EDR, SIEM, CSPM, SSL, SSH, TLS, DOD, DoDetc. etc. We have so many Security Acronyms and initialisms[1] in the security space that it’s difficult to keep track of them all! Early on at my previous job, I created a security lexicon on our intranet that could be used for lookups and referencing. This later morphed into mostly a listing of acronyms, what the acronym stands for, and a link to some sort of reference for additional context.

This was extremely useful, and as I work to move a lot of my personal and professional notes to this site, it will make both a good point of reference, and also a nice sort of index for the site. Linked above, but also again here to make it really visible is my list of:

Security Acronyms

  1. Technically, an acronym needs to be or become an actual word, like “FIRST”, and an initialism is a shortening of a phrase or title into the initial character of each word. I tend to think of an acronym as being pronounceable, such SIEM, whereas an initialism is like EDR where we pronounce each character separately. For brevity, I’ll use acronym to refer to both. ↩︎