Glossary of Computer Security Terms

This page provides explanations of some of the terms and abbreviations commonly used in computer security.

Acronym for Active Directory. Microsoft's implementation of an LDAP directory. A directory is a central database containing all the data and authentication information of the users of a computer network.
ANSSI
Acronym of National Information Systems Security Agency (in French). As its name indicates, it is the governmental organization that aims to coordinate the efforts of the French professional computer security community. Its role is to issue recommendations and disseminate knowledge to secure information systems, and also to provide support to businesses and local authorities.
CERT
Acronym of Computer Emergency Response Team. A centre with two objectives: to alert companies and administrations and to react to computer attacks, but also to take proactive steps to inform and raise awareness in order to prevent such attacks. In addition, the various CERTs are encouraged to communicate with each other and coordinate their efforts to ensure a better transmission of information.
CNIL
Acronym of National Commission of Computer Sciences and Liberties (in French). French and independant administrative authority, created with the "Loi Informatique et Libertés" (LIL) law of 1978, tasked with accompanying companies that collect personal data and fining those that do not respect the rules.
CSIRT
Acronym of Computer Security Incident Response Team. This term is used instead of CERT in countries other than the United States, as CERT is a registered trademark of the Carnegie-Mellon University.
CSRF
Acronym of Cross-Service Request Forgery. A type of vulnerability in an application that does not sufficiently check the permissions a user benefits before performing an action. The attacker is attempting to execute, by various means, a URL by an administrator logged into the application. It then performs the sensitive action, such as adding a user or privileges to a user, without ensuring that the original administrator has voluntarily triggered it.
CVE
Acronym of Common Vulnerabilities and Exposure. The CVE system allows for the identification and classification of software vulnerabilities found around the world. Each vulnerability is assigned a unique identifier including the year of discovery, as well as a CVSS score.
CVSS
Acronym of Common Vulnerability Scoring System. This is the software vulnerability rating system that allows you to assign a criticality rating to each vulnerability. This score is composed of different criteria, including the vulnerability exploitation conditions (need to be connected to the service, or simply to access it remotely), the ease of exploitation (accessible to an inexperienced attacker), and the impact on the security of the vulnerable system. The ANSSI classification scale we use in our audit reports is ultimately a simplification of this system.
DC
Acronym of Domain Controller. A domain controller is a Windows server that controls and administers all the machines in a Windows corporate network. So it's one or more very privileged machines that are usually the target of attackers.
DA
Acronym of Domain Admin. A domain administrator is a user account on corporate Windows networks that has the necessary privileges to connect to domain controllers to perform administrative operations on the computer network. So it's one or more very privileged accounts that are usually the target of attackers.
DCP
Acronym of Personal Data (in French). Personal data corresponds to information that can identify, directly or indirectly by cross-referencing information, a natural person. Some examples of personal data: first name, last name and photograph of course, but also place and date of birth, pseudonym, reservation number, blood group, IP address, voice sample...
DDOS
Acronym of Distributed Denial Of Service. An attack that aims to saturate a computer server's resources by bombarding it with requests from a large number of different IP addresses. Opponents who carry out these kinds of attacks usually control a network of bots or zombie computers, i.e. computers that have been infected and are silently controlled by the attacker.
DPD
Acronym of Delegate to the Protection of Data. It is the French name for a DPO.
DPO
Acronym of Data Protection Officer. This is the person in charge of data security in a company, in particular the personal data that the company may hold. This is the liaison point between the company and the CNIL for all matters relating to personal data.
ECSC
Acronym of the European Cyber Security Challenge. An IT security competition for young enthusiasts between 14 and 25 years of age, where teams from different European countries compete against each other in various security challenges.
EDR
Acronym of Endpoint Detection and Response. A technology used on endpoints, i.e. computers and servers, to detect and potentially stop suspicious activity. EDR are supposed to detect malicious behavior more than malicious and easily circumvented file signatures, which is usually a function attributed to antivirus solutions.
EVPN
Acronym of Ethernet Virtual Private Network. A network protocol designed to encrypt data traveling over a link. Being on the lower layers of the OSI model, encryption is supposed to be performed there in a more efficient and optimized manner than traditional VPN solutions.
FIC
Acronym of International Cybersecurity Forum (in French). AlgoSecure has been present at this annual IT security meeting for several years now, taking place at the Grand Palais in Lille at the end of January. Come see us and meet some of our team members!
FOVI
Acronym of False Wire Transfer Orders (in French). A social engineering attack in which the attacker aims to have a company make a fraudulent bank transfer to another bank account under his or her control. It's also called "wire fraud", or "president scam", because the identity of the company president is often impersonated.
GPO
Acronym of Group Policy Object. GPOs are settings, deployed by the administrators of a Windows computer network, on all or part of the company's workstations and servers. These settings can apply restrictions, privileges, scripts, or change system settings without the administrator having to perform these operations manually on every machine in the environment.
ICS
Acronym of Industrial Control System. A global term that designates all the equipments used to control and monitor industrial systems. SCADA (Supervisory Control and Data Acquisition) is one type of industrial control system among others.
IDS
Acronym of Intrusion Detection System. A system that monitors a computer network for attacks in real time, using mechanisms based primarily on behaviour or reputation Some may also base their detection on a signature mechanism, although this approach is becoming less and less effective, at least against targeted attacks.
IPS
Acronym of Intrusion Prevention System. It's an advanced IDS system that also has capabilities to block detected attacks.
LAN
Acronym of Local Area Network Strong. Refers to the internal computer network of a company, i.e. the network that connects servers and workstations to each other, which is supposed to be unreachable from the Internet. As opposed to the WAN, which refers to the external part of the computer network exposed on the Internet.
LAPS
Acronym of Local Admin Admin Password Solution. An enterprise IT security solution provided by Microsoft to easily manage the local administration of all servers and workstations. Rather than setting a single password for all local Administrator accounts on servers and workstations, LAPS allows for a different local Administrator account password per machine.
LDAP
Acronym of Lightweight Directory Access Protocol. A protocol that defines how to communicate with a directory in order to read or write data. Over time, it has developed and now defines how to classify, store and name data in a directory.
LLMNR
Acronym of Link-local Multicast Name Resolution. A name resolution protocol, successor of NBT-NS, allowing to match an IP address with a machine name, exclusively on a local network. It is usually used in Windows corporate networks, but suffers from an intrinsic vulnerability that usually allows an attacker to steal user authentication data. It is therefore strongly advised to disable it, after installing a functional DNS server on the company network.
MARION
Acronym of Level-Optimized Computer Risk Analysis Method (in French). It is a French risk analysis method, like the EBIOS method for example. The aim is to propose a method for identifying the risks to which a company is exposed so that it can act on them. This is the ancestor of the MEHARI method (Harmonized Method of Risk Analysis, in French).
MCO
Acronym of Operational Conditions Maintainment (in French). The final phase of an IT project to ensure its sustainability over time. In concrete terms, this means the supervision, maintenance and updating of computer resources. Unfortunately, this is often an underestimated phase in a project, but it is the one that can reduce the likelihood of a security incident.
MSP
Acronym of strong>Managed Service Provider. An IT services company that administers and supervises the services of its clients remotely. The advantage of an MSP is to benefit from a recurring source of income, thanks to a subscription-based approach, while relieving its customers of the management of their information system.
NBT-NS
Acronym of NetBIOS over TCP/IP Name Service. A naming system developed by IBM and used by Windows to make the different machines on a network communicate with each other. It is usually used in Windows corporate networks, but suffers from an intrinsic vulnerability that usually allows an attacker to steal user authentication data. It is therefore strongly advised to disable it, after installing a functional DNS server on the company network.
NTDS
Acronym of strong>New Technologies Directory Services. This is the former name of Active Directory. Usually refers to the database that stores the entire directory, i.e. the information and privileges of users on a Windows computer network. It contains, among other things, the NTLM hashes of the passwords of users on the corporate Windows network, and is therefore highly prized by attackers.
NTLM
Acronym of Strong>New Technologies Lan Manager. An authentication mechanism in Windows computing environments. Usually refers to the fingerprint or hash generated by such a mechanism to store the password of a Windows system user. For purposes of differentiation, the network authentication protocol is generally referred to as Net-NTLM and exists in two versions: Net-NTLMv1 and Net-NTLMv2.
OIV
Acronym of Vital Importance Operator (in French). It is a French term used to identify organizations that play a critical or dangerous role for the population. Special security requirements apply to these organizations. There may be companies involved in energy, transportation, communications, hazardous materials production, military or research activities. The list is not being released publicly.
OWASP
Acronym of Open Web Application Security Project. An open community governed by a non-profit organization working to secure the web in the broadest sense. It provides security recommendations for publishers, as well as guides and tools for assessing the security of applications. It regularly publishes a list of the most exploited security vulnerabilities on the web, the well-known OWASP Top 10.
PCA
Acronym of Business Continuity Plan. A set of measures enabling a company to continue to operate in the event of a disaster, breakdown or major incident, while minimising the duration of any interruption. One of the first steps is to conduct a risk analysis.
PDCA
Acronym of Plan, Do, Check, Act, strong. Also known as "Deming's Wheel", it's a common sense method that can be applied to all areas. The idea is to follow a methodological process aimed at improving a product or service, or solving a problem, in an efficient and sustainable manner. We plan an evolution, implement it, check the result of the implementation, then act to correct it and adjust if necessary. Then we start again.
PRA
Acronym of Business Recovery Plan (in French). A set of procedures to be carried out after a major accident has occurred within a company, which has forced it to temporarily cease its activity. As with the BCP, one of the first steps is to conduct a risk analysis.
PLC
Acronym of Programmable Logic Controller. These are computers specifically designed to control industrial systems. They are optimized to function with industrial machines in harsh environments where temperature, vibrations and dust can complicate operations.
PSSI
Acronym of Information System Security Policy (in French). A reference document listing a set of rules and policies aimed at ensuring the security of an information system and reflecting the strategy of the company or organisation.
PTES
Acronym of Penetration Testing Execution Standard. A reference document that lists the steps and methods to be followed in conducting a penetration test. It's a standard that any service company offering penetration testing has to meet, and of course we do.
RGPD
Acronym of General Data Protection Regulation (in French). European regulation that came into force in May 2018 and defines how companies that process personal data of European citizens should access, handle and secure these data. It also reinforces and grants a number of rights to European citizens, who can exercise them with companies that hold their personal data. Finally, it provides for dissuasive sanctions for companies that fail to comply with the Regulation.
SAM
Acronym of Security Account Manager. The local database for storing the NTLM hash of local user accounts in a Windows system. The SAM database is physically stored in a file, and is also integrated into the Windows registry. Access to this database and the information it contains obviously requires high privileges on the system.
SIEM
Acronym of Security Information and Event Management. It is a system that centralizes the event logs of a company's computer systems, and allows for the analysis and correlation of all these traces in order to identify and understand a computer attack. SIEMs also allow these traces to be kept for archiving purposes, and the most advanced among them can also replay security events to allow defensive teams to perfect their defences.
SIIV
Acronym of Vital Information System (in French). This acronym designates the information system of an VIO, the IS (Information System) of an VIO is therefore a VIS. Specific rules laid down by the Prime Minister's Office are applicable to VIS according to the sector of activity of the VIO that administers them.
SMSI
Acronym of Information Security Management System (in French). It is a set of rules and policies governing the management of information security. An ISMS focuses more on processes and people than on technology to ensure information security.
SOC
Acronym of Security Operation Center. SOC means the team in a company that oversees the security of its information system. The purpose of a SOC is to manage security incidents and monitor a company's assets in order to respond quickly and effectively against attacks.
SQLi
Acronym of SQL injection. SQL (Structured Query Language) is a language that allows a website or software application to communicate with a database. An SQL injection is an attack that exploits a vulnerability in the application communicating with the database, allowing it to hijack its original operation in order to illegitimately read or modify data.
SSL
Acronym of Secure Socket Layer. The SSL protocol governs the way in which a computer and a server securely exchange data, specifically the layer of encryption that protects data from potential interception during transmission between the two parties. This term is less and less used nowadays, in favor of the evolution of this protocol called TLS.
SYSVOL
Acronym of SYStem VOLume. A network share, accessible to all users on a Windows corporate network, that is used to store scripts or GPOs for automatic use by Windows systems that have access to it.
TLS
Acronym of Transport Layer Security. This is the evolution of the SSL protocol. This new name was adopted in part because of the structural differences between the two protocols, and the security gains brought by TLS. Different versions of this protocol exist, the most recent being version 1.3.
WAF
Acronym of Web Application Firewall. It is a tool designed to be placed upstream of a web server, and is intended to block certain basic attack attempts such as SQL injections or XSS vulnerabilities. WAFs are notoriously difficult to implement due to the false positives they can generate, and are relatively efficient. In this, it is generally advisable to integrate them as a last resort, when the potentially vulnerable application they protect cannot be secured within an acceptable time frame.
WAN
Acronym of Wide Area Network. It is a wide computer network, for example, linking all the resources of a society between different cities, regions or countries. The Internet is often referred to as the largest of the WANs.
XSS
Acronym of Cross-Site Scripting. A type of vulnerability in a web application in which the attacker is able to execute Javascript code in the browser of another user of the application, without his or her knowledge. A lack of filtering of the data entered and/or a lack of encoding of the data display is exploited for this purpose.

You've enabled "Do Not Track" in your browser, we respect that choice and don't track your visit on our website.