Glossary

Below is a glossary of common mispellings, hyphenations, and contractions of security terms and phrases.

Jump to…

Quicklinks
A	B	C	D	E	F	G	H
I	J	K	L	M	N	O	P
Q	R	S	T	U	V	W	X & Z

Security Terms and Phrases

A

& – Avoid except for formal company names, when space is limited, and in Q&A. 24x7, not 24/7
active-passive
ADC – Acronym for application delivery controller. Spell out on first reference.
advanced persistent threat – Acronym is APT. Spell out on first reference. Also known as targeted threat.
advanced threat protection – Acronym is ATP. Spell out on first reference.
alongside
a.m. – Not am, AM, or A.M. Separate the abbreviation from the time with a space: 5:30 a.m.
Amazon Web Services – Acronym is AWS. Spell out on first reference.
anti-malware – Hyphenate antibot, antiphishing, antispam, antispyware, antivirus – No hyphens.
anymore (adv.)
API – Acronym for application programming interface. Spell out on first reference.
application delivery controller – Acronym is ADC. Spell out on first reference.
application programming interface – Acronym is API. Spell out on first reference.
APT – Acronym for advanced persistent threat. Spell out on first reference.
ATP – Acronym for advanced threat protection. Spell out on first reference.
auto-discover
auto learning
auto scaling
AWS – Acronym for Amazon Web Services. Spell out on first reference.
Azure – Full name is Microsoft Azure. Use Microsoft Azure on first reference.

B

back door (n.) – backdoor (adj.)
back end (n.) – back-end (adj.)
backhaul
backup
bidirection
bitcoin
bitrate
built-in
BYOD – Acronym for bring your own device. Spell out the first reference.

C

callout
CASB – Acronym for cloud access security broker. Spell out on first reference.
cellphone
cloud access security broker – Acronym is CASB. Spell out on first reference.
cloud-scale
codebase
coin mining (n.) – coin-mining (adj.)
cost-effective, cost-effectively
countermeasure
cross section (n.) – cross-section (v.)
cross-communicate, cross-connect, cross-correlate, crosscultural, cross-functional, cross-reference, cross-training
cryptocurrency, cryptojacking, cryptomining
cyber awareness
cyber crime (n.) – cyber-crime (adj.)
cyber criminal (n.) – cyber-criminal (adj.)
cyber fraud
cyber hygiene
cyber program
cyber risk
cyber threat (n.) – cyber-threat (adj.)
cyber warfare (n.) – cyber-warfare (adj.)
cyberattack
cyberbully
cyberespionage
cybersecurity
cyberspace

D

data – Always treat as singular noun. “The data shows…”
data center (n.) – data-center (adj.)
data loss – Not “leakage” or “data leak prevention.”
data loss prevention – Acronym is DLP. Spell out on first reference.
data sheet – two words
database
dataset
DDoS – Acronym for distributed denial-of-service. Spell out on first reference.
decision-maker, decision-making
direct market reseller – Acronym is DMR. Spell out on first reference.
distributed denial-of-service – Acronym is DDoS. Spell out on first reference.
DLP – Acronym for data loss prevention. Spell out on first reference.
DMR – Acronym for direct market reseller. Spell out on first reference.
drill down (v.) – drilldown (n.)

E

e-discovery
ecommerce – Not eCommerce or e-commerce.
eLearning
email – No hyphen.
end-user
endpoint
et al.
Ethernet

F

Fabric-Ready Partners
false positive (n.) – false-positive (adj.)
feature set
form factor
front end (n.) – front-end (adj.)
front line (n.) – frontline (adj.)

G

GbE – do not use. Use GE instead.
GDPR – Acronym for General Data Protection Regulation. Spell out on first reference.
GE – gigabit Ethernet. Do not use GbE.
General Data Protection Regulation – Acronym is GDPR. Spell out on first reference.
gray – not grey

H

Health Insurance Portability and Accountability Act – Acronym is HIPAA. Spell out on first reference.
healthcare
high performance (n.) – high-performance (adj.)
HIPAA – Acronym for Health Insurance Portability and Accountability Act. Spell out on first reference.
HIPS – Acronym for host intrusion prevention system. Spell out on first reference.
hodgepodge
host intrusion prevention system – Acronym is HIPS. Spell out on first reference.
hotspot

I

IaaS – Acronym for Infrastructure-as-a-Service. Spell out on first reference.
iframe
in between (adv.) – in-between (adj.)
in-depth
in-house
in-line
inbox
indicators of compromise – Acronym is IOCs. Spell out on first reference.
industrywide
InfoSec
infostealer
Infrastructure-as-a-Service – Acronym is IaaS. Spell out on first reference.
Internet – Do not capitalize unless part of Internet of Things, etc.
Internet of Medical Things – Acronym is IoMT. Spell out on first reference.
Internet of Things – Acronym is IoT. Spell out on first reference.
intrusion prevention system – Acronym is IPS. Spell out on first reference.
IOCs – Acronym for indicators of compromise. Spell out on first reference.
IoMT – Acronym for Internet of Medical Things. Spell out on first reference.
IoT – Acronym for Internet of Things. Spell out on first reference.
IPS – Acronym for intrusion prevention system. Spell out on first reference.
IPsec

J

job-hopping
jobseeker

K

keylogger
kickoff (n., v.)
know-how

L

leakage – do not use. Use loss instead.
life cycle
line up (v.) – lineup (n.)
log in (v.) – login (n.)
log off (v.) – logoff (n.)

M

MaaS – Acronym for Malware-as-a-Service. Spell out on first reference.
Malware-as-a-Service – Acronym is MaaS. Spell out on first reference.
managed service provider – Acronym is MSP. Spell out on first reference.
metadata
microsegmentation
Microsoft Azure – Use on first reference, then can use Azure.
MSP – Acronym for managed service provider. Spell out on first reference.
multi-cloud
multi-tenant, multi-tenancy
myriad – never use “a myriad of.”

N

nation-state
Network Operations Center – Acronym is NOC. Spell out on first reference.
next generation (n.) – next-generation (adj.)
next-generation firewall – Acronym is NGFW. Spell out on first reference.
Next-Generation Firewall – First letter caps only when used as Fortinet product name.
NGFW – Acronym for next-generation firewall. Spell out on first reference.
NOC – Acronym for Network Operations Center. Spell out on first reference.
not only X but also Y – Do not use a comma before “but.”

O

off-network
off-peak
off-site
offline
offload
on-premises – Not “on-premise”
online
onsite
open source (n.) – open-source (adj.)

P

PaaS – Acronym for Platform-as-a-Service. Spell out on first reference.
p.m. – Not pm, PM, or P.M. Separate the abbreviation from the time with a space: 5:30 p.m.
PC – Acronym for personal computer. OK to use acronym on first reference.
phishing
Platform-as-a-Service – Acronym is PaaS. Spell out on first reference.
plug in (v.) – plugin (n.) – plug-in (adj.)
PoE – Acronym for Power over Ethernet. Spell out on first reference.
Power over Ethernet – Acronym is PoE. Spell out on first reference.
price/performance
problem-solving (n., adj.)
purpose-built

Q

Q & A – For question-and-answer session as part of a presentation. Acronym OK on first reference.

R

real time (n.) – real-time (adj.)
real world (n.) – real-world (adj.)
re-enter
reuse (n., v.) – reusable (adj.)
roll out (v.) – rollout (n., adj.)
rootkit

S

SaaS – Acronym for oftware-as-a-Service. Spell out on first reference.
scale-out
screenshot
SDN – Acronym for software-defined network. Spell out on first reference.
SD-WAN – Acronym for software-defined wide-area network. Spell out on first reference.
SECaaS – Acronym for Security-as-a-Service. Spell out on first reference.
secure sockets layer – Acronym is SSL. Spell out on first reference.
Security-as-a-Service – Acronym is SECaaS. Spell out on first reference.
security information and event management – Acronym is SIEM. Spell out on first reference.
Security Operations Center – Acronym is SOC. Spell out on first reference.
service-level agreement – Acronym is SLA. Spell out on first reference.
setup (n., adj.) – set up (v.). Not set-up.
Shadow IoT
Shadow IT
shapeshifting
shut down (v.) – shutdown (n.)
SIEM – Acronym for security information and event management. Spell out on first reference.
sign in (v.) – sign-in (adj.)
sign off (v.) – signoff (n.)
sign-on
sign out (v.) – sign-out (adj.)
sign up (v.) – sign-up (n., adj.)
signal-to-noise ratio
silo – silos – siloed
skill set
SLA – Acronym for service-level agreement. Spell out on first reference.
smartphone
smartwatch
SOC – Acronym for Security Operations Center. Spell out on first reference.
social media
Software-as-a-Service – Acronym is SaaS. Spell out on first reference.
software-defined network – Acronym is SDN. Spell out on first reference.
software-defined wide-area network – Acronym is SD-WAN. Spell out on first reference.
spam – Not SPAM or Spam.
spear phishing
SSL – Acronym for secure sockets layer. Spell out on first reference.
stand-alone (adj.) – standalone (n.)
standby
startup
such as – Use a comma before “such” if there’s a list of items.

T

that vs. which – Use “that” for essential clauses important to the meaning of a sentence, and without commas. Use of “which” denotes a nonrestrictive (nonessential) clause, which must be set off by a comma.
Threat-intelligence sharing (adj.)
time frame
time slot
time zone – Use lowercase for the names of time zones except for proper nouns: pacific standard time (PST), pacific daylight time (PDT), mountain standard time (MST), mountain daylight time (MDT), central standard time (CST), central daylight time (CDT)
titles of works – Use italics for the titles of books, blogs, magazines, newspapers, and manuals.
TLP – Acronym for transport layer protocol. Spell out on first reference.
TLS – Acronym for transport layer security. Spell out on first reference.
toolkit
touch point
toward – NOT towards.
trade-off
transport layer protocol – Acronym is TLP. Spell out on first reference.
transport layer security – Acronym is TLS. Spell out on first reference.
Trojan
two-factor authentication – Not capitalized unless part of a proper name.

U

ultrahigh
ultralow
Unified Threat Management – Acronym is UTM. Spell out on first reference.
Unified Threat Protection – Acronym is UTP. Spell out on first reference.
use case
username
UTM – Acronym for unified threat management. Spell out on first reference.
UTP – Acronym for unified threat protection. Spell out on first reference.

V

vice versa
voicemail

W

WAF – Acronym for web application firewall. Spell out on first reference.
WAN – Acronym for wide-area network. Spell out on first reference.
web application firewall – Acronym is WAF. Spell out on first reference.
web-based
web filtering
web proxy
web server
webinar
weblink
webpage
website
well known (adv.) – well-known (adj.)
white paper
whitelist
Wi-Fi
wide-area network – Acronym is WAN. Spell out on first reference.

X

x – Use when meaning “times” – e.g., 8x

Z

zero-day threats