A summary of the most abbreviations I encountered so far. Feel free to contribute via Pull request.
| Abbreviation | Meaning |
|---|---|
| 3LOD | Three Lines of Defense |
| AAA | Authentication, Authorization, Accounting |
| A | Availability |
| AC | Attack Complexity |
| ACL | Access Control List |
| ACLE | Account Life Cycle Events |
| ACME | Automated Certificate Management Environment |
| ACPI | Advanced Configuration and Power Interface |
| ADDS | Active Directory Domain Service |
| AEP | ATT&CK Emulation Plans |
| AES | Advanced Encryption Standard |
| AH | Authentication Header |
| AMQP | Advanced Message Query Protocol |
| AMSI | Antimalware Scan Interface |
| ANSI | American National Standards Institute |
| API | Application Programming Interface |
| APIPA | Automatic Pricate IP Addressing |
| APT | Advanced Packaging Tool |
| APT | Advanced Persistent Threat |
| ARP | Address Resolution Protocol |
| ASLR | Address Space Layout Randomization |
| ASM | Attack Surface Management |
| ASPX | Active Server Page Extended |
| ASR | Attack Surface Reduction |
| ASVS | Application Security Verification System |
| ATM | Asynchronous Transfer Mode |
| ATT | App Tracking Transparency |
| ATT&CK | Adversarial Tactics, Techniques, and Common Knowledge |
| AuthPF | Authentication Packet Filter |
| AV | Antivirus |
| AV | Attack Vector |
| AWL | App White Listing |
| AXFR | DNS Zone Transfer / DNS Query Type |
| BEC | Business Email Compromise |
| BFP | Berkeley Packet Filter |
| BGP | Border Gateway Protocol |
| BIOC | Behavioral Indicator of Compromise |
| BITS | Background Intelligence Transfer Service |
| BLOB | Binary Large Object |
| BSS | Base Service Set |
| BYOL | Bring Your Own Land |
| BYOVD | Bring Your Own Vulnerable Driver |
| C2 | Command and Control |
| C3 | Custom Command and Control |
| C4 | Customizable Command and Control Center |
| CAM | Content Addressable Memory |
| CAPTCHA | Completely Automated Public Turing Test to tell Computers and Humans appart |
| CAR | Cyber Analytics Repository |
| CASB | Cloud Access Security Broker |
| CBC | cypher Block Chaining |
| CBC-MAC | Cipher Block Chaining Message Authentication Code |
| CBSP | Cloud-Based Security Provider |
| C | Confidentiality |
| ccTLD | Country Code Top-Level Domain |
| CDC | Cyber Defense Center |
| CDN | Content Delivery Network |
| CDP | Certificate Distribution Point |
| CEH | Certified Ethical Hacker |
| CERT | Computer Emergency Response Team |
| CFG | Control Flow Guard |
| CFP | Call for Papers |
| CHAP | Challenge-Handshake Authentication Protocol |
| CIA | Confidentiality, Integrity, Availability |
| CI/CD | Continuous Integration / Continuous Delivery |
| CIFS | Common Internet File System |
| CL | Content-Length |
| CLM | Constrained Language Mode |
| CMMI | Mellon Capability Maturity Model |
| CNCF | Cloud Native Computing Foundation |
| CN | Change Notice |
| COFF | Common Object File Format |
| COLO | Co-Location |
| COM | Computer Object Model |
| CONOPS | Concept of Operations |
| CORS | Cross-Origin Resource Sharing |
| CPRS | Cross Origin Resource Sharing |
| CRC | Code Ready Containers |
| CRI | Container Runtime Interface |
| CRLF | Carriage Return Line Feed |
| CRUD | Create, Read, Update, Delete |
| CSAF | Common Security Advisory Framework |
| CSD | Client-Side Desync |
| CSIRT | Computer Security Incident Response Team |
| CSMA/CD | Carrier Sense Multiple Access/Collision Detection |
| CSP | Content Security Policy |
| CSPM | Cloud Security Posture Management |
| CSRF | Client-Side Request Forgery |
| CSRSS | Client Server Runtime Process |
| CTA | Czberroam Transparent Authentication |
| CTAP | Client to Authenticator Protocol |
| CTI | Cyber Threat Intelligence |
| CU | Content Update |
| CVE | Common Vulnerabilities and Exposures |
| CVRF | Common Vulnerability Reporting Framework |
| CVSS | Common Vulnerability Scoring System |
| CWE | Common Weakness Enumeration |
| D3FEND | Detection, Denial, and Disruption Framework Empowering Network Defense |
| DAAS | Data, Assets, Applications and Services |
| DAC | Discretionary Access Control |
| DACL | Discretionary Access Control List |
| DAD | Destruction, Alteration, Disclosure |
| DAPP | Decentralized Applications |
| DCIM | Data Center Infrasctructure Management |
| DCOM | Distributed Component Object Model |
| DDNS / DynDNS | Dynamic Domain Name System |
| DDoS | Distributed Denial of Service |
| DEFI | Decentralized Finance |
| DEG | Defender Exploit Guard |
| DEP | Data Execution Prevention |
| DES | Data Encryption Standard |
| DFD | Data Flow Diagram |
| DFIR | Digital Forensics Incident Response |
| DHCP | Dynamic Host Configuration Protocol |
| DI | Dependency Injection |
| DIG | Domain Information Groper |
| DKIM | DomainKeys Identified Mail |
| DLP | Data Loss Prevention |
| DLR | Dynamic Language Runtime |
| DMARC | Domain-Based Message Authentication Reporting & Conformance |
| DMZ | Demilitarized Zone |
| DNF | Dandified YUM |
| DNSBL | Domain Name System-Based Blackhole List |
| DNSCAA | DNS Certification Authority Authorization |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security Extensions |
| DOCSIS | Data Over Cable Service Interface Specification |
| DOH | DNS over HTTPS |
| DOM | Document Object Model |
| DOT | DNS over TLS |
| DPAPI | Data Protection Application Programming Interface |
| DRDoS | DNS Reflection Denial of Service |
| DREAD | Damage, Reproducibility, Exploitability, Affected Users, Discoverability |
| DSA | Digital Signature Algorithm |
| DSCP | Differntiated Services Code Point |
| DSP | Digital Signal Procesor |
| DTD | Document Type Definition |
| DTMF | Dual Tome Multi Frequency |
| E2EE | End-to-End Email Encryption |
| EAP-AKA | EAP Authentication and Key Agreement |
| EAP-AKA' | EAP Authentication and Key Agreement Prime |
| EAP-EKE | EAP Encrypted Key Exchange |
| EAP | Extensible Authentication Protocol |
| EAP-FAST | EAP Flexble Authentication via Secure Tunneling |
| EAP-GTC | EAP Generic Token Card |
| EAP-IKEv2 | EAP Internet Key Exchange v2 |
| EAP-NOOB | EAP Nimble Out-of-Band Authentication |
| EAP-POTP | EAP Protected One-Time Password |
| EAP-PSK | EAP Pre-Shared Key |
| EAP-SIM | EAP Subscriber Identity Module |
| EAP-TLS | EAP Transport Layer Security |
| EAP-TTLS | EAP Tunneled Transport Layer Security |
| EAR | Execution After Redirect |
| eBGP | External Border Gateway Protocol |
| EBP | Extended Base Pointer |
| ECC | Elliptic Curve Cryptography |
| ECDH | Elliptic Curve Diffie-Hellmann |
| ECDSA | Elliptic Curve Digitial Signature Algorithm |
| ECP | Encryption Control Protocol |
| eCPPTv2 | eLearnSecurity Certified Professional Penetration Tester |
| EDR | Endpoint Detection and Response |
| EDTR | Endpoint Detection and Threat Response |
| EIGRP | Enhanced Interior Gateway Routing Protocol |
| EIP | Extended Instruction Pointer |
| eJPT | eLearnSecurity Junior Penetration Tester |
| ELF | Executable and Linkable Format |
| ELK | Elasticsearch, Logstash, Kibana |
| EM | Exposure Management |
| ESAE | Enhanced Security Administrative Environment |
| ESI | Edge Side Includes |
| ESP | Encapsulating Security Payload |
| ESP | Extended Stack Pointer |
| ETW | Event Tracing for Windows |
| FAANG | Facebook, Apple, Amazon, Netflix, Google |
| FIB | Forward Information Base |
| FIDO | Fast Identity Online |
| FIFO | First In, First Out |
| FIM | File Integrity Monitoring |
| FinTS | Financial Transaction Services |
| FIPS | Federal Information Processing Standards |
| FLoC | Federated Learning of Cohorts |
| FOSS | Free and Open Source Software |
| FPM | FastCGI Process Manager |
| FTTB | Fiber to the Building |
| FTTC/K | Fiber to the Curb / Kerb |
| FTTD | Fiber to the Desktop |
| FTTDP | Fiber to the Distribution Point |
| FTTE/Z | Fiber to the Enclosure / Zone |
| FTTF | Fiber to the Frontage |
| FTTH | Fiber to the Home |
| FTTLA | Fiber to the Last-Amplifier |
| FTTN | Fiber to the Note |
| FTTO | Fiber to the Office |
| FTTP | Fiber to the Premises |
| FTTX | Fiber to the X |
| FUD | Fully Undetectable |
| GCM | Galois Counter Mode |
| GCP | Google Cloud Platform |
| GDPR | General Data Protection Regulation |
| GMSA | Group Managed Service Accounts |
| GOT | Global Offset Table |
| GPO | Group Policy Object |
| GPON | Gigabit-Capable Passive Optical Networks |
| GPP | Group Policy Preferences |
| GRC | Governance, Risk Management and Compliance |
| GRE | Generic Routing Encapsulation |
| GRPC | Google Remote Procedure Calls |
| GSSAPI | Generic Security Services Application Program Interface |
| gTLD | Generic Top-Level Domain |
| HBCI | Home Banking Computer Interface |
| HFC | Hybrid Fiber-Coaxial |
| HIDS | Host-Based Intrusion Detection System |
| HIPS | Host-based Intrusion Prevention System |
| HMAC | Hash-Based Message Authentication Code |
| HOTP | HMAC-Based One-Time Password |
| HPC | High Performance Computing |
| HQL | Hybernate Query Language |
| HSDPA | High-Speed Downlink Packet Access |
| HSRP | Host Standby Router Protocol |
| HSTS | HTTP Strict Transport Security |
| HTA | HTML Application |
| HTML | Hypertext Markup Language |
| IAM | Identity Access Management |
| IAVM | Information Assurance Vulnerbaility Alert |
| iBGP | Internal Border Gateway Protocol |
| IBN | Intent-Based Networking |
| ICMP | Internet Control Message Protocol |
| IDN | International Domain Name |
| IDOR | Insecure Direct Object Reference |
| IDS | Intrusion Detection System |
| IEC | International Electrotechnical Commission |
| IFS | Internal Field Separator |
| IGMP | Internet Group Management Protocol |
| IGRP | Interior Gateway Routing |
| I | Integrity |
| IKE | Internet Key Exchange |
| IMAP | Internet Message Access Protocol |
| IMDS | Instance Metadata Service Version |
| IMEI | International Mobile Equipment Identity |
| IMSI | International Mobile Subscriber Identity |
| IOA | Indicator of Attack |
| IOC | Indicator of Compromise |
| IOMMU | Input-Output Memory Management Unit |
| IPAM | IP Address Management |
| IPC | Inter-Process Communication |
| IPFIX | Internet Protocol Flow Information Export |
| IP | Internet Protocol |
| IPSEC | Internet Protocol Security |
| IPS | Intrusion Prevention System |
| IRDP | ICMP Router Discovery Protocol |
| ISAC | Information Sharing and Analysis Center |
| ISAMKP | Internet Security Association and Key Management Protocol |
| IS-IS | Intermediate System to Intermediate System |
| ISO | International Organization for Standardization |
| JEA | Just Enough Administration |
| JS | JavaScript |
| JSON | JavaScript Object Notation |
| JSP | Java Server Pages |
| JWKS | JSON Web Key Set |
| KASLR | Kernel Address Space Layout Randomization |
| KDC | Key Distribution Center |
| KQL | Kibana Query Language |
| LAPS | Local Administrator Password Solution |
| LDAP | Lightweight Directory Access Protocol |
| LEAP | Lightweight Extensible Authentication |
| LFI | Local File Inclusion |
| LIFO | Last In, First Out |
| LINQ | Language-Integrated Query |
| LKM | Loadable Kernel Module |
| LLC | Logical Link Layer |
| LLM | Large Language Model |
| LLMNR | Link-Local Multicast Name Resolution |
| LOC | Logistic Operation Center |
| LORAWAN | Long Range Wide Area Network |
| LOTL | Living of the Land |
| LPD | Line Printer Daemon |
| LQL | Lucene Query Language |
| LSA | Local Security Authority |
| LSASS | Local Security Authority Subsystem Service |
| LXC | Linux Container |
| LXD | Linux Daemon |
| MAC | Mandatory Access Control |
| MAC | Medium Access Control |
| MAC | Message Authentication Code |
| MD | Message Digest |
| mDNS | Multicast DNS |
| MDR | Managed Detection and Response |
| MEAN | MongoDB, Express.js, AngularJS, Node.js |
| MFA | Multi-Faktor Authentication |
| MIB | Management Information Base |
| MIME | Multipurpose Internet Mail Extensions |
| MOK | Machine Owner Key |
| MPLS | Multiprotocol Label Switching |
| MQTT | Message Queue Telemetry Transport Protocol |
| MSHTA | Microsoft HTML Application |
| MS-NRPC | Microsoft NetLogon Remote Protocol |
| MSS | Maximum Segment Size |
| MSSP | Managed Security Service Provider |
| MTA | Mail Transfer Agent |
| MTASTS | Mail Transfer Agent-Strict Transport Security |
| MTLS | Mutual TLS |
| NAK | Negative Acknowledgement |
| NBNS | NetBIOS Name Server |
| NBT-NS | NetBIOS Name Service |
| NCSC | National Cyber Security Centre |
| NDA | Non-Disclosure Agreement |
| NDR | Network Detection and Response |
| NFC | Near-Field Communication |
| NFS | Network File System |
| NGAV | Next-Generation Antivirus |
| NGE | Next Generation Encryption |
| NGFW | Next-Generation Firewall |
| NIDS | Network-based Intrusion Detection System |
| NIPS | Network-based Intrusion Prevention System |
| NIST | National Institute of Standards and Technology |
| NLA | Network Level Authentication |
| NMI | Non-maskable Interrupt |
| NMS | Network Monitoring System |
| NOC | Network Operation Center |
| NONCE | Number used once |
| NoSQL | Not only SQL |
| NoTW | Mark-of-the-Web |
| NSX | Full-Stack Network & Security Virtuakization |
| NTFS | New Technology File System |
| NTLM | New Technology Lan Manager |
| NX | Non-Executable Stack |
| OCSP | Online Certificate Status Protocol |
| OGNL | Object-Graph Navigation Language |
| OIDC | Open ID Connect |
| OID | Object Identifier |
| OOB | Out-of-Band |
| OPtH | Overpass-the-Hash |
| OSCP | Offensive Security Certified Professional |
| OSINT | Open Source Intelligence Tools |
| OSPF | Open Shortest Path First |
| OSSEC | Open Source HIDS Security |
| OSSEM | Open Source Security Event Metadata |
| OSSTMM | Open Source Security Testing Methodology Manual |
| OSWE | Offensive Security Web Expert |
| OVAL | Open Vulnerability and Assessment Framework |
| OWASP | Open Web Application Security Project |
| PAM | Pluggable Authentication Module |
| PAM | Privileged Access Management |
| PAP | Password Authentication Protocol |
| PBKDF1 | Password-Based Key Derivation Function 1 |
| PBKDF2 | Password-Based Key Derivation Function 2 |
| PCI | Payment Card Industry |
| PEAP-MSCHAPv2 | Protected Extensible Authentication Protocol MS-CHAPv2 |
| PEAP | Protected Extensible Authentication Protocol |
| PEB | Process Environment Block |
| PEM | Privacy Enhanced Mail |
| PI | Process Instrumentation |
| PIE | Position Independent Executable |
| PII | Personally Identifiable Information |
| PIM | Privileged Identity Management |
| PKCS | Public-Key Cryptography Standard |
| PKI | Public-Key Infrastructure |
| PNAC | Port-Based Network Access Control |
| POC | Phone Operation Center |
| POP | Post Office Protocol |
| POSIX | Portable Operating System Interface |
| PPL | Protected Process Light |
| PQC | Post Quantum Cryptography |
| ProgID | Programmatic ID |
| PR | Privileges Required |
| PSAD | Port Scan Attack Detector |
| PSA | Public Service Announcement |
| PTA | Permission-to-Attack |
| PTK | Pairwise Transient Key |
| PTK | Penetration Testing Kit |
| QCR | Quantum Computer Resistant |
| QEMU | Quick Emulator |
| QUIC | Quicik UDP Internet Connections |
| RAX | Register "a" extended |
| RBAC | Role Based Access Control |
| RBCD | Resource Based Constrained Delegation |
| RBL | Realt-Time Blackhole List |
| RBL | Return Black List |
| RBP | Register Base Pointer |
| RBX | Register "b" extended |
| RC4 | Rivest Cipher 4 |
| RCX | Register "c" extended |
| RDI | Register Destination Index |
| RDNS | REverse Domain Name System |
| RDP | Responsible Disclosure Policy |
| R&D | Research and Development |
| RDX | Register "d" extended |
| RELRO | Relocation Read-Only |
| REST | Representional State Transfer |
| RFC | Request for Comments |
| RFI | Remote File Inclusion |
| RID | Relative Identifier |
| RIP | Routing Information Protocol |
| RNDC | Remote Name Daemon Control |
| ROE | Rules of Engagement |
| ROP | Return Oriented Programming |
| RPC | Remote Procedure Calls |
| RPKI | Resource Public Key Infrastructure |
| RSA | Rivest-Shamir-Adlemann Algorithm |
| RSI | Register Source Index |
| RSP | Register Stack Pointer |
| RTCO | Red Team Certified Operator |
| RTP | Real-Time Transport Protocol |
| RX | Receiving |
| SAML | Security Assertion Markup Language |
| SAM | Security Accounts Manager |
| SAN | Subject Alternative Name |
| SA | Security Associations |
| SAS | Secure Attention Sequence |
| SASL | Simple Authentication and Security Layer |
| SAST | Static Application Security Testing |
| SCD | Source Code Disclosure |
| SCEP | Simple Certificate Enrollment Protocol |
| SCM | Service Control Manager |
| SCTP | Stream Control Transmission Protocol |
| SDDL | Security Descriptor Definition Language |
| SDLC | Software Development Lifecycle |
| SDL | Security Development Lifecycle |
| SDP | Session Description Protocol |
| SD-WAN | Software-Defined Wide Area Network |
| SEO | Search Engine Optimization |
| SHIM | First Stage Bootloader |
| SID | Security Identifier |
| SIEM | Security Information and Event Management |
| SIKE | Supersingular Isogeny Key Encapsualtion |
| SIM | Subscriber Identity Module |
| SIP | Session Initiaton Protocol |
| SKEL | Skeleton |
| SLAAC | Stateless Address Auto-Configuration |
| SMB | Server Message Block |
| SMIME | Secure Multipurpose Internet Mail Extension |
| SMSS | Session Manager Subsystem |
| SMTP | Simple Mail Transfer Protocol |
| SOAR | Security Orchestration, Automation and Response |
| SOA | Statement of Applicability |
| SOC | Security Operations Center |
| SoC | System on Chips |
| SOP | Same Origin Policy |
| SOP | Standard Operating Procedure |
| SOQL | Salesforce Object Query Language |
| SPA | Sender Protocol Address |
| SPF | Sender Policy Framework |
| SPI | Security Parameter Index |
| SPN | Service Principal Name |
| SPX | Secure PDF Exchange |
| SQLI | Server-Query Language Injection |
| SQL | Structured Query Language |
| S | Scope |
| S-SDLC | Secure Software Development Lifecycle |
| SRI | Subresource Integrity |
| SSDT | Secondary System Descriptor Tables |
| SSE | Server-Side Encryption |
| SSI | Server Side Includes |
| SSL | Secure Socket Layer |
| SSN | Syscall Service Numbers |
| SSO | Single Sign-On |
| SSOT | Single Source of Truth |
| SSPR | Self-Service Password Reset |
| SSRF | Server-Side Request Forgery |
| SSSD | System Security Services Daemon |
| SSTF | Scroll to Text Fragment |
| SSTI | Server-Side Template Injection |
| STAS | Sophos Transparent Authentication Suite |
| STEM | Systematic, Threat, Evaluation, Methodology |
| STIG | Security Technical Implementation Guide |
| STIX | Structured Threat Information Expression |
| STRIDE | Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege |
| STS | Security Token Service |
| TAN | Transaction Authentication Number |
| TAXII | Trusted Automated Exchange of Intelligence |
| TCSEC | Trusted Computer System Evalutation Criteria |
| TE | Transfer-Encoding |
| TEAP | Tunnel Extensible Authentication Protocol |
| TEE | Trusted Execution Environment |
| TELNET | Teletype Network |
| TGS | Ticket Granting Service |
| TGT | Ticket Granting Ticket |
| THA | Target Hardware Address |
| TI | Threat Intelligence |
| TIBER-EU | Threat Intelligence-Based Ethical Red-Teaming |
| TLD | Top-Level Domain |
| TLS | Transport Layer Security |
| TOS | Terms of Service |
| TOTP | Time-Bases One-Time Password |
| TPM | Trusted Platform Module |
| TPS | Testing Procedure Specification |
| TSIG | Transaction Signatures |
| TTP | Tactics, Techniques and Procedures |
| TX | Transmitting |
| UAF | Use-After-Free |
| UIPI | User Interface Privilege Isolation |
| UI | User Interaction |
| UI | User Interface |
| UPN | User Principal Name |
| URI | Uniform Resource Identifier |
| URL | Uniform Resource Locator |
| USART | Universal Synchronous/Asynchronous Receiver-Transmitter |
| UUID | Universally Unique Identifier |
| VACM | View-Based Access Control Model |
| VBA | Visual Basic for Application |
| VDP | Vulnerbaility Disclosure Program |
| VICI | Versatile IKE Configuration Interface |
| VOC | Video Operation Center |
| VoLTE | Voice over Long-Term Evolution |
| VPN | Virtual Private Network |
| WAN | Wide Area Network |
| WAP | Web Application Protection |
| WASM | Web Assembly |
| WAT | Web Assembly Text Format |
| WCD | Web Cache Deception |
| WDAC | Windows Defender Application Control |
| WDM | Wavelength-Division Multiplexing |
| WEP | Wired Equivalent Privacy |
| WinRM | Windows Remote Management |
| WMI | Windows Management Instrumentation |
| WMIC | Windows Management + Instrumentation Command-Line |
| WOFF | Web Open Font Format |
| WORM | Write Once, Read Many |
| WPA2 | Wi-Fi Protected Access 2 |
| WPAD | Web Proxy Autodiscovery Protocol |
| WPA | Wi-Fi Protected Access |
| WSH | Windows Script Host |
| XDP | Express Data Path |
| XDR | Extended Detection and Response |
| XHR | XML HTTP Request |
| XOR | Exclusive or |
| XSLT | Extensible Stylesheet Language Transformation |
| XSS | Cross-Site Scripting |
| XST | Cross-Site Tracing |
| XXE | XML External Entity |
| YAML | YAML Ain't Markup Language |
| YUM | Yellowdog Updater, Modified |
| ZTA | Zero Trust Approach |
| ZTNA | Zero Trust Network Access |