Acronyms used in the Workspace ONE and Horizon Cloud Security Series

Overview

This document provides a list of acronyms and respective definitions that you may encounter in the Workspace ONE and Horizon Cloud security series, which can be found on the Tech Zone Security page.

A - B

Acronyms from A through B:

ACL - Access control list (ACL)
ACSC - Australian Cyber Security Centre (ACSC)
AD - Active Directory (AD)
ADFS - Active Directory Federation Services (ADFS)
AES - Advanced Encryption Standard (AES)
AMI - Amazon Machine Images (AMI)
AOC PCI - Attestation of Compliance (AoC) Payment Card Industry (PCI)
APAC - Asia-Pacific region (APAC)
API - Application programming interface (API)
ASF - Defensive-centric perspective (ASF)
ASV - Approved Scanning Vendor (ASV)
AV - Anti-virus (AV)
AWF - Alternative workforce (AWF)
AWS - Amazon Web Services (AWS)
AZ - Availability Zone (AZ)
BC - Business Continuity (BC)
BC – Broadcom (BC)
BCR - Binding Corporate Rules (BCRs)
BSIMM - Building Security in Maturity Model (BSIMM)
BYO - Bring your own (device (BYOG) or key (BYOK))

C - D

Acronyms from C through D:

CA - Certificate Authority (CA)
CAIQ - Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CAIQ)
CCDA - Cisco Certified Design Associate (CCDA)
CCDP - Cisco Certified Design Professional (CCDP)
CCIE – Cisco Certified Internetwork Expert (CCIE)
CCNP – Cisco Certified Network Professional (CCNP)
CCNA – Cisco Certified Network Associate (CCNA)
CCSP - Certified Cloud Security Professional (ISC2 CCSP)
CCTV - Closed Circuit Television Camera (CCTV)
CD - Continuous Delivery (CD)
CDN - Content Delivery Network (CDN)
CEH - Certified Ethical Hacker (CEH)
CI/CD - Continuous integration, continuous deployment pipeline (CICD)
CIPM - Certificate in Investment Performance Measurement (CIPM
CIPP/E - Certified Information Privacy Professional/Europe (CIPP/E)
CIS - Center of Internet Security (CIS) Benchmarks
CISM - Certified Information Security Manager (CISM)
CISSP - Certified Information Systems Security Professional (ISC2 CISSP)
CMMC - Cybersecurity Maturity Model Certification (DISA CMMC)
CompTIA - Computing Technology Industry Association (CompTIA)
CSA - Cloud Security Alliance (CSA)
CSRF - Cross-site request forgery (XSRF or CSRF)
CSV - Comma-separated values (CSV)
CUI - Controlled Unclassified Information
CVSS - Common Vulnerability Scoring System (CVSS)
CWE/SANS - Common Weakness Enumeration (CWE/SANS)
DaR – Data-at-Rest (DaR)
DBMS - Database management systems (DBMS)
DDoS - Distributed denial of service attacks (DDOS)
DEK - Data encryption key (DEK)
DiT – Data-in-Transit (DiT)
DLP - Data loss prevention (DLP)
DMZ - Demilitarized zones (DMZ)
DNS - Domain Name System (DNS)
DoD - U.S. Department of Defense (DoD)
DPA - Data Protection Act (DPA)
DPO - Data Protection Officer (DPO)
DR - Disaster Recovery (DR)
DS - Device Services (DS)

E - L

Acronyms from E through L:

EEA - European Economic Area (EEA)
EEA BCRs - Binding Corporate Rules (legacy VMware's EEA BCRs)
ENS - Email Notification Service (ENS)
ETL - Intelligence Connector (ETL)
EUD - End user device (EUD)
FADP - Federal Act on Data Protection (FADP)
FCAPS - Fault, Configuration, Accounting, Performance, and Security (FCAPS)
FedRAMP - Federal Risk and Authorization Management Program (FedRAMP)
GDPR - General Data Protection Regulation (EU GDPR)
GPO - Group Policy Object (GPO)
HSTS - HTTP Strict Transport Security (HSTS)
IaaS - Infrastructure-as-a-Service (IaaS)
ICT - Information and communications technology (ICT)
IdP - Identity Provider (IdP)
IDS - Intrusion Detection System (IDS)
IP – Internet Protocol (IP)
IRAP - Infosec Registered Assessors Program (AU IRAP)
ISGC - Information Security Governance Committee (ISGC)
ISM - Information Security Manual (ISM)
ISMS - Information Security Management System (ISMS)
ISO - International Standards Organization (ISO)
ITIL - Information Technology Infrastructure Library (ITIL)
ITAM - IT Asset Mgmt. (ITAM)
ITSM - IT Service Mgmt. (ITSM)
IVR - Interactive voice response system (IVR)
JIT - Just-in-time (JIT)
KMS - Key Management Service (KMS)
L7 - Layer 7 or application layer
LMS - Learning Management System (LMS)

M - P

Acronyms from M through P:

MFA - Multi-factor Authentication (MFA)
Microsoft EAS - Microsoft Exchange ActiveSync (EAS)
MitM - Machine-in-the-Middle (MitM)
N+1 power - there is a power backup in place should any single system component fail
NCSC - UK National Cyber Security Centre (NCSC)
NDA - Non-disclosure agreement (NDA)
NIST - National Institute of Standards and Technology (NIST)
OAuth - Open authorization (OAuth)
OCSP - Online Certificate Status Protocol (OCSP)
OSINT - Open-source intelligence (OSINT)
OSS/TP - Open-Source and Third-Party software validation (OSS/TP)
OSSTMM – Open-Source Security Testing Methodology Manual (OSSTMM)
OWASP - Open Web Application Security Project (OWASP)
PBKDF2 - Password Based Key Derivation Function 2 (PBKDF2)
PCI-DSS - Payment Card Industry Data Security Standard (PCI-DSS)
PCoIP – PC over IP (PCoIP)
PDU - Power distribution unit (PDU)
PGP - Pretty Good Privacy (PGP)
PII - Personally Identifiable Information (PII)
PIV-D – Personal Identity Verification - Derived (included in Workspace ONE PIV-D Manager)
PKCS12 - Public Key Cryptography Standard 12 (PKCS12) is a binary format for storing a certificate chain and private key in a single, encryptable file
PKI - Public key infrastructure (PKI)
PSR - Product Security Requirements (PSR)

R - S

Acronyms from R through S:

R&D - Research and development (R&D)
RA - Registration Authority (RA)
RBAC - Role-based access controls (RBAC)
RDS - Remote Desktop Services (RDS)
RDSH - Remote Desktop Session Host (RDSH)
REST API - Representational State Transfer (REST) and an architectural style for distributed hypermedia systems
RPO - Recovery point objective (RPO)
RSA - Rivest–Shamir–Adleman (RSA)
RTO - Recovery Time Objective (RTO)
S/MIME - Secure/Multipurpose internet Mail Extensions (S/MIME)
SaaS - Software-as-a-Service (SaaS)
SAFECode - Software Assurance Forum for Excellence in Code (SAFECode)
SAML - Security Assertion Markup Language (SAML)
SANS/CWE - aka Common Weakness Enumeration (CWE/SANS)
SCC - Standard contractual clause (SCC)
SCRUM - A method used when developing a new product in which a team is allowed to organize itself and make changes as quickly as possible (SCRUM)
SDDC - Software-defined data centers (SDDCs)
SDK - Software Development Kit (SDK)
SDL - Security Development Lifecycle (SDL)
SDLC - Software Development Life Cycle (SDLC)
SECR - Security Engineering, Communications & Response (SECR)
SIEM - Security information management (SIM) and security event management (SEM) combined (SIEM)
SLA - Service level agreements (SLA)
SME - Subject Matter Experts (SMEs)
SOC - Service Organization Control (SOC), when referencing SOC 2 Type 2 audits
SOC - Security Operations Center (EUC SOC), when referencing incident response, logging, and monitoring and support of operations
SRC - Security Response Center (Legacy VSRC)
SSH - Secure shell (SSH)
SSL - Secure Sockets Layer (SSL)
SSO - Single Sign-On (SSO)
SSP - Self-Service Portal (SSP)
STRIDE - Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE)

T - Z

Acronyms from T through Z:

TLS - Transport Layer Security (TLS)
TOTP - Time-based one-time password (TOTP)
TOU - Terms of Use (TOU)
UDP - User Datagram Protocol (UDP)
VCP - VMware Certified Professional (VCP)
VDI - Virtual Desktop Infrastructure (VDI)
VMC on AWS - VMware Cloud on AWS
VPN - Virtual private network (VPN)
WAF - Web application firewall (WAF)
WEB/APP - Web and app layers
XLS – Microsoft Excel spreadsheet (.xls & .xlsx file formats)
XSRF-TOKEN - Cross-site request forgery (XSRF or CSRF)

Feedback

Your feedback is valuable.

To comment on this paper, contact End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.

Filter Tags

Workspace ONE Workspace ONE UEM Document Fundamental Overview