Version 2.0

Cybersecurity Style Guide

S

S3, S3 bucket (n.)

Simple Storage Service. An Amazon service.

Related:

SaaS (n.)

Software as a service. Pronounced as “sass.” Spell out on first use.

safelist, safelisting (n.)

An alternative term to whitelisting. Use this term to match client preference in client-facing documents.

salami slicing (n.)

Repeatedly stealing money in very small quantities.

salt (v. or n.), salted (adj.)

In encryption, salted code has random values sprinkled in it to make it more difficult to decode. If two users have the same password, salting ensures that their hashes won’t be the same.

Related:

SAM

Security Account Manager. A registry file in Microsoft systems that serves as a password database. Also refers to the Sequence Alignment Map file format. Pronounced as “samm.”

same-origin policy (SOP) (n.)

Spell out on first use to distinguish the acronym from standard operating procedures.

SAML

Security Assertion Markup Language. SAML rhymes with “camel.”

Related:

sandbox (n. or v.)

A testing environment that is isolated from production or a restricted operating system environment for running unverified programs.

Related:

sandbox escape (n.)

Modifying privileges in a system past the manufacturer’s intention in order to gain root access. More generic than “jailbreak.”

sanitized (adj.)

Describes content (usually user input) that has been stripped of unwanted characters to prevent code injection.

The SANS Institute, SANS

The SysAdmin Audit Network Security Institute. Pronounced as “sans.” Do not spell out.

Related:

SASL

Simple Authentication and Security Layer. Pronounced as “sassle.” Spell out on first use.

SBM

Secure Boot Manager. Spell out on first use.

SCADA

Supervisory control and data acquisition. A control system architecture. Spell out on first use.

Scala

Programming language meant to address criticisms of Java.

SCCM

System Center Configuration Manager. Spell out on first use.

Related:

Schannel

Short for Secure Channel. A Windows SSP. Pronounced as “S-channel.”

scope (n.)

The agreed-upon list of applications and environments that an assessment team tests during an engagement.

scope creep (n.)

The gradual expansion of the scope of a project over time. Informal.

</scorpion> or Scorpion

A TV show about hacking that ran from 2014 to 2017.

SCP, scp

Secure copy protocol. Use the tech font when writing about the command. Spell out on first use.

Related:

SSH
scrape (v.), scraping (n.)

A script can retrieve (scrape) all of the data from a web page in lieu of an API retrieving the specifically desired information.

screencap, screenshot (n.)

Don’t use these terms in formal writing unless the method of capture is relevant to the narrative. We recommend calling them figures or using terms that are related to the content, as in “the login page below.”

script kiddie (n.)

A hacker who only knows how to run existing scripts, but not how to write their own. Informal.

scrum (n. or v.)

An Agile framework. Also the name of meetings within that system.

scrypt

A hashing (not encryption) algorithm. Pronounced as “S-crypt.”

Related:

SCSI (n.)

Small Computer System Interface. A parallel interface. Pronounced as “skuzzy.”

the Scunthorpe problem

Non-obscene words are sometimes blocked because they contain a banned string of letters, such as “sex” in “Sussex.”

SDK, SDKs (n.)

Software development kit. Spell out on first use.

SDLC, SDLCs (n.)

Software development lifecycle. Sometimes written as SDL. Spell out on first use.

SDN (n.)

Software-defined networking. Spell out on first use.

Related:

ZTN
sealioning (n.)

A type of trolling that involves persistently asking questions in bad faith. Informal.

second-order (adj.)

Ex: second-order SQL injection

Secure

A flag for protecting HTTP cookies from Man-in-the-Middle attacks.

Secure Boot

A security standard for verifying trusted code during launch.

Related:

secure by default (n.), secure-by-default (adj.)

Ex: The system is secure by default. The system has a secure-by-default configuration.

security breach (n.)

To describe the specific impact of a breach, you can say that information was exposed, disclosed, obtained, or stolen.

Related:

security control (n.)

Code or another tool (as opposed to policy) that enforces repeatable security. There are preventive controls, detective controls, and corrective controls.

security key (n.)

A physical hardware device used to perform MFA.

Related:

Security Monkey

A Netflix tool for AWS configuration monitoring.

security question (n.)

Use the normal font with quotation marks for prompts, as in “What was the name of your favorite unpaid internship?”

Related:

security through obscurity (n.)

The generally maligned practice of making a system extremely complex in the hope that it will prevent anyone from figuring out how to hack it.

Security Without Borders

A collective of industry volunteers who help others solve information security issues. https://securitywithoutborders.org/

seed (n.)

A string of bits used to generate a pseudo-random number for encryption.

seed, seeding (v.)

To upload file parts in peer-to-peer file sharing.

Related:

segregate (v.), segregation (n.)

Do not use. When referring to splitting up network parts, use segment or separate.

SegWit

Short for Segregated Witness. A cryptocurrency protocol.

self-signed (adj.)

Describes a typically insecure cryptographic certificate that has itself as a source of trust.

Semantic Versioning

Also written as SemVer and semver. A versioning system that organizes major, minor, and patch versions.

Ex: 1.0.2, 3.5.16-beta

SEO (n.)

Search engine optimization. Spell out on first use.

serialize (v.), serialization (n.)

The process of turning a data structure into a data stream that can be more easily stored or transmitted.

server (n.)

Write the names and types of servers in the normal font, as in “SMTP server.”

ServerSignature, ServerTokens

Apache directives.

Related:

service provider (SP) (n.)

Spell out on first use.

Related:

servlet, servlets (n.)

A Java program that handles requests for a server.

servo, servos (n.)

Short for servomotor.

Related:

session fixation (n.)

A web application attack in which a victim’s session token is set to a known value, allowing it to be hijacked.

set-top box (STB) (n.)

Also called a cable box.

Related:

SFTP

SSH File Transfer Protocol. Do not spell out unless defining the term.

Related:

SHA-1, SHA-256, SHA-512

Secure Hash Algorithm. SHA is a series of cryptographic hash functions. In informal writing, these are often written lowercase and without hyphens, as in “sha256.” Pronounced as “shah.” Do not spell out.

Related:

SharePoint

A Microsoft product.

shell (n.)

Short for command shell. Informally, you can gain, get, pop, spawn, or drop a shell. Use obtain a shell or gain persistent remote access in formal writing.

shellcode (n.)

Do not pluralize.

Related:

ACE
shell script (n.)

Ex: reverse shell, root shell, webshell

Shellshock

A GNU Bash vulnerability. Also known as Bashdoor.

shelve (v.)

To discontinue the use of. Corporate jargon; use sparingly.

Related:

Shodan

A search engine for devices connected to the internet.

short-name (n.)

A shortened filename. Also called an 8.3 filename.

shoulder surfing (n.)

Standing behind someone to steal their passwords or other information. Informal.

Showdown

A program that translates Markdown into HTML.

shruggie (n.)

¯_(ツ)_/¯ is an elaborate emoticon that expresses indifference or a lack of an answer. Sometimes appears in a simplified form as vOv.

-side (adj.)

Always hyphenate in adjectives.

Ex: client-side, server-side

SIEM (n.)

Security information and event management. Pronounced as “sim” or “see-em.” Spell out on first use.

Signal

A privacy-focused messaging app.

signature (n. or v.)

Avoid using as a verb if possible. Try identify instead.

signed long (n.)

A long, signed integer type of data.

Silicon Valley

A generic term for the tech industry based in the greater San Francisco Bay Area. Also the name of an HBO TV show about a startup company called Pied Piper.

Related:

Silk Road

A black market website that was operational between 2011 and 2014.

Related:

silo, siloed (v.)

To isolate or separate. Corporate jargon; use sparingly.

silo, silos (n.)

Isolated departments within an organization. Corporate jargon; use sparingly.

SIP

Session Initiation Protocol. Spoken out loud as the whole phrase. Spell out on first use.

SIR plan (n.)

Security incident response plan. IR plan and CSIRT may be more familiar terms for your audience. Spell out on first use.

Sitecore

Related:

CMS
Six Sigma

A set of techniques to improve performance and minimize defects.

Related:

QA
skeuomorph (n.)

A modern feature that is styled to look like an older, physical version.

Ex: the floppy disk Save button, the shopping cart icon used by online retailers

SKU, SKUs (n.)

Stock keeping unit. Do not spell out.

Related:

Skynet

The fictional AI tech by Cyberdyne Systems that led to the creation of the Terminator.

SLA, SLAs (n.)

Service-level agreement. Spell out on first use.

Related:

SLAAC attack (n.)

An IPv6 attack that exploits the Stateless Address Autoconfiguration process.

Slack

A group messaging system.

Related:

SLO, SLOs (n.)

Service-level objective. Spell out on first use.

Related:

SLA
slug (n.)

A user-friendly URL. Informal.

Smalltalk

A programming language.

smart lock (n.)

A generic term for an IoT lock.

SmashBot

An unbeatable Nintendo Super Smash Bros. AI created by Dan Petro.

Related:

SMB, SMB 3.0

Server Message Block. Pronounced as letters. Spell out on first use.

Related:

SME, SMEs (n.)

Subject matter expert. Pronounced as “smee,” letters, or the whole phrase. Spell out on first use.

S/MIME

A public encryption key standard for MIME data.

smishing (n.)

Short for SMS phishing. A type of social engineering attack that uses text messages to target individuals. Briefly define on first use.

SMS (n.)

Short message service.

Related:

SMTP

Simple Mail Transfer Protocol.

Related:

sniff (v.)

To monitor and capture data packets that pass through a network.

snippet (n.)

An amount of quoted code. In formal writing, we use a code excerpt instead.

SNMP

Simple network management protocol.

Related:

IPT
SNMPwalk

A network monitoring tool.

Snyk

An open source security tools company. Pronounced as “sneak” or “snick.”

S/O or s/o (v. or n.)

Shout out. A way to publicly thank someone online. Informal.

Related:

SOA

Start of Authority or service-oriented architecture. Spell out on first use to clarify your intended meaning.

Related:

SOAP

Simple object access protocol. Spell out on first use.

Related:

SOC (n.)

Security operations center. Pronounced as “sock.” Spell out on first use.

SoC (n.)

System on chip. Spell out on first use.

The Social Network

A 2010 biopic about the founding of Facebook.

Social Security number (SSN) (n.)

Do not write “SSN number.”

sockets (n.)

For types of socket, use the normal font. For a specific socket, put the socket type in the tech font, as in jmxrxi socket.

SOCKS

Socket Secure protocol. Do not spell out.

Sofacy

A hacking group also known as APT28 or Fancy Bear.

soft skills (n.)

In contrast to hard programming skills, these are communication skills like listening, presenting, and interpersonal networking.

Related:

soft token (n.)

Short for software token. Used to generate a push notification or OTP on an authentication app as part of a multi-factor authentication process.

solid state (adj.)

SSD is short for solid state drive.

SomaFM

DEF CON radio.

SOP, SOPs (n.)

Same-origin policy or standard operating procedure. Pronounced as letters. Spell out on first use.

source code (n.)

Do not abbreviate to “source” in formal writing.

Related:

IDE
SOW, SOWs (n.)

Statement of Work. Pronounced as letters. Spell out on first use.

Related:

SpaceX

Related:

spawn (v.)

Avoid using in formal writing, unless it is the technical term specific to the technology that is being discussed. Try start or create instead.

spear-phishing (n. or v.)

Tailored phishing attacks that are aimed at a specific target.

-specific (adj.)

Always hyphenate.

Ex: client-specific, task-specific

Spectre

A flaw that affects Intel, AMD, and ARM chipsets. It was publicly disclosed in January 2018. The James Bond supervillain organization is SPECTRE.

SpEL

Spring Expression Language.

SpellCheck

A spelling bee competition for hackers that took place at HOPE 13, DEF CON 26, and DEF CON 27. It used this style guide as the word list.

SPF

Sender Policy Framework. Spell out on first use to avoid confusion with the sunscreen rating system.

spider (v.)

To crawl websites to index pages. Define on first use.

Related:

spin up (v.)

Avoid using in formal writing. Try launch, instantiate, power on, or create instead.

Splunk

A SIEM tool.

SPN, SPNs (n.)

Service principal name. Pronounced as letters or the whole phrase. Spell out on first use.

spoof, spoofing (v. or n.)

To create a fraudulent, attacker-controlled replica of legitimate data (e.g., a website).

springboard (n.)

Corporate jargon; use sparingly.

Spring Framework

A Java application framework.

SQL

A programming language. Precede with “a” in phrases like “a SQL query.” Pronounced as “sequel” or as letters.

SQLi

SQL injection. An application vulnerability. Pronounced as “sequel-eye.” Spell out on first use.

sqlmap

A tool that finds and exploits SQL injections.

Square Cash

A mobile payment service.

Related:

Squid

A web proxy.

SSD, SSDs (n.)

Solid state drive. A drive with no moving parts. Spell out on first use.

SSDLC, SSDLCs (n.)

Secure software development lifecycle. Spell out on first use.

Related:

SSH

Secure Shell protocol. It always uses TCP port 22. Do not spell out unless defining the term.

Related:

SSHD, SSHDs (n.)

Solid state hybrid drive. Spell out on first use.

SSI

Server Side Includes. A programming language. Spell out on first use.

SSID, SSIDs (n.)

Service set identifier. The human-readable name of a Wi-Fi network. Spell out on first use in public-facing documents.

SSL, SSL 2, SSL 3

The Secure Sockets Layer protocol, which is outdated and vulnerable to the POODLE attack. Do not spell out unless defining the term.

Related:

EAP
SSL Labs

An SSL research effort from Qualys.

SSL/TLS

Secure Sockets Layer/Transport Layer Security. Communications security protocols. Do not spell out unless defining the term.

SSN, SSNs (n.)

Social Security number. Don’t capitalize “number.” Spell out on first use.

Related:

SSO (n.)

Single sign-on. Spell out on first use.

Related:

SSP, SSPs (n.)

Security support provider. Spell out on first use.

SSRF

Server-side request forgery. Spell out on first use.

Related:

SSTI

Server-side template injection. Spell out on first use.

Stadia

A Google cloud-based gaming platform.

Related:

stageless (adj.)

Does not need to be staged.

Ex: a stageless Meterpreter payload

Related:

stand-up (n.)

An informal daily work meeting.

Startpage

A privacy-focused search engine.

Related:

start up (v.), startup (adj. or n.)

Ex: Start up the laptop. A startup company.

stateful (adj.)

Describes a protocol in which recipients of a request can track the session from previous requests.

Ex: FTP

stateless (adj.)

Describes a protocol where the session state is tracked in each request without referring to previous communications.

Ex: HTTP

STEAM (n.)

Science, technology, engineering, arts, and math.

Related:

Steam

A video game distribution platform.

steganography (n.)

A strategy of hiding information to avoid its capture rather than openly disguising it through cryptography.

STEM (n.)

Science, technology, engineering, and math.

Related:

Stingray

A surveillance tool that appears as a Wi-Fi network but actually takes information from the devices that connect to it.

STIX

Structured Threat Information Expression. A language used for threat analysis.

STP

Spanning Tree Protocol.

Related:

The Streisand Effect

The effect states that requesting the internet to not do something will cause the internet to deliberately do that thing more.

Related:

string literal (n.)

A string of characters written directly into the code.

Stuxnet

A worm that sabotaged Iranian uranium enrichment in 2010.

su

Short for superuser. Use the tech font, as in su command.

subdomain (n.)

Ex: know.bishopfox.com is a subdomain of bishopfox.com.

subnet (n.)

A group of IP addresses.

Ex: 1.0.0.0/24

Related:

subreddit (n.)

Ex: r/hacking

Related:

Subresource Integrity (SRI)

A browser security feature.

subtweet (n. or v.)

Informal.

Related:

Subversion (SVN)

A version control system.

subversion (n.)

Noun form of “subvert.” Avoid using this to mean a “sub” version. Use minor version, patch, or just version instead.

sudo or sudo

Superuser do. Write in the normal font if referring to sudo privileges. If referring to the command sudo, use the tech font.

sudoer (n.)

Someone who has sudo privileges. Informal. In formal writing, try “user with sudo privileges” if it’s not part of a set expression.

sudoers

The sudo configuration file.

Summercon

An annual security conference in New York.

sunset (v.)

Corporate jargon for planned phasing out. OK to use sparingly in the infinitive. Also try no longer support or decommission.

superclass (n.)

If writing about a type of superclass, use the normal font. If it’s the name of a superclass, use the tech font, as in Throwable.

Related:

SuperHappyDevHouse (SHDH)

A type of hackathon party that started in the Bay Area and now has global offshoots.

superuser (n.)

Related:

SVN

Apache Subversion. Spell out on first use.

Swagger

Open source software framework and tools to build, design, and document APIs.

Sweet32 (n.)

A cryptographic birthday attack.

SWF, .swf file

Pronounced as “swiff.”

Related:

SWIFT

Society for Worldwide Interbank Financial Telecommunication. Do not spell out.

Ex: SWIFT network

Related:

Symfony

A PHP framework.

syntax highlighting (n.)

Displaying text within code in different colors based on keywords or categories. We do not use syntax highlighting in client-facing reports.

system (n.)

If writing about a specific system, use the tech font, as in “the dev_test system.” Otherwise, use the normal font.

system on chip (SoC) (n.)

Spell out on first use.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.