Open main menu

Changes

1,466 bytes added ,  12:37, 25 August 2023
Add some security acronyms with help from https://www.softwaresecured.com/blog/
;AJAX : Asynchronous JavaScript and XML = A means to exchange data with a server without loading a whole new page.
;API : Application Programming Interface
;APP : short for Software Application.
;APT : Advanced Package Tool. Created by the Debian project.
;ASP : Application Service Provider
;CNCF:Cloud Native Computing Foundation https://www.cncf.io/ - a sub-foundation of the Linux Foundation.
;CSS: Cascading Style Sheets = A technology that deals with the presentation of content on the web
;DAST: Dynamic Application Security Testing can find security vulnerabilities and weaknesses in a running application, typically web apps. It does that by employing fault injection techniques on an app, such as feeding malicious data to the software, to identify common security vulnerabilities, such as SQL injection and cross-­site scripting (XSS). DAST can also cast a spotlight on runtime problems that can’t be identified by static analysis­­ for example, authentication and server configuration issues, as well as flaws visible only when a known user logs in.
;DKIM: DomainKeys Identified Mail = An IETF specification that combats SPAM on the Internet
;DNS: Domain Name System. An Named Host to IP Address lookup system
;HTTP: HyperText Transfer Protocol = the foundation of data communication for the World Wide Web. See HTML
;HTTPS: HTTP Secure = HTTP using SSL or the newer TLS
;IANAL: I Am Not A Lawyer = but I'll play one on the Internet;-) Because this acronym can be interpreted as crude, Heather Meeker suggests an alternative 'disclaimer' in online discussions: "If this were legal advice, it would have come with an invoice.";IAST: Interactive Application Security Testing. A technique employing an agent inside a running application capable of testing all libraries, frameworks, API endpoints and protocols for security vulnerabilities.
;IETF: Internet Engineering Task Force = organization to make the Internet work better
;IP: Internet Protocol. An IP Address is a host or device name in numeric form.
;PSR-1: PHP Standard Recommendation 1
;PSR-2: PHP Standard Recommendation 2
;RASP: Run-time Application Security Protection is similar to IAST, but rather than testing for vulnerabilities it acts like a watchdog that responds to live threats (e.g. terminating an attacker's session and alerting).
;Regex: Regular Expression = a search and replace syntax that allows for powerful pattern matching
;RSS: Really Simple Syndication = a syntax for sharing data across the web.
;SAST: Static Application Security Testing is to find security vulnerabilities in the application source code earlier in the software development life cycle. Because SAST can be automated in DevOps, it becomes part of SecDevOps
;SCM: Software Configuration Management
;SEO: Search Engine Optimization