Lexicon - IKARUS Security Software

Here you can find abbreviations and explanations of common IT security terms

Dictionary

Abbreviation

Meaning

Description / Definition:

2FA

Two Factor Authentication

Identification using two independent components (e.g. card plus PIN or web login plus mobile phone TAN)

API

API Application Programming Interface

Application programming interface

APT

Advanced Persistent Threat

Sophisticated, targeted way of attacking the IT / OT / ICS infrastructure of an organization or a company

ATP

Advanced Threat Protection

Defence against targeted, high-tech attacks

BYOD

Bring Your Own Device

Use of private devices in the company environment (Internet access, access to contact data, etc.)

C2 / C&C

Command and Control

C&C servers are central computers that control botnets, collect data and send commands

CMS

Content Management System

Software for the provision and processing of content, e.g. for websites

CPU

Central Processing Unit

CRM

Customer Relationship Management

Software for the management of customer data and relationships

CVE

Common Vulnerabilities and Exposures

List of publicly known vulnerabilities

(D)DoS

(Distributed) Denial of Service

Attack targeting the unavailability of an Internet service

DKIM

Domain Keys Identified Mail

Prevents changes to emails during transport

DMARC

Domain-Based Message Authentication Reporting and Conformance

Combination from SPF and DKIM

DNS

Domain Name System

System for resolving computer names into IP addresses and vice versa

GDPR

General Data Protection Regulation

Legal requirements for dealing with sensitive data

FTP

File Transfer Protocol

Network protocol for transferring files over IP networks

HTTPS

Hyper Text Transfer Protocol Secure

Communication protocol for the secure transmission of data over the Internet (secure HTTP connection)

IACS

Industrial automation and control systems

ICS

Industrial Control Systems

Control systems for industrial processes

ID

Identifier

Unique identification feature

IDS

Intrusion Detection System

A system for detecting attacks on computer systems or networks

IEC

International Electrotechnical Commission

International standardization commission for electrical engineering

IoCs

Indicators of Compromise

Indicators of an infection, e.g. signatures or addresses of command & control servers

IoT

Internet of Things

Network of “intelligent” objects that communicate with each other via processors and sensors via an IP network

IP

Internet protocol

Widely used network protocol for data packet switching

ISMS

Information Security Management System

Describes all internal processes and rules that have the task – online or offline – of permanently defining, controlling, monitoring, maintaining and improving information security

IT

Information Technology

Information and data processing based on provided technical services and functions

MDR

Managed Detection and Response

Managed (outsourced) detection and response services

NFC

Near Field Communication

Transmission standard for contactless data exchange

OT

Operational Technology

Hardware and software for monitoring and controlling the performance of industrial devices or processes

Personal Identification Number

Secret code used for identification

PKI

Public Key Infrastruktur

System that can issue, distribute and verify digital certificates

QR-Code

Quick Response Code

2D codes that are read by QR Code scanners and may contain links, text or other data

RFID

Radio Frequency Identification

Technology for automatic and contactless identification and localization using radio waves

SIEM

Security Information and Event Management

System that evaluates, summarizes and correlates the log files of the used IT security solutions

SLA

Service Level Agreement

Recurring Services Contract

SOAR

Security Orchestration Automation and Response

Orchestration, control and collection of data from different programs about security threats

SOC

Security Operation Center

Managed security platform that centrally collects alerts and event data and whose team of experts evaluates them against up-to-date threat data

SPF

Sender Policy Framework

Defines allowed senders for email domains

SSL

Secure Sockets Layer

Network protocol for secure data transmission

TI

Threat Intelligence

Data on threats (e.g. malware or groups of attackers)

TLS

Transport Layer Security

Upgraded version of SSL

TTPs

Tactics, Tools and Procedures

Typical attackers’ approaches

URL

Uniform Resource Locator

Internet address of a single page

USB

Universal Serial Bus

System for connection (e.g. data transmission) between computer and external devices

VR

Virtual Reality

Representation and perception of reality in a computer-generated interactive environment

WAF

Web Application Firewall

A service to protect against attacks via HTTP on web applications.

WLAN

Wireless Local Area Network

Wireless local radio network

WiFi

Abbreviation for “Wireless Fidelity”

Wireless local radio network for the 802.11 radio standard and compatible devices

WPA

WiFi Protected Access

Encryption type in the area of radio networks