Skip to content

Glossary

ACL - Access Control List: A list of permissions attached to an object specifying which users or system processes can access objects and what operations they can perform.

API - Application Programming Interface: A set of tools and protocols for building software and applications.

ASR - Attack Surface Reduction: A set of features in Windows Defender that can reduce the attack surfaces on your organization.

BAT - Batch file: A text file containing a series of commands intended to be executed by the command interpreter.

CA - Certification Authority: An entity that issues digital certificates.

CERT - Certificate: A digital certificate used to provide a public key with a trusted association.

CERTs - Certificates: Plural of Certificate, digital documents providing authentication.

CFG - Configuration: Files that contain settings and preferences for configuring software applications.

CIS - Center for Internet Security: A nonprofit organization focused on enhancing cybersecurity readiness and response.

CLI - Command Line Interface: A way of interacting with a computer program by typing commands to perform specific tasks.

CRC32 - Cyclic Redundancy Check 32: A hash function used to detect accidental changes to raw data.

CPU - Central Processing Unit: The primary component of a computer that performs most of the processing inside a computer.

DCA - Data Center Administration: Managing and operating data centers.

DAM - Database Activity Monitoring: Tools and processes used to monitor and analyze database activities.

DBMS - Database Management System: Software that uses a standard method to store and organize data.

DDoS - Distributed Denial of Service: An attack where multiple compromised systems are used to target a single system causing a Denial of Service (DoS) attack.

DLL - Dynamic Link Library: A file that contains code and data that can be used by multiple programs simultaneously.

DLP - Data Loss Prevention: Strategies to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.

DIPS - Data Intrusion Prevention System: A system that prevents unauthorized access to or modification of data.

DNS - Domain Name System: The phonebook of the Internet, translating human-friendly domain names to IP addresses.

EDR - Endpoint Detection and Response: Tools and solutions that detect, investigate, and respond to endpoint threats.

EXE - Executable file: A file that contains a program capable of being executed or run as a program in the computer.

FQDN - Fully Qualified Domain Name: The complete domain name for a specific computer, or host, on the Internet.

FTP - File Transfer Protocol: A standard network protocol used to transfer computer files between a client and server on a computer network.

GID - Group Identifier: A unique identifier assigned to a group of users on a system.

GPU - Graphics Processing Unit: A specialized processor designed to accelerate graphics rendering.

HDD - Hard Disk Drive: Data storage device used for storing and retrieving digital information using one or more rigid rapidly rotating disks.

HIDS - Host-based Intrusion Detection System: An intrusion detection system that monitors and analyzes the internals of a computing system rather than the network packets on its external interfaces.

HTTPS - HyperText Transfer Protocol Secure: An extension of HTTP that provides secure communication over a computer network.

HXTSR - Hidden Task Scheduler: A specific Windows executable file related to task scheduling.

ICMP - Internet Control Message Protocol: A network layer protocol used by network devices to diagnose network communication issues.

IDS - Intrusion Detection System: A device or software application that monitors a network for malicious activity or policy violations.

IaaS - Infrastructure as a Service: Cloud computing services that provide essential compute, storage, and networking resources on demand, on a pay-as-you-go basis.

IOCs - Indicators of Compromise: Pieces of information that can be used to identify a potential security breach.

IPS - Intrusion Prevention System: A system that monitors network or system activities for malicious activities and can prevent those activities.

ISO - International Organization for Standardization: An international standard-setting body composed of representatives from various national standards organizations.

JSON - JavaScript Object Notation: A lightweight data-interchange format that's easy for humans to read and write and easy for machines to parse and generate.

KPI - Key Performance Indicator: A measurable value that demonstrates how effectively a company is achieving key business objectives.

LDAP - Lightweight Directory Access Protocol: An open, vendor-neutral application protocol for accessing and maintaining distributed directory information services.

LSM - Linux Security Module: A framework that allows the Linux kernel to support a variety of computer security models.

MD5 - Message Digest Algorithm 5: A widely used hash function producing a 128-bit hash value.

MDR - Managed Detection and Response: A service that provides outsourced monitoring and management of security threats to an organization.

MFA - Multi-Factor Authentication: A method of confirming a user's identity by utilizing two or more authentication factors.

MITM - Man-in-the-Middle: An attack where the attacker secretly intercepts and possibly alters the communication between two parties who believe they are directly communicating with each other.

MITRE ATT&CK - MITRE Adversarial Tactics, Techniques, and Common Knowledge: A knowledge base for cyber adversary behavior.

NFS - Network File System: A protocol that allows a user on a client computer to access files over a network.

NGAV - Next-Generation Antivirus: Advanced antivirus software using a combination of traditional signature-based detection and modern techniques like machine learning.

NIDS - Network-based Intrusion Detection System: An intrusion detection system that monitors network traffic for suspicious activity.

Org(s) - An "Organization" represents a distinct operational unit or entity within the platform, responsible for managing security policies, users, and resources specific to that entity.

OS - Operating System: System software that manages computer hardware and software resources and provides common services for computer programs.

PaaS - Platform as a Service: A category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications.

RAR - Roshal Archive: A proprietary archive file format that supports data compression, error recovery, and file spanning.

RAID - Redundant Array of Independent Disks: A data storage virtualization technology that combines multiple physical disk drive components into one or more logical units.

RAM - Random Access Memory: A type of computer memory that can be accessed randomly.

RDP - Remote Desktop Protocol: A proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection.

SaaS - Software as a Service: A software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network.

SHA-1 - Secure Hash Algorithm 1: A cryptographic hash function designed by the NSA, producing a 160-bit hash value.

SHA256 - Secure Hash Algorithm 256: A cryptographic hash function that produces a 256-bit hash value.

SHA512 - Secure Hash Algorithm 512: A cryptographic hash function producing a 512-bit hash value.

SIEM - Security Information and Event Management: A system that collects, analyzes, and reports on security-related events and data from across an IT infrastructure.

SI - System Integrator: An individual or business that builds computing systems for clients by combining hardware, software, networking, and storage products from multiple vendors.

SLA - Service Level Agreement: A commitment between a service provider and a client regarding the expected level of service.

SMTP - Simple Mail Transfer Protocol: An Internet standard for email transmission.

SNMP - Simple Network Management Protocol: An Internet-standard protocol for managing devices on IP networks.

SOC - Security Operations Center: A centralized unit that deals with security issues on an organizational and technical level.

SQL - Structured Query Language: A standardized programming language used to manage relational databases and perform various operations on the data in them.

SSH - Secure Shell: A cryptographic network protocol for operating network services securely over an unsecured network.

SSD - Solid State Drive: A type of mass storage device similar to a hard disk drive but uses flash memory instead of magnetic platters.

TFTP - Trivial File Transfer Protocol: A simple lockstep file transfer protocol which allows a client to get a file from or put a file onto a remote host.

TMP - Temporary file: Files created to temporarily contain information while a new file is being made.

TTL - Trust Time-to-Live: A time limit for the validity of a trust relationship.

UAC - User Account Control: A security feature in Windows that helps prevent unauthorized changes to the operating system.

UID - User Identifier: A unique identifier assigned to each user on a system.

URL - Uniform Resource Locator: The address of a web page on the internet.

USB - Universal Serial Bus: An industry standard for short-distance digital data communications.

VAR - Value Added Reseller: A company that adds features or services to an existing product, then resells it as an integrated product or complete "turn-key" solution.

VPN - Virtual Private Network: A service that allows you to connect to the Internet via a server run by a VPN provider.

VTI - VirusTotal Intelligence: A feature from VirusTotal offering advanced search and threat hunting capabilities.

WAF - Web Application Firewall: A firewall that monitors, filters, and blocks HTTP traffic to and from a web application.

WCS - White Cloud Security: The name of the security product.

WHACK - WhiteHeron App Control Kernel: A specific kernel module or feature in White Cloud Security.

WHACKER - WHACK Kernel Extension Response: An extension or response mechanism related to WHACK.

XDR - Extended Detection and Response: An integrated suite of security tools and data sources for a more comprehensive threat detection and response.