Cyber Security Acronyms (W)

WAAPaaS.   Web Application and API Protection as a Service.   A cloud-based service that focuses on improving the security layer for web applications and application program interfaces (APIs). WAAPaaS can mitigate bot activities, enclose web applications in a specially-designed firewall (WAF), and address distributed denial of service (DDoS) attacks.

 

WAF.   Web Application Firewall.   An internet security tool that deploys a proxy server as a protective shield in front of web applications and websites to monitor web traffic, filter data packets, and mitigate suspicious activity, malware, zero-day exploits, and other cyberthreats.  WAFs can be cloud-based, host-based, or network-based.

 

WAMP.   Windows, Apache, MySQL, and PHP.   A web server stack developed for the Microsoft Windows operating system. The acronymn spells out the four core software tools in the stack:

1. Windows: operating system
2. Apache: web server
3. MySQL: relational database management system
4. PHP: object-oriented scripting language

 

WAN.   Wide Area Network.   Any collection of computer networks that can communicate with each other and are distributed over an extensive geographic area. Based on this definition, the Internet is the largest WAN. Many global enterprises use private WANs to connect their offices in different cities around the world.

 

WAP.   Wireless Access Point.   A hardware device used in networking that enables wireless-capable devices to connect a wired network.

 

WAP.   Wireless Application Protocol.   A communication standard for exchanging data over a wireless mobile network. WAP was developed to enhance interoperability and connectivity between wireless devices, such as mobile phones, and the Internet.

 

WAPT.   Web Application Penetration Test.   A process that involves launching simulated cyber attacks against a web application and its ecosystem to 1) detect security flaws and system weaknesses; 2) provide an objective assessment of the application’s overall security posture; and 3) recommend actions that remediate identified weaknesses and improve information security. A WAPT program covers the web application’s source code, front- and backend components, users, APIs, and databases.

 

WAS.   Web Application Security.   The field, technologies, and processes focusing on the protection of web applications, servers, and interfaces from cyber threats such as data theft/corruption, website vandalism, and distributed denial of service (DDoS) attacks.

 

WCE.   Windows Credentials Editor.   A software tool typically used by pentesting professionals to assess the security of a computer system; and by threat actors to retrieve logon session information, dump cleartext passwords that are stored by Windows authentication services, and steal or corrupt access credentials.

 

WebDAV.   Web Distributed Authoring and Versioning.   A standard framework that extends the capabilities of hypertext transfer protocol (HTTP) to improve the process of collaboratively creating and managing web content. WebDAV is governed by the Internet Engineeriung Task Force (IETF).

 

WEP.   Wired Equivalent Privacy.   A deprecated/retired security protocol designed to provide a wireless local area network (WLAN) with protective security layers comparable to those in a wired network. WEP was superseded by the Wi-Fi Protected Areas (WPA) protocol, the most recent version of which is WPA3.

 

WIDS.   Wireless Intrusion Detection System.   A cybersecurity device or software application that monitors the radio spectrum used by wireless local area networks for malicious activity, rogue access points, and policy violations. Once it detects an incident, the WIDS alerts the administrator or a security information and event management (SIEM) system to commence remedial actions. WIDS’ are typically integrated in — and sometimes synonymous to — a wireless intrusion prevention system (WIPS).

 

WIPS.   Wireless Intrusion Prevention System.   A network security device and/or software purposely designed to scan and monitor a wireless LAN’s radio frequency spectrum for misconfigured nodes and malicious activities, with the extended capability of automatically taking countermeasures such as blocking traffic with unknown or suspicious radio signatures.

 

WMI.   Windows Management Instrumentation.   A set of specifications that forms part of the security and maintenance component of the Windows operating system, designed to centralise the management of devices and applications in a network by providing information from instrumented elements about the status of local or remote computer systems. WMI also enables administrators to automate tasks and remotely manage systems. However, threat actors abuse the same capabilities to deploy malware and orchestrate different types of cyber attacks.

 

WPA.   WiFi Protected Access.   A security standard that uses data encryption and user authentication to protect computing devices that are connected to a wireless network. The first version of WPA was released by the Wi-Fi Alliance in 2003, addressing the known weaknesses of its predecessor — and eventually superseding — the Wired Equivalent Privacy (WEP) standard.

 

WPA2.   Wi-Fi Protected Access 2.   The second version of WPA released in 2004. WPA2 includes mandatory support for a stronger, AES (Advanced Encryption Standard)-based encryption protocol.

 

WPA3.   Wi-Fi Protected Access 3.   The third version of WPA released in 2018. Compared to the preceding version, WPA3 has better cryptoghraphic strength, more secure key exchange, and built-in workarounds for weak passwords and for configuring devices with no display interface.

 

WPS.   WiFi Protected Setup.   A communications protocol that makes it easier to  connect devices to a wireless network. WPS has been found to have serious vulnerabilities to cyber attacks, prompting many IT security experts to discourage its use.

 

WTLS.   Wireless Transport Layer Security.   The standard security level for applications that use the wireless application protocol (WAP). WTLS basically extends the capabilities of the Transport Layer Security (TLS) to address the initial limitations of  mobile devices such as low processing power, inadequate memory capacity, and limited bandwidth.

 

WUI.   Web User Interface.   The front-end design elements that allow users to interact with a website and other internet-based services or applications. Typically, a WUI sits on top of a web browser, enabling users to navigate a web service and make different kinds of transactions therein.