Recently I have started a job in a SOC (Security Operations Center).
When you start working in a new company it is normal to notice there are abbreviations the team already uses daily. If you’re a junior starting a new job probably you won’t know the meaning of many, even though some could be obvious. Since you are not used to the abbreviation itself it’s normal to feel a little lost in the first conversations with your teammates.
Here I’ve compiled every abbreviation I encountered during my first month on the job. Feel free to browse trough if you are starting like me, or if you want to empower a new on-boarder to feel more confident.
Let me know if you would like me to add more to this list.
List of Acronyms
| Acronym | Definition |
|---|---|
| AD | Active Directory |
| AD FS | Azure Active Directory Federation Services |
| AV | Anti-Virus |
| CERT | Computer Emergency Response Team |
| CTI | Cyber Threat Intelligence |
| C&C / C2 | Command-and-Control server |
| DFIR | Digital Forensics and Incident Response |
| EDR | Endpoint Detection and Response |
| EPP | Endpoint Protection Platform |
| GPO | Group Policy Object |
| IOC | Indicator of Compromise |
| IR | Incident Response |
| MaaS | Malware-as-a-Service |
| MD | Microsoft Defender (a.k.a Windows Defender) |
| MDI | Microsoft Defender for Identity |
| MFA | Multi-Factor Authentication |
| MISP | Malware Information Sharing Platform |
| MSSP | Managed Security Service Provider |
| PUA | Potential Unwanted Application |
| SIEM | Security Information and Event Management |
| SOC | Security Operations Center |
| SOO | Single Sign-On |
| TOTP | Time-based One-Time Password |
| TTPs | Tactics, Techniques and Procedures |
| WD | Windows Defender |