight against the chosen-message attack. However, in this model, if one ciphertext block is damaged, all the subsequent plaintext blocks will be damaged and then they cannot be decrypted accurately.

PCI DSS: Payment Card Industry Data Security Standard

Compliance mandates that banking and financial institutions must follow to maintain data security and integrity throughout all their financial transactions concerning sensitive information like credit card details and account information.

PEM: Privacy-enhanced Electronic Mail

PEM is the most popular container format used by certificate authorities (CAs) to issue SSL certificates.

PGP: Pretty Good Privacy

A security program that was designed in 1991 by Paul Zimmerman. It is used to provide confidentiality, security, and authentication services to electronic mail and file storage by using digital signatures and file encryption.

PIA: Privacy Impact Assessment

The process that helps organizations identify privacy risks and effects of collecting and maintaining personally identifiable information (PII) to evaluate alternative methods of handling information for risk mitigation.

PII: Personally Identifiable Information

Any data or information that can be used to identify a specific person or individual. Critical information like passport number, bank account number, etc is considered to be personally identifiable information.

PIM: Privileged Identity Management

The process of monitoring and managing who has the right authority to access important resources in the organization. It assigns time-bound access and enables multi-factor authentication processes for identifying and approving access requests.

PKA: Public Key Authentication

Secure identification method using secure shell (SSH). Instead of traditional login credentials like passwords, cryptographic key pairs are used for validation. It enables stronger authentication procedures by automating passwordless logins.

PKC: Public Key Cryptography

Asymmetric encryption method, which contains non-identical key pairs of public and private keys. The two keys are mathematically related, the private key cannot be derived from the public key. It guarantees data integrity and prevents hackers from entering networks.

PKCS: Public-Key Cryptography Standards

Group of standardized protocols devised by RSA Security LLC to secure data transmission and communication over the internet using the public key infrastructure. Public-key cryptography uses asymmetric algorithms using public and private keys. Examples of PKCS standards and certificate file extensions include PKCS#7 (P7B) and PKCS#12 (PFX/P12).

PKI: Public Key Infrastructure

A framework that enables the encryption of public keys and includes their affiliated crypto-mechanisms.

PKIaaS: Public Key Infrastructure-as-a-Service

Scalable, flexible, and demand-driven cloud-based security solution for all PKI needs of organizations-key management, certificate issuance, etc.

PLL: Phase-Locked Loop

Also known as Phase Lock Loop, this is a feedback control system that automatically matches the phase of a locally generated output signal to an input signal. It is used to recover a signal from a noisy communication channel where data is interrupted.

PQC: Post Quantum Cryptography

Refers to the cryptographic algorithms, most commonly public-key algorithms, that are supposed to be quantum-resistant. It is all about preparing for the emergence of quantum computing and updating the mathematical algorithms such that the encryption is secure against quantum attacks.

PUM: Potentially Unwanted Modifications

Unwanted changes made to computer settings, most commonly caused by malware. These unwanted modifications can prevent users from getting access to the device. Symptoms of PUM include lots of ad pop-ups, continuous flashing on the screen, and changes made to browser settings without the user's knowledge.

PUSH And ACK Flood

A PUSH and ACK flood is a type of denial-of-service (DoS) attack that involves sending a large number of PUSH and ACK packets to a target server or network. The goal of the attack is to overwhelm the target with excessive network traffic and cause it to become unavailable to legitimate users. PUSH and ACK floods are often accomplished using botnets or other malicious software and can have a significant impact on the performance and stability of the targeted systems. To protect against PUSH and ACK floods, organizations can implement network security measures such as firewalls, intrusion detection systems, and rate limiting.

QC: Quantum Computing

A discipline in computing that is based on the principles of quantum mechanics. The quantum computer can solve complex calculations within minutes, which modern-day supercomputers would take years to solve.

QKD: Quantum Key Distribution

Also known as Quantum Cryptography, it is a secure communication mechanism for exchanging cryptographic keys between shared parties.

RA: Registration Authority

A trusted entity in the network authorized by the certificate authority system (CAS) to verify the information provided by a user for a digital certificate.

RADIUS: Remote Authentication Dial-In User Service

A cybersecurity protocol used in the authentication, authorization, and accounting (AAA) framework to enable centralized user authentication for granting access to the network. It is an open standard protocol, which means it can be used among multiple devices

RAT: Remote Access Trojan

A malware program used by malicious attackers to take complete control over the victim’s computer device to perform malicious activities. They are difficult to detect as they exist in stealth mode. RATs can be hidden in games or email attachments and be camouflaged in the infected computer.

RBAC: Role-Based Access Control

Information security practice to manage and audit network access based on the user’s job roles in the organizational hierarchy.

RBI: Remote Browser Isolation

An innovative technology where web browsing activity occurs within an isolated cloud environment to protect users from any malware or malicious code that might be hidden in the website.

RCE: Remote Code Execution

A security vulnerability that allows attackers to execute malicious code in a targeted device remotely. The attacker scans the internet for detecting vulnerabilities that can support the attack and then injects the malicious code using the language of the targeted application.

Replication

Replication is the process of copying files. These copies can be made either locally or remotely to ensure data availability in accidental deletion, equipment failure, or some other mishap.

REST: Representational State Transfer

It is a software architecture that provides guidelines on how an Application Programming Interface (API) should work. REST is simple, flexible, and consumes less bandwidth, making it suitable for a complicated network like the internet. REST APIs, also known as RESTful APIs, are those that adhere to the REST architectural design.

RMF: Risk Management Framework

A set of rules and guidelines presented by the National Institute of Standards and Technology (NIST) which allows businesses to integrate information security and risk management and respond to security incidents faster.

Round Robin

A load balancing algorithm that distributes network traffic evenly by sending requests to each server in turn.

RPO: Recovery Point Objective

Recovery Point Objective (RPO) is the amount of time that is the maximum acceptable amount of data loss after an unplanned data-loss incident, expressed in time. After a restore point is created, you can refer to it when recovering the system's content or state. The recovery point objective (RPO) can vary from organization to organization. For example, a small business may only need a backup because of the last close of business, while larger enterprises have a much shorter RPO, meaning that it's time to back up from the point of failure.

RSA: Rivest-Shamir-Adleman

In 1977, Ron Rivest, Adi Shamir, and Leonard Adleman founded a specific kind of public-key cryptography known as the RSA encryption technique. It is used in encrypting data sent via email and other digital transactions over the Internet.

RTSP: Real-Time Streaming Protocol

Real-Time Streaming Protocol (RTSP) is a way to send voice and video over the internet. It is used by streaming media applications such as Windows Media Player and Quicktime.

SaaS: Software-as-a-Service

The software licensing model, also known as cloud-based software, where cloud providers host the application and make it easily available to end-users over the internet. Used by organizations to promote speed, agility and flexibility.

SAML: Security Assertion Mark-Up Language

A standardized authentication method that validates and authenticates user identity to external applications and services. SAML is most widely used to establish a user’s identity to the cloud service provider.

SAR: Security Assessment Report

A key structured document that shows the results of the security control assessment for the authorizing official or the system administrator.

SASE: Secure Access Service Edge

A cloud-based security model, which uses software-defined networking to enable secure and fast cloud transformation. The benefits of SASE include simplified WAN deployment and complete visibility into the network.

SCEP: Simple Certificate Enrollment Protocol

Certificate management protocol which helps in seamless and automated certificate issuance, without the administrators manually issuing the certificates. SCEP standardizes the information exchange with certificate authority using a URL, thus making the whole process fast and cost-efficient.

Scripting

The use of scripts, or small programs, to automate repetitive tasks in a network.

SDP: Software-Defined Perimeter

Also called ‘Black Cloud’, it is a computer security approach that aims to hide the Internet-connected infrastructure from the attackers. Organizations that use SDP wrap a cloak of invisibility into the infrastructure so that access is restricted to the authorized users only.

Server

A computer system that provides shared services to other systems on a network.

Server Persistence

Server persistence is a feature that allows a client to maintain a session with a specific server even after the client’s IP address has changed.

Session Persistence

A feature of load balancers that ensures that all requests from a single client are sent to the same server.

SET: Secure Electronic Transaction

A communication protocol that was previously used by several e-Commerce websites to secure financial transactions, like credit card payments.

SHA: Secure Hashing Algorithm

A cryptographic algorithm that is used for hashing data and certificate files. It is adopted by PKI market for digital signatures. SHA-1 and SHA-2 are two forms of this algorithm and they secure plain text input by turning it into an encrypted message digest.

SIEM: Security Information and Event Management

A technology that enables organizations to gain a holistic view of the information security infrastructure and detect threats by analyzing the real-time security alerts generated by applications and hardware systems across the organization.

SMTP: Simple Mail Transfer Protocol

An application that is used to exchange emails between a sender and a receiver. When a user sends an email, it is transferred from one server to another using SMTP. It is an open standard protocol, and therefore any network application can use this protocol.

SNMP

Simple Network Management Protocol, a protocol used to manage and monitor network devices.

SOAR: Security Orchestration, Automation, and Response

Security software solutions that help organizations to gather insights and inputs, which are monitored by the security operations team.

SOC: Security Operations Center

Centralized function within the organization where security teams develop strategies to monitor the network environment and improve the security posture while preventing and responding to cybersecurity incidents.

SOX: Sarbanes-Oxley

Also known as the Sarbox Act, it was passed by the United States Congress in 2002. According to SOX compliance, it is mandatory for organizations to conduct annual audits of all the financial statements and transactions, and ensure financial data security against cybersecurity threats.

SSH: Secure Shell

Also known as Secure Socket Shell, this network communication protocol provides users with secure keys for securing the connection between devices within the network. SSH keys authenticate access to critical IT systems and also enable users to manage network devices remotely.

SSL Offloading

SSL Offloading, also known as SSL Termination, is a process in which the SSL encryption and decryption of data is performed by a dedicated device, such as a load balancer or a reverse proxy, rather than by the application server. The main purpose of SSL Offloading is to relieve the application server of the computational burden of encrypting and decrypting data.

SSL: Secure Sockets Layer

SSL certificates are a type of X.509 certificates used to verify the legitimacy of a server-side endpoint in browser-server communication. These certificates bind the public key to the corresponding owner, which can be a server, domain, or host.

SSO: Single Sign-On

An authentication procedure under identity and access management (IAM), that allows users to access multiple SaaS applications with just one set of credentials.

STS: Security Token Service

A cross-platform web service that adds trustworthiness to the relationship between a web service requester and a web service provider. STS validates the information by exchanging security tokens and the requester and provider can then “trust” the credentials.

Subnet

A logical subdivision of a computer network, created by dividing a larger network into smaller, connected networks.

SWG: Secure Web Gateway

A cloud-native solution that prevents users from web-based security threats and prevents unauthorized access into the organization’s internal network.

TEK: Traffic Encryption Key

In network security, this encryption key is used to encrypt plaintext, superencrypt already-encrypted texts and decrypt cipher texts.

Template

A template is a pre-configured set of rules, policies, and settings that can be used to deploy and configure load balancers and other network devices quickly and efficiently.

TI: Threat Intelligence

A service provider that helps organizations to collect information about current and emerging threats that can harm cyber defense and protect critical assets from being misused by attackers.

TLS: Transport Layer Protocol

Introduced in 1999 as the successor protocol to Secure Socket Layer (SSL), this is used to imbue web communications with integrity, security, and resilience against unauthorized tampering and secure connection between clients and servers.

TMK: Terminal Master Key

A root encryption key which is used by an ATM to safeguard the PIN block during financial transactions.

TSK: Transmission Security Key

A major component in network security, which safeguards the data transmission stream over the Internet, against unauthorized interception and exploitation that can be caused due to malicious cyber attacks.

UBA: User Behavior Analytics

Also known as User and Entity Behaviour Analytics, it is a cybersecurity process to detect cyberattacks and fraudulent activities in the network. UBA/UEBA tools track the behavior patterns of users, applications and servers to detect any anomalous activity.

UI: User Interface

A medium of human-computer interaction and communication. It is also referred to as a channel through which a user interacts with an application or a website.

UKPT: Unique Key Per Transaction

A form of encryption key management, which is used to encrypt PINs and protect the sensitive financial information of the bank account holder. For every financial transaction, a unique key is derived.

UPN: User Principal Name

An attribute that is used to authenticate users on Windows OS, it is a standardized communication protocol over the Internet. A UPN format includes a user name connected to the domain name with an “@” sign.

URL: Uniform Resource Locator

Standardized in 1994, commonly known as web address, it is an identifier for identifying and locating resources over the Internet.

Virtual IP

A virtual IP address that is used by a load balancer to distribute traffic to multiple servers.

VLAN

A virtual local area network that allows network devices to be logically separated into different broadcast domains.

VM: Virtual Machines

A computer file that is typically present in the form of an image, and runs like a computer. It allows businesses to run an operating system that behaves like a computer in an application on a desktop.

VPN: Virtual Private Network

A service that establishes a secure, encrypted connection between your computer and the internet. This helps you stay online by providing a private tunnel for your data and communications while you use public networks.

WAF: Web Application Firewall

An application firewall for HTTP connection, it protects applications from various application-layer attacks such as cookie poisoning, cross-site scripting, etc. A WAF lies between external users and web applications to analyze all HTTP communications.

WAP: Wireless Application Protocol

Set of communication protocols that allow wireless device users to access and communicate with web applications and wireless information services following certain specific standards.

WEP: Wired Equivalent Privacy

A security protocol that is specified in the Wireless Fidelity standard, is designed to secure the wireless local area network (WLAN).

Workflow Automation

Workflow automation refers to the process of automating repetitive and routine tasks involved in a workflow. Workflow automation is the use of technology to streamline business processes, reduce errors, and improve efficiency and productivity.

WS-Trust: Web Service Trust Language

A standardized protocol for controlling issuance, renewal and validation of security tokens to enable safe communication between various web applications.

WTLS: Wireless Transport Layer Security

Security protocol which is part of the WAP stack. The functionality of WTLS is similar to TLS 1.0, but with added features like an optimized handshake.

X.509

X.509 is a standard defining the format of public-key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for web browsing and transactions. An X.509 certificate, also known as a digital certificate, contains a public key and an identity (a hostname, an organization, or an individual), and is either signed by a certificate authority (CA) or self-signed.

XML: Extensible Markup Language

Flexible text-based markup language and file format to identify, store and organize data and create information formats. XML is used in back-end web development for transferring data in a standardized format.

ZSK: Zone Signing Key

An authentication key that corresponds to the private key which is used to sign one or multiple authentication keys for a particular zone.

ZTS: Zero Trust Security

A security framework based on the concept of ‘Never Trust, Always Verify’- both outside and inside the organization’s network.