Cyber Security Acronyms (S)

Acronyms that start with S

Glossary Home

S/MIME.   Secure/Multipurpose Internet Mail Extension.   An email encryption and signing standard aimed at improving enterprise email communication. Widely used by corporations, S/MIME provides enhanced capabilities and features such as authentication, message integrity and privacy, and non-repudiation of origin.


SA.   Security Association.   The establishment of security attributes that are shared and agreed upon by two network endpoints to bolster data exchange security.


SA.   Situational Awareness.   The level of understanding and foresight an entity has about its vulnerabilities to present threats and potential security risks in its environment. A high level of situational awareness enables an organisation to respond more effectively to such challenges.


SaaS.   Software as a Service.   A type of software distribution and licensing model that is centrally hosted on the cloud and delivered through the internet to customers on a pay-for-use or subscription basis.


SAML.   Security Assertion Markup Language.   An open standard language that allows different parties (typically an identity provider and a service provider) to exchange and validate security-related information such as user identity, authorisation, and authentication data.


SASE.   Secure Access Service Edge.   A network architecture model for combining the capabilities of VPN (virtual private network) and WAN (wide area network) with a range of cloud-native cybersecurity solutions (such as firewalls, zero-trust network access, and secure web gateways) to establish secure connections between services, applications, systems, endpoints, and users regardless of location.


SASL.   Simple Authentication and Security Layer.   A framework that provides services, applications, and shared libraries with mechanisms for authenticating credentials, checking data integrity, and encrypting data. SASL has a number of vulnerabilities, including one exploited by threat actors to divert server resources into spam campaigns.


SAST.   Static Application Security Testing.   A methodology for closely evaluating the source code, byte code, binaries, and data flows of a software application to detect security vulnerabilities.


SBC.   Session Border Controller.   A hardware device or software application that is deployed in a network to regulate how phone call sessions using Voice over Internet Protocol (VoIP) are initiated, conducted, and terminated. SBCs primarily function as a router and a firewall between a carrier service and a network.


SBC.   Single Board Computer.   A fully functional computer hardware whose key components — microprocessor, input/output mechanisms, and memory — are all pre-built on a single circuit board without expansion slots for peripheral hardware.


SCA.   Software Composition Analysis.   An automated process for detecting open-source software in a codebase for the purpose of assessing and managing quality, compliance, and security.


SCA.   Security Control Assessor.   An entity whose main function is to conduct a comprehensive and independent evaluation of an IT system’s security controls.


SCADA.   Supervisory Control And Data Acquisition.   A system of computers, software applications, network data exchanges, sensors, and user interfaces for high-level administration of industrial machinery, processes, and environments.


SCCM.   System Center Configuration Manager.   A software tool developed by Microsoft for managing and securing large sets of applications and computing devices. Now called Microsoft Endpoint Configuration Manager, SCCM provides remote access, endpoint protection, software distribution, patch administration, and inventory services.


SCCs.   Standard Contractual Clauses.   A template of required legal provisions that help EU-based entities that control or process data to legally conduct data exchanges with entities located in jurisdictions beyond the full coverage of the General Data Protection Regulation (GDPR).


SCD.   Source Code Disclosure.   A type of cyber attack where the threat actor gains access to the source code of a server-side application, potentially exposing critical information such as the application’s business logic, configuration files, authentication filters, database connection protocols, and hard-coded passwords.


SCEC.   Security Construction and Equipment Committee.   A standing interdepartmental committee formed by the Australian federal government to evaluate and endorse security equipment and services for official use by public sector agencies.


SDK.   Software Development Kit.   A set of software tools for building computer programs for a specific IT platform, operating system, and or environment. Provided by a relevant vendor, SDKs are packaged as one installable unit and may include compilers, debuggers, code templates, libraries, guides, and documentation.


SDLC.   Software Development Lifecycle.   A process model that outlines the stages  — design, build-out, testing, deployment, maintenance, etc — a typical computer application or information system goes through.


SDN.   Software-defined Networking.   An approach to network design that uses software-based tools to configure and regulate the network’s hardware infrastructure and direct its traffic flows. Among other things, SDN is aimed at improving network adaptability and performance.


SD-WAN.   Software Defined Wide Area Network.   A virtualised IT architecture that uses software along with technologies such as wireless communications, broadband connectivity, virtual private networks (VPN), and internet protocols to centrally control, connect, and extend an enterprise’s networks over large geographical areas. SD-WAN enables administrators to optimise speed and connectivity, and automatically determine the most effective routes to direct application traffic between data centres and branch offices.


SECaaS.   Security as a Service.   A suite of mostly cloud-based IT security solutions provided by a third-party specialist on a subscription or pay-as-you-go basis to organisations that outsource their cybersecurity needs.


SEH.   Structured Exception Handling.   A mechanism in many software programs that manages errors and exceptions that occur during the normal operation of an application. While SEH aims to make applications more reliable and less prone to crashes, threat actors can manipulate SEH to force an application to shut down.


SHA.   Secure Hash Algorithm.   A line of cryptographic algorithms (SHA-O, SHA-1, SHA-2, SHA-3) for mapping data into hashed values, used as a U.S. Federal Information Processing Standard in information security, especially in message authentication codes (MACs) and digital signatures.


SID.   Security Identifier.   A unique, immutable number assigned to a user account, user group, process, or other security entity that a Windows operating system can authenticate.


SIEM.   Security Information and Event Management.   A field in IT security and a suite of solutions focused on helping organisations detect and address real-time threats through the rigorous collection and analysis of log information, security alerts, and contextual data from other sources.


SIM.   Security Information Management.   The practice of gathering, tracking, and analysing security-related data to strengthen an organisation’s overall cybersecuorty posture. SIM software enhances, extends, and automates this process — helping organisations meet compliance standards by protecting data confidentiality, integrity, and availability.


SIP.   Session Initiation Protocol.   A signaling protocol used in internet-based communications to initiate, maintain, and terminate voice and video calls, conferences, and other real-time communication sessions between two or more endpoints in IP networks.


SLA.   Service-level Agreement.   A legal contract between a service provider and its customer that details, among other things, the services being provided and the standards those services should meet.


SLAAC.   Stateless Address Autoconfiguration.   A mechanism in IPv6 (Internet protocol version 6) that enables client devices on a network to automatically generate their own addresses on the interface without the need to use a dynamic host configuration protocol (DHCP) server. SLAAC is vulnerable to cyber attacks that spoof link-layer addresses that can divert data traffic to a bogus and malicious router/site/destination.


SLD.   Second-level Domain.   As used in the Domain Name System (DNS), the domain name to the left of a top level domain extension (such as .com or .net), typically a term that refers to a specific organisation, brand, or person. An SLD is used to identify the owner of a resource on the internet, including websites, page addreses, and email addresses. SDLs can be “spoofed” by malicious hackers in phishing attacks.


SLE.   Single Loss Expentancy.   The cost (loss) in terms of monetary value when a potential threat or risk associated with an asset has occurred. SLE is calculated as the asset value (AV) multiplied by the exposure factor (EF): SLE = AV x EF.


SMB.   Server Message Block.   A communication protocol between clients and servers for sharing access to networked hardware and software resources such as data, files, serial ports, and printers.


SMTP.   Simple Mail Transfer Protocol.   A standard internet communication protocol for transmitting email. Mostly used exclusively to deliver emails to a main server, SMTP is complemented by other protocols such as POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) which handle the retrieval part of the process.


SNMP.   Simple Network Management Protocol.   An application-layer protocol and internet standard for gathering, monitoring, and managing networked devices. SNMP can be used to detect network errors and configure remote devices.


SOA.   Service-oriented Architecture.   A software development model that is built on discrete, self-contained, independent, reusable, and interoperable components called services. SOA enables such services — each designed for a specific task — to communicate across different languages and platforms to form applications.


SOA.   Start of Authority.   A set of DNS (domain name system) data that provides critical information about a domain or zone, including which server is authorised to handle, update, and manage a specific zone.


SOAP.   Simple Object Access Protocol.   A lightweight messaging protocol that seves as an intermediate language for applications built using different programming languages to communicate with each other over the internet. SOAP is often used to create APIs (application program interface).


SOAR.   Security Orchestration, Automation, and Response.   An IT security methodology and a suite of complementary software technologies that enables organisations to gather and analyse threat data from multiple sources and automate the appropriate response to each type of security incident or scenario.


SOC.   Security Operations Centre.   A centralised, dedicated, and strategic grouping of resources (hardware, software, physical and virtual sites, people, processes, and technologies) that serves as a command station for the continuous monitoring, analysis, and protection of enterprise assets as well as the administration and improvement of the organisation’s entire security infrastructure. A cyber-focused SOC is called an information security operations centre (ISOC).


SOC.   System On a Chip.   A single integrated circuit that possesses all the electronic components necessary to perform the functions of a complete system such as a simple computer, a smart phone, a video game console, or an IoT device.


SOCaaS.   Security Operations Center as a Service.   A security operations centre (SOC) offered as a third-party managed service by an IT provider to organisations that outsource their cyber security needs.


SOCKS.   Socket Secure.   An internet protocol that uses a proxy server to facilitate client-server communication through a firewall. SOCKS’ lack of encryption mechanism makes it vulnerable to IP address eavesdropping, man-in -the-middle attacks, and state censorship.


SOCMINT.   Social Media Intelligence.   The field focused on the systematic gathering and analysis of information available on social media platforms and an actual collection, portfolio, or set of such data.


SOE.   Standard Operating Environment.   The recommended way of implementing a specific computer operating system and a collection of software applications associated with it (which are commonly used in servers and endpoint devices such as desktop computers, netbooks, tablets, and mobile phones). SOEs enable IT administrators to reduce complexity in managing a large set of computers by automating some aspects of deployment, maintenance, and troubleshooting.


SOHO.   Small Office, Home Office.   A small business or microenterprise that is typically run from homes or small office spaces. Also, the market segment (for IT services and equipment) composed of such businesses.


SOP.   Same-origin Policy.   A security configuration and mechanism for web browsers that restricts how scripts coded in a web page can access data on another web page, with permission granted only when both web pages have the same origin. SOP helps reduce attack vectors by isolating malicious scripts and preventing criminal websites from attacking legitimate internet-based services.


SOW.   Statement of Work.    A document detailing the scope, deliverables, timelines, payment terms, processes, security considerations, required resources, and the desired/expected end state of an IT project.


SP.   Special Publication.   A collection of standards, guidelines, technical specifications, best practices, recommendations, research, reference materials, and other documents published by the U.S. National Institute of Standards and Technology (NIST) on the privacy and security of information and information systems.


SPF.   Sender Policy Framework.   An email authentication protocol designed to detect forged sender addresses and restrict fraudulent activities during email delivery. SPF helps improve cybersecurity by enabling domain owners to specify their legitimate email servers, making it harder for malicious actors to spoof sender information and mount phishing attacks.


SPI.   Security Parameter Index.   An arbitrarily assigned tag or value that uniquely identifies an IPSec Security Association (SA) that is either manually or dynamically established. An SPI is a required element of an IPSec SA.


SPN.   Service Principal Name.   A name, attribute, or value chosen to uniquely represent and identify a specific service instance. Used to support bi-directional authentication between a service and a client application without the need to submit sensitive authentication data, SPNs can be exploited by threat actors to crack the password of a service user account in the Active Directory (AD) via bruteforce techniques.


SQL.   Structured Query Language        A standardised, domain-specific programming language developed by IBM in the 1970s that is used to manage and perform operations on relational databases. Recognised by the American National Standards Institute (ANSI) as an official standard, SQL can be exploited by threat actors to inject malware into a system and mount other forms of cyber attacks.


SQLi.   SQL Injection or Structured Query Language Injection.   A code insertion technique that adds strings of malicious code into a database query to access sensitive data, alter or corrupt existing data, steal highly confidential information, acquire administratrive credentials, or utterly destroy the target’s database.


SRE.   Site Reliability Engineering.   The practice of using software tools to optimise the reliability and scalability of IT infrastructures, largely by automating tasks and improving the way component systems are managed and issues resolved.


SRP.   Software Restriction Policies.   A settings configuration feature in Windows designed to improve the security, manageability, reliability, and integrity of IT systems by enabling administrators to control which software programs can be executed in an environment. At the extreme, SRP can be used to run only specified programs, fully restricting the execution of all others as a means to prevent untrusted/unknown codes and scripts from running.


SSDLC.   Secure Software Development Lifecycle.   A framework that applies the principles and methods of IT security to the structured process of designing, building, quality-testing, maintaining, and upgrading software applications. In SSDLC, security requirements accompany functional requirements as the core guiding documents ,while risk analysis and security testing go hand-in-hand with traditional SDLC (Software Development Life Cycle) processes.


SSE.   Server Side Encryption.   The encryption of data as it arrives on the application server. Server-side encryption is used in cloud-based servicessuch as Amazon S3 and Microsoft Azure.


SSH.   Secure Shell or Secure Socket Shell.   A cryptographic protocol that enables two computers to securely communicate and exchange encrypted data over unsecured networks. Network administrations commonly use SSH to remotely manage systems and applications via remote logins and command-line executions.


SSI.   Server Side Includes.   A set of inserted directives or the mechanism that enables the inclusion of such directives into an HTML (HyperText Markup Language) document that instructs a web server to execute scripts such as displaying file information and processing dynamic content. In an SSI Injection attack, threat actors exploit the mechanism to inject and execute malicious codes remotely.


SSID.   Service Set Identifier.   A string of characters that identifies a wireless access point (WAP), typically serving as a name for a Wi-Fi network.  Access points (AP) such as routers can broadcast their SSID to allow client devices to connect to a wireless network.


SSL.   Secure Sockets Layer.   An encryption-based technology and internet protocol for establishing secure data exchange between web browsers and servers. When a website is authenticated by the protocol, it receives an SSL certificate and its web address scheme changes from http to https. SSL is the predecessor of the more robust TLS (Transport Layer Security) protocol.


SSN.   Social Security Number.   A unique number issued to citizens and legal residents of the United States serving as the primary national identification number for taxation and other purposes. Many other countries such as Canada, Japan, and  Australia have their own version of SSN. Cyber criminals often steal SSN details to conduct identity fraud, financial theft, and other scams.


SSO.   Single Sign-On.   An authentication method, session, and service that enables a user to access multiple accounts, services, and applications with just a single set of login credentials.


SSP.   Security Support Provider.   A dynamic link library (DLL) that performs security-related tasks and serves as an authetication mechanism in a Windows environment. Threat actors have been known to steal access credentials by injecting malicious SSPs that execute during boot-ups.


SSRF.   Server-side Request Forgery.   A cyber attack that abuses common web server functions to force the target server application into performing malicious activities such as accessing uintended resources, posting requests to arbitrary websites, leaking sensitive data to a spoofed URL, and corrupting/destroying internal data. An SSRF attack can enable a hostile entity to breach databases and/or take full control of a vulnerable server.


STIG.   Security Technical Implementation Guides.   A set of standards detailing the IT security requirements for a specific service, application, or product. STIGs enable the establishment of universal protocols for hardware, software, and networks.


STIX.   Structured Threat Information Expression.   A standardised programming language for exchanging data about IT security threats, designed for common usage and widespread adoption.


STP.   Spanning Tree Protocol.   A network protocol that helps address local area network (LAN) issues arising from redundant paths by preventing the formation of loops within a network topology. However, STP can be exploited by threat actors to orchestrate different types of cyber attacks.


STS.   Security Token Service.   A web service that enables users to use either digital or hardware security tokens typically used in multifactor authentication (such as programmable tokens, smart cards, and single sign-on software tokens).


STUN.   Session Traversal Utilities for NAT (Network Address Translation).   A standardised set of tools and a client-server protocol that helps endpoints and web applications discover firewalls and network address gateways for real-time and interactive communications.


SWG.   Secure Web Gateway.   A network security solution that protects users and organisational assets from web-based threats by enforcing acceptable use policies and compliance standards, by filtering hostile internet traffic such as malware, and by blocking access to malicious websites. Primarily functioning as a proxy between an organisation’s internal users and the Internet, SWG can come in a number of variants including hardware, software, cloud-based, and on-site solutions.


SWRE.   Software Reverse Engineering.   The process of closely examining software code to fully understand its nature, components, data flows, functionalities, and behavior. SRE serves many purposes including the improvement of source codes, detection of vulnerabilites and bugs, protection of intellectual property, neutralisation of malware, and enhancement of cyber security measures.


Sysadmin.   System Administrator.   An IT professional and organisational role responsible for managing the resources needed to support a multi-user computing environment. Sysadmins help ensure 1) the continuous availability of IT systems and services; 2) the optimal performance of networks and applciations; and 3) the strict compliance of users and IT assets to the company’s policy, regulatory, and security standards. Sysadmins typically install, configure, and update both hardware and software. They also create and manage user accounts, while also helping troubleshoot many common technical issues.

Glossary Home


Our Address


1300 667 871 or +61 7 3220 0352

Brisbane Office

Level 5, 488 Queen Street, Brisbane, QLD 4000

Sydney Office

Level 21, 133 Castlereigh Street, Sydney, NSW 2000

Melbourne Office

Level 28, 303 Collins Street, Melbourne, VIC 3000

Our Services

Industry Expertise