Security Acronyms
This glossary provides a quick reference for common security acronyms and terms used in modern cybersecurity frameworks and tools. Use this guide to better understand security documentation, compliance requirements, and technical discussions related to application and cloud security.
AICPA SOC 2 - System and Organization Controls 2
CVE - Common Vulnerabilities and Exposures
ASPM - Application Security Posture Management
CSPM - Cloud Security Posture Management
SAST - Static Application Security Testing
SCA - Software Composition Analysis
DAST - Dynamic Application Security Testing
EASM - External Attack Surface Management
CNAPP - Cloud-Native Application Protection Platform
DSPM - Data security posture management
SIEM - Security Information and Event Management
RASP - Runtime Application Self Protection
WAF - Web App Firewall
GRC - Governance Risk & Compliance
MDR - Managed Detection Response
SBOM - Software Bill of Materials
NIS2 - Network and Information Security Directive 2
Last updated
Was this helpful?