Acronyms

When specializing in a field, it is common to use and come across acronyms. In some cases, acronyms break the perimeter of the field and start being used by people at large. It is handy to say DNA rather than Deoxyribonucleic acid, so it is no wonder why many acronyms populate our everyday language.

In many cases, however, acronyms are a small barrier for people becoming familiar with a field. In here, I wanted to collect a not particularly complete list of acronyms I have encountered so far during my working life. The list is a continuous WIP (work in progress) and I am maintaining it for my own future reference. On the other hand I realized that it could be helpful to a broader audience and so here we are!

A

AAA Authentication, Authorization and Accounting

AAC Adaptive Access Control

AD Active Directory

ADFS Active Directory Federation Services

AEP Advanced Endpoint Protection

AMD Advanced Malware Detection

AMP Advanced Malware Protection

APM Application Portfolio Management

ARPU Average Revenue Per User

APT Advanced Persistent Threat

ATP Advanced Threat Protection

AUP Acceptable Use Policy

B

BIA Business Impact Analysis

C

CIS Center for Internet Security

COOP Continuity of Operation

CMP Certificate Management Protocol

CNF Carrier Neutral Facility

CSP Cloud Service Provider

D

DC Domain Controller

DCS Distributed Control System

DRM Digital Right Management

E

EAL Evaluation Assurance Level

EAPOL Extensible Authentication Protocol over Lan

EDRM Enterprise Digital Right Management

EH Ethical Hacking

EMM Enterprise Mobility Management

EPP End-Point Protection

ERP Enterprise Resource Planning

F

FPE Field Preserving Encryption

G

GRC Governance, Risk & Compliance

H

HLD High Level Design

HSM Hardware Storage Modules

HSM Hardware Security Modules

I

IAM Identity and Access Management

ICAP Internet Content Adaptation Protocol

ICFR Internal Control Over Financial Reporting

IDaaS Identity as a Service

IEC International Electrotechnical Commission

I&TS Information & Technology Services

IoT Internet of Things

IRM Information Right Management

IT Information Technology

ISMS Information Security Management System

J

K

KMIP Key Management Interoperability Protocol

L

M

MAB MAC Authentication Bypass

MAP Management Assessment Process

MIB Management Information Base

MFA Multi-Factor Authentication

MVNO Mobile Virtual Network Operator

N

NAC Network Access Control

NSM Network and System Management

O

OCSP Online Certificate Status Protocol

P

PAC Proxy Auto-Config

PAM Privileged Access Management

PDU Protocol Data Unit

PII Personal Identifiable Information

PLC Programmable Logic Controller

PLC Power Line Communication

PT Penetration Testing

Q

R

RFP Request For Proposal

RMS Right Management Solution

ROI Return On Investement

RTU Remote Terminal Unit

S

SAML Security Assertion Markup Language

SCEP Simple Certificate Enrollment Protocol

SIEM Security Information and Event Management

SMM System Management Mode

SLA Service Level Agreement

SOAR Security Orchestration, Automation and Response

SRM Security and Risk Management

STS Security Token Service

SSO Single Sign On

SWG Secure Web Gateway

T

TCB Trusted Computing Base

TCO Total Cost of Ownership

TFTP Trivial File Transfer Protocol

U

UEBA User and Entity Behavior Analysis

URI Uniform Resource Identifier

URL Uniform Resource Locator

UTC Coordinated Universal Time

V

W

WAF Web Application Firewall

WBE Work Breakdown Element

WBS Work Breakdown Structure

WSS Web Services Security

Y

Z