Acronyms I have Learnt

So over the last few weeks in security I have had more than a few acronyms thrown my way. Since I have been sick the last week and I have not been working on CTFs or had the mental capacity to do much learning, I thought I would start listing and defining some of them. My goal is to list their definitions and explain them, so that I can remember them better for next time.

  • DAST - Dynamic Application Security Testing

    • The process of analysing and application from the outside of it, via the front end or mobile (sometimes referred to as Mobile Application Security Testing or MAST) and via public APIs. Often this can use Web Proxies to analyse traffic, however no matter the approach, a researcher is looking for vulnerabilities to exploit in order to have them fixed

  • SAST - Static Application Security Testing

    • The process of looking at your own code and infrastructure and checking for vulnerabilities. This could be from unsecured infrastructure, poor code security practices or vulnerabilities in external dependencies.

  • SBOM - Software Bill of Materials

    • A listing of all the software that is used to create a program, application or service. This includes any languages used and any dependencies imported

  • SOC - Security Operations Centre

    • This one I already knew but I wanted to make sure I captured it, a SOC is a centralised hub of information used to monitor, detect and respond to threats. The SOC works to detect threats and intrusions, monitor access to resources and much more depending on the requirements of the security team. The SOC then can facilitate in the investigation of any suspected breaches, vulnerabilities and threats then work on incident response. This can be an in house team or a third party depending on the security teams size and resourcing.

  • SIEM - Security Information and Event Management

    • A SIEM is designed to take in the wide range of information from a SOC and then apply analytics in order to help a security team prioritise alerts. This can use rule based alerting and/or machine learning depending on the chosen SIEM program

While there have been many more acronyms that I should of written down, but I have unfortunately searched them quickly and forgot to note them, so unfortunately this short list will have to do for now.