description |
---|
Find here some terms you may not heard of... |
- **DevOps: "**DevOps" combines development and operations to unite people, process and technology in all software lifecycle [source].
- GitOps: "GitOps" uses Git repositories as a single source of truth to deliver infrastructure as code [source].
- DevSecOps: "DevSecOps" stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle [source].
- SasS: short for "Software as a Service".
- SAST: short for "Static Application Security Testing". Analysing source code to identify vulnerabilities.
- DAST: short for "Dynamic Application Security Testing". Analysing the application from the outside using the available outputs and inputs (a black-box approach).
- IAST: short for "Interactive Application Security Testing". Combine static and dynamic techniques to improve testing [source].
- SDLC: short for "Software Development Lifecycle". Is the cost-effective and time-efficient process that development teams use to design and build high-quality software [source].
- SCA: short for "Software Composition Analysis". Analysing dependencies in a codebase to manage exposure to security and/or license compliance issues.
- SRE: short for "Site Reliability Engineering".
- K8s: short-way to write "Kubernetes".
- IaC: short for "Infrastructure as Code", using DevOps methodology and versioning with a descriptive model to define and deploy infrastructure [source].
- SBOM: short for "Software Bill Of Materials", is a nested inventory that make up software components. They include critical information about the libraries, tools, and processes used to develop, build, and deploy a sofware artifact [source].
- AIO: short for "All In One".
- CVE: short for "Common Vulnerabilities and Exposures", is a list of publicly disclosed computer security flaws [source].
- VM: short for "Virtual Machine".
- AWS: short for "Amazon Web Services".
- GCP: short for "Google Cloud Platform".
- GH: short for "GitHub".
- GHAS: short for "GitHub Advanced Security".
- CSPM: short for "Cloud Security Posture Management".
- IDS: short for "Intrusion Detection System".
- IPS: short for "Intrusion Protection System".
- SOC: short for "System and Organization Controls".
- CERT: short for "Computer Emergency Response (or readiness) Team".
- CSIRT: short for "Computer Security Incident Response Team".
- CIRT: short for "Computer Incident Response Team" or (less frequently) "Cybersecurity Incident Response Team".
- SOAR: short for "Security Orchestration, Automation and Response".
- SIEM: short for "Security Information and Event Management".
- SIM: short for "Security Information Management".
- SEM: short for "Security Event Management".
- DFIR: short for "Digital Forensics and Incident Response".
- SCAP: short for "Security Content Automation Protocol".
- CSP: short for "Content Security Policy".
- OSS: short for "Open Source Software".
- XSS: short for "Cross-Site Scripting".
- RSS: short for "Really Simple Syndication", a XML format to distribute content in the web.
- REST: acronym for "REpresentational State Transfer", an architectural style for distributed hypermedia systems.
- E2E: short for "End to End".
- SSL: short for "Secure Sockets Layer", to protect connections.
- TLS: short for "Transport Layer Security", transport protocol.
- JWT: short for "JSON Web Token".
- OTP: short for "One Time Password".
- OATH: short for "Open Authentication".
- X509: standard defining the format of public key credentials.
- UFW: short for "Uncomplicated Firewall", a Linux firewall.
- DSL: short for "Domain-specific language".
- CI: short for "Continuous Integration".
- CD: short for "Continuous Delivery".
- HW: short for "Hardware".
- OCI: short for "Oracle Cloud Infrastructure" or "Open Container Initiative".
- MDR: short for "Managed Detection and Response".
- MSS: short for "Managed Security Services".
- CIS: short for "Cyber Intelligence Services" (also the abbreviation for the "Center of Internet Security").
- RTS: short for "Red Team Services".
- GRC: short for "Governance, Risk and Compliance".
- CTI: short for "Cybersecurity Technology Integration".