Acronyms used in the Workspace ONE and Horizon Cloud Security Series
Overview
This document provides a list of acronyms and respective definitions that you may encounter in the Workspace ONE and Horizon Cloud security series, which can be found on the Tech Zone Security page.
A - B
Acronyms from A through B:
- ACL - Access control list (ACL)
- ACSC - Australian Cyber Security Centre (ACSC)
- AD - Active Directory (AD)
- ADFS - Active Directory Federation Services (ADFS)
- AES - Advanced Encryption Standard (AES)
- AMI - Amazon Machine Images (AMI)
- AOC PCI - Attestation of Compliance (AoC) Payment Card Industry (PCI)
- APAC - Asia-Pacific region (APAC)
- API - Application programming interface (API)
- ASF - Defensive-centric perspective (ASF)
- ASV - Approved Scanning Vendor (ASV)
- AV - Anti-virus (AV)
- AWF - Alternative workforce (AWF)
- AWS - Amazon Web Services (AWS)
- AZ - Availability Zone (AZ)
- BC - Business Continuity (BC)
- BC – Broadcom (BC)
- BCR - Binding Corporate Rules (BCRs)
- BSIMM - Building Security in Maturity Model (BSIMM)
- BYO - Bring your own (device (BYOG) or key (BYOK))
C - D
Acronyms from C through D:
- CA - Certificate Authority (CA)
- CAIQ - Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CAIQ)
- CCDA - Cisco Certified Design Associate (CCDA)
- CCDP - Cisco Certified Design Professional (CCDP)
- CCIE – Cisco Certified Internetwork Expert (CCIE)
- CCNP – Cisco Certified Network Professional (CCNP)
- CCNA – Cisco Certified Network Associate (CCNA)
- CCSP - Certified Cloud Security Professional (ISC2 CCSP)
- CCTV - Closed Circuit Television Camera (CCTV)
- CD - Continuous Delivery (CD)
- CDN - Content Delivery Network (CDN)
- CEH - Certified Ethical Hacker (CEH)
- CI/CD - Continuous integration, continuous deployment pipeline (CICD)
- CIPM - Certificate in Investment Performance Measurement (CIPM
- CIPP/E - Certified Information Privacy Professional/Europe (CIPP/E)
- CIS - Center of Internet Security (CIS) Benchmarks
- CISM - Certified Information Security Manager (CISM)
- CISSP - Certified Information Systems Security Professional (ISC2 CISSP)
- CMMC - Cybersecurity Maturity Model Certification (DISA CMMC)
- CompTIA - Computing Technology Industry Association (CompTIA)
- CSA - Cloud Security Alliance (CSA)
- CSRF - Cross-site request forgery (XSRF or CSRF)
- CSV - Comma-separated values (CSV)
- CUI - Controlled Unclassified Information
- CVSS - Common Vulnerability Scoring System (CVSS)
- CWE/SANS - Common Weakness Enumeration (CWE/SANS)
- DaR – Data-at-Rest (DaR)
- DBMS - Database management systems (DBMS)
- DDoS - Distributed denial of service attacks (DDOS)
- DEK - Data encryption key (DEK)
- DiT – Data-in-Transit (DiT)
- DLP - Data loss prevention (DLP)
- DMZ - Demilitarized zones (DMZ)
- DNS - Domain Name System (DNS)
- DoD - U.S. Department of Defense (DoD)
- DPA - Data Protection Act (DPA)
- DPO - Data Protection Officer (DPO)
- DR - Disaster Recovery (DR)
- DS - Device Services (DS)
E - L
Acronyms from E through L:
- EEA - European Economic Area (EEA)
- EEA BCRs - Binding Corporate Rules (legacy VMware's EEA BCRs)
- ENS - Email Notification Service (ENS)
- ETL - Intelligence Connector (ETL)
- EUD - End user device (EUD)
- FADP - Federal Act on Data Protection (FADP)
- FCAPS - Fault, Configuration, Accounting, Performance, and Security (FCAPS)
- FedRAMP - Federal Risk and Authorization Management Program (FedRAMP)
- GDPR - General Data Protection Regulation (EU GDPR)
- GPO - Group Policy Object (GPO)
- HSTS - HTTP Strict Transport Security (HSTS)
- IaaS - Infrastructure-as-a-Service (IaaS)
- ICT - Information and communications technology (ICT)
- IdP - Identity Provider (IdP)
- IDS - Intrusion Detection System (IDS)
- IP – Internet Protocol (IP)
- IRAP - Infosec Registered Assessors Program (AU IRAP)
- ISGC - Information Security Governance Committee (ISGC)
- ISM - Information Security Manual (ISM)
- ISMS - Information Security Management System (ISMS)
- ISO - International Standards Organization (ISO)
- ITIL - Information Technology Infrastructure Library (ITIL)
- ITAM - IT Asset Mgmt. (ITAM)
- ITSM - IT Service Mgmt. (ITSM)
- IVR - Interactive voice response system (IVR)
- JIT - Just-in-time (JIT)
- KMS - Key Management Service (KMS)
- L7 - Layer 7 or application layer
- LMS - Learning Management System (LMS)
M - P
Acronyms from M through P:
- MFA - Multi-factor Authentication (MFA)
- Microsoft EAS - Microsoft Exchange ActiveSync (EAS)
- MitM - Machine-in-the-Middle (MitM)
- N+1 power - there is a power backup in place should any single system component fail
- NCSC - UK National Cyber Security Centre (NCSC)
- NDA - Non-disclosure agreement (NDA)
- NIST - National Institute of Standards and Technology (NIST)
- OAuth - Open authorization (OAuth)
- OCSP - Online Certificate Status Protocol (OCSP)
- OSINT - Open-source intelligence (OSINT)
- OSS/TP - Open-Source and Third-Party software validation (OSS/TP)
- OSSTMM – Open-Source Security Testing Methodology Manual (OSSTMM)
- OWASP - Open Web Application Security Project (OWASP)
- PBKDF2 - Password Based Key Derivation Function 2 (PBKDF2)
- PCI-DSS - Payment Card Industry Data Security Standard (PCI-DSS)
- PCoIP – PC over IP (PCoIP)
- PDU - Power distribution unit (PDU)
- PGP - Pretty Good Privacy (PGP)
- PII - Personally Identifiable Information (PII)
- PIV-D – Personal Identity Verification - Derived (included in Workspace ONE PIV-D Manager)
- PKCS12 - Public Key Cryptography Standard 12 (PKCS12) is a binary format for storing a certificate chain and private key in a single, encryptable file
- PKI - Public key infrastructure (PKI)
- PSR - Product Security Requirements (PSR)
R - S
Acronyms from R through S:
- R&D - Research and development (R&D)
- RA - Registration Authority (RA)
- RBAC - Role-based access controls (RBAC)
- RDS - Remote Desktop Services (RDS)
- RDSH - Remote Desktop Session Host (RDSH)
- REST API - Representational State Transfer (REST) and an architectural style for distributed hypermedia systems
- RPO - Recovery point objective (RPO)
- RSA - Rivest–Shamir–Adleman (RSA)
- RTO - Recovery Time Objective (RTO)
- S/MIME - Secure/Multipurpose internet Mail Extensions (S/MIME)
- SaaS - Software-as-a-Service (SaaS)
- SAFECode - Software Assurance Forum for Excellence in Code (SAFECode)
- SAML - Security Assertion Markup Language (SAML)
- SANS/CWE - aka Common Weakness Enumeration (CWE/SANS)
- SCC - Standard contractual clause (SCC)
- SCRUM - A method used when developing a new product in which a team is allowed to organize itself and make changes as quickly as possible (SCRUM)
- SDDC - Software-defined data centers (SDDCs)
- SDK - Software Development Kit (SDK)
- SDL - Security Development Lifecycle (SDL)
- SDLC - Software Development Life Cycle (SDLC)
- SECR - Security Engineering, Communications & Response (SECR)
- SIEM - Security information management (SIM) and security event management (SEM) combined (SIEM)
- SLA - Service level agreements (SLA)
- SME - Subject Matter Experts (SMEs)
- SOC - Service Organization Control (SOC), when referencing SOC 2 Type 2 audits
- SOC - Security Operations Center (EUC SOC), when referencing incident response, logging, and monitoring and support of operations
- SRC - Security Response Center (Legacy VSRC)
- SSH - Secure shell (SSH)
- SSL - Secure Sockets Layer (SSL)
- SSO - Single Sign-On (SSO)
- SSP - Self-Service Portal (SSP)
- STRIDE - Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE)
T - Z
Acronyms from T through Z:
- TLS - Transport Layer Security (TLS)
- TOTP - Time-based one-time password (TOTP)
- TOU - Terms of Use (TOU)
- UDP - User Datagram Protocol (UDP)
- VCP - VMware Certified Professional (VCP)
- VDI - Virtual Desktop Infrastructure (VDI)
- VMC on AWS - VMware Cloud on AWS
- VPN - Virtual private network (VPN)
- WAF - Web application firewall (WAF)
- WEB/APP - Web and app layers
- XLS – Microsoft Excel spreadsheet (.xls & .xlsx file formats)
- XSRF-TOKEN - Cross-site request forgery (XSRF or CSRF)
Feedback
Your feedback is valuable.
To comment on this paper, contact End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.