📖 Cloud Security Glossary

Cloud Security Glossary

Cloud security has more three-letter acronyms than any reasonable field should. This page is the cheat sheet. - from the page intro above

No terms match your search. clear.

Contents

• Cloud Service & Deployment Models
• Compute, Containers & Serverless
• Identity & Access Management (IAM)
• Networking & Zero Trust
• Data Protection, Secrets & Cryptography
• Logging, Detection & Response
• Posture, Policy & the *PM Family
• Vulnerability & Supply-Chain Security
• Compliance Frameworks
• Threats, Attacker Techniques & Frameworks
• AI, LLM & Agentic-System Security
• DevOps, IaC & Operating Concepts
• Standards Bodies & Authorities

Cloud Service & Deployment Models

IaaS - Infrastructure as a Service

Raw compute, storage, and network resources on demand. You manage the OS and everything above. Examples: EC2, Azure VM, GCE.

PaaS - Platform as a Service

The provider runs the OS and runtime; you ship code. Examples: App Service, App Engine, Elastic Beanstalk.

SaaS - Software as a Service

Fully hosted application; you manage only your data and users. Examples: Microsoft 365, Salesforce, Workday.

FaaS - Function as a Service

Run a piece of code in response to an event. Provider handles everything else. Examples: AWS Lambda, Azure Functions, GCP Cloud Functions.

Public / Private / Hybrid / Multi-Cloud

Public is shared infrastructure (AWS, Azure, GCP). Private is dedicated. Hybrid mixes them. Multi-cloud uses two or more public providers.

Cloud-Native

Architecture that takes advantage of cloud-specific properties - elasticity, managed services, ephemeral compute, declarative APIs.

Shared Responsibility Model

The provider secures the cloud (hardware, hypervisor, physical sites); the customer secures what's in the cloud (data, identities, configuration). The line shifts depending on the service tier.

Tenant / Multi-Tenant

A logical boundary for one customer's data, identities, and configuration in a shared platform. Multi-tenant SaaS keeps many tenants isolated on the same infrastructure; the cross-tenant boundary is the provider's most security-critical control.

Compute, Containers & Serverless

Container

An OS-level isolated process bundle. Same kernel as the host, separate userland.

Image

The static template a container is launched from. Layered, immutable, and addressable by digest.

Registry

Where container images live (Docker Hub, ECR, GHCR, ACR, GAR).

Kubernetes (K8s)

Open-source container orchestration. Schedules workloads onto a fleet of nodes via a declarative API.

Pod

The smallest deployable unit in K8s - one or more co-located containers that share a network namespace.

Sidecar

A helper container co-located with an app container in the same pod (commonly for proxies, log shippers, secret fetchers).

Service Mesh

An infrastructure layer that handles east-west service-to-service traffic - mTLS, retries, traffic shifting. Examples: Istio, Linkerd.

Serverless

Compute model where you don't manage servers, scaling, or capacity - typically functions or container runtimes that scale to zero.

EKS / AKS / GKE

Managed Kubernetes from AWS / Azure / Google.

ECS / Fargate

AWS container orchestration (ECS) and its serverless data plane (Fargate).

EC2 - Elastic Compute Cloud

AWS's foundational IaaS compute service: virtual machines you launch, scale, and snapshot on demand. The historical entry point for cloud workloads and the surface most cloud-security misconfigurations show up on (open security groups, public AMIs, exposed IMDS).

Lambda / Functions / Cloud Functions / Cloud Run

FaaS offerings from AWS (Lambda) / Azure (Functions) / Google (Cloud Functions and Cloud Run, the latter for container-based serverless).

Confidential Computing

Hardware-enforced memory encryption (Intel SGX, AMD SEV, AWS Nitro, Azure Confidential VMs) so the cloud provider can't see your workload memory in plaintext.

Hypervisor

Software that creates and isolates virtual machines. Type 1 runs on bare metal (ESXi, Xen, KVM); Type 2 runs on a host OS (VirtualBox, Parallels). The control plane the cloud provider secures.

eBPF

Extended Berkeley Packet Filter - a Linux kernel runtime that safely executes sandboxed programs attached to syscalls, network paths, and tracepoints. The basis of modern runtime-security and observability tooling (Cilium, Falco, Tetragon).

Tetragon

Open-source eBPF-based runtime security from Isovalent. Provides Kubernetes-aware process, network, and file observability with optional inline enforcement.

Container Security

The practice of securing the full container lifecycle - base image hardening, registry scanning, signed builds, admission control, runtime detection, and pod-level isolation in Kubernetes. Sits at the intersection of CWPP, KSPM, and supply-chain tooling.

Identity & Access Management (IAM)

IAM - Identity & Access Management

Who you are and what you're allowed to do. The control plane for cloud security.

Principal

The acting identity - a user, role, service account, or workload - making an authenticated request.

RBAC - Role-Based Access Control

Permissions assigned to roles, roles assigned to identities. Easy to reason about; coarse-grained.

ABAC - Attribute-Based Access Control

Permissions evaluated against attributes (tag, department, time of day). Fine-grained, harder to audit.

PBAC - Policy-Based Access Control

Decisions made by a centralized policy engine (e.g., OPA) rather than scattered ACLs.

IdP - Identity Provider

The system that authenticates users (Okta, Azure AD / Entra ID, Google Workspace).

SP - Service Provider / RP - Relying Party

The application that trusts the IdP's assertion of who the user is.

SSO - Single Sign-On

Sign in once, get into many applications without re-entering credentials.

SAML 2.0

XML-based federation protocol - the IdP sends a signed assertion to the SP.

OIDC - OpenID Connect

Identity layer on top of OAuth 2.0. Issues JWT ID tokens. The modern default.

WIF - Workload Identity Federation

Lets a workload (a CI runner, a Kubernetes pod, a service in another cloud) authenticate to a cloud provider without a long-lived service-account key. The workload presents an OIDC token from its own identity provider; the cloud trusts that token under a documented policy and exchanges it for a short-lived access token. Eliminates the "JSON key sitting in a secrets manager that no one ever rotates" failure mode.

OAuth 2.0

Delegated authorization framework. Issues access tokens; the spec doesn't define authentication.

JWT - JSON Web Token

A signed (and optionally encrypted) JSON blob used as a token. Common in OIDC and API auth.

Phishing-Resistant MFA

Multi-factor methods that can't be relayed or replayed by an attacker because the second factor is cryptographically bound to the origin - FIDO2 security keys, passkeys, smartcards. Push prompts, OTP codes, and SMS are explicitly not phishing-resistant.

MFA - Multi-Factor Authentication

Something you know + something you have (or are). Phishing-resistant MFA = WebAuthn / FIDO2.

FIDO2 / WebAuthn / Passkeys

Public-key authentication standards that resist phishing. Passkeys are syncable WebAuthn credentials.

Federation

Trusting tokens from a foreign IdP (e.g., GitHub Actions OIDC tokens trusted by AWS to assume a role).

STS - Security Token Service

Issues short-lived credentials, typically by exchanging a long-lived identity for a temporary role session.

AssumeRole

The AWS STS call that swaps your identity for temporary credentials of a target role.

Service Principal

An Entra ID identity for an application, service, or automation - the Azure analogue of an AWS IAM role for workloads. Pair with a managed identity when possible to avoid managing client secrets.

Service Account / Managed Identity / Workload Identity

The non-human principal a workload uses to authenticate (GCP service account, Azure managed identity, Kubernetes ServiceAccount → cloud role). A single sub-category of the broader NHI population.

NHI - Non-Human Identity

Any identity that isn't a person - service accounts, IAM roles, managed identities, OAuth tokens, API keys, certificates, workload identities, third-party SaaS integration credentials, bots, and AI agents. NHIs typically outnumber humans 45-100:1 in cloud-native estates and are the dominant initial-access surface in recent breaches (Cloudflare via Okta service tokens, Microsoft via a legacy OAuth app, Dropbox Sign, Internet Archive). The NHI security discipline covers inventory, ownership, lifecycle, rotation, vaulting, and behavior detection. Vendors: Astrix, Entro, Oasis Security, Aembit, Token Security, Clutch, Britive, Natoma.

OIDC Federation (workload identity federation)

A workload presents a short-lived OIDC token from its host (e.g., GitHub Actions) which the cloud trusts to issue temporary credentials. Removes long-lived secrets from CI.

Conditional Access

Policy that grants access only when contextual conditions are met (device compliant, location, risk score).

JIT - Just-In-Time Access

Permissions are elevated only for the duration of a task, then expire.

Least Privilege / Just-Enough Access

Grant the minimum permissions necessary for the task. The defining principle of cloud IAM.

SCP - Service Control Policy

AWS Organizations guardrail; sets the maximum permissions an account can have, even for the root user.

Permission Boundary

An IAM policy that caps the effective permissions of an entity, regardless of attached policies.

IMDS / IMDSv1 / IMDSv2

Instance Metadata Service - the link-local 169.254.169.254 endpoint that hands credentials to EC2 instances. IMDSv1 is unauthenticated and reachable via SSRF (the Capital One pattern). IMDSv2 requires a PUT-issued session token bound to the requester, defeating SSRF abuse - enforce v2-only on every account.

IAM Access Analyzer

AWS service that flags IAM roles, policies, and resources granting access to external accounts or principals you didn't intend. Also surfaces unused permissions, helping enforce least privilege.

Active Directory (AD)

Microsoft's directory service for on-prem identity. Still the primary user/group/auth backend for most enterprises; cloud identity providers federate to it.

Entra ID / Azure AD

Microsoft's cloud identity service. "Azure AD" is the legacy name; Microsoft renamed it Entra ID in 2023 but the older name is still pervasive in tooling, documentation, and conversation. Hosts users, groups, conditional-access policies, and the SAML/OIDC endpoints behind Microsoft 365 and Azure.

Kerberos

Network authentication protocol using time-bound encrypted tickets. The auth fabric of Active Directory; compromise of the krbtgt account yields a "Golden Ticket".

ACL - Access Control List

A list of rules attached to a resource specifying who can access it and how. Predates RBAC/ABAC; still common on filesystems, S3 objects, and network devices.

SPIFFE - Secure Production Identity Framework for Everyone

CNCF standard for cryptographic workload identity. Every workload gets a SPIFFE ID (a URI like spiffe://prod.acme/billing) and is issued a short-lived SVID (X.509 or JWT) to prove it. Decouples identity from network location - the foundation under most modern service-mesh mTLS.

SPIRE - SPIFFE Runtime Environment

The reference implementation of SPIFFE. A SPIRE Server issues SVIDs; SPIRE Agents on each node attest workloads (by Kubernetes pod metadata, AWS instance identity doc, GCP service account, etc.) and hand them their identity. Multi-cloud, multi-cluster federation included.

IRSA - IAM Roles for Service Accounts

The AWS pattern for giving an EKS pod a scoped AWS IAM role without long-lived keys: the cluster's OIDC provider is registered as an IAM identity provider, and the Kubernetes ServiceAccount is annotated with a role ARN. AWS also offers EKS Pod Identity, which uses an agent on the node instead of the OIDC token-exchange dance.

PAM - Privileged Access Management

The discipline (and product category) for controlling who can use high-privilege accounts, when, and with what audit trail. Patterns: vaulted credentials with checkout, session recording, JIT elevation, break-glass workflows. Vendors: CyberArk, Delinea, BeyondTrust, StrongDM, Teleport, HashiCorp Boundary.

PIM - Privileged Identity Management

Microsoft's name for JIT role activation in Entra ID and Azure RBAC. An eligible-but-not-active assignment lets a user request elevation for a bounded window with optional MFA and approval.

ReBAC - Relationship-Based Access Control

Authorization based on relationships between principals and resources rather than roles or attributes (e.g., "user X is an editor on document Y because X is in group G and G owns Y"). Implementations: Google Zanzibar, OpenFGA, SpiceDB, AuthZed, Topaz. Useful for fine-grained, graph-shaped permissions like document sharing.

PDP - Policy Decision Point

The component in a zero-trust or fine-grained-authz architecture that evaluates a policy and answers "permit" or "deny" for a given request. Examples: OPA, AWS Verified Permissions, Microsoft Conditional Access engine.

PEP - Policy Enforcement Point

The component that intercepts a request, asks the PDP for a decision, and enforces it. In zero trust this is the identity-aware proxy, the API gateway, the service mesh sidecar, or the application's own middleware.

ITDR - Identity Threat Detection and Response

Detection and response focused on identity attack patterns - anomalous logins, impossible travel, mass OAuth-app consent, dormant-account use, role-assumption spikes - across IdPs and downstream SaaS. Vendors: Beyond Identity, Push Security, Permiso, Mitiga, Vectra Identity.

IAP - Identity-Aware Proxy

GCP's per-request, identity-aware gateway that fronts internal apps. The user authenticates once to Google; IAP enforces per-app and per-method authorization before the request reaches the backend. The vendor-neutral concept: a PEP that sits between user and internal service and asks "should this identity be allowed to make this request right now?"

Networking & Zero Trust

VPC / VNet

Virtual Private Cloud / Virtual Network - your isolated network space inside a cloud account.

Subnet

A slice of a VPC's IP range, bound to one availability zone.

Security Group

A stateful per-ENI firewall (AWS / Azure NSG / GCP firewall rule).

NACL - Network Access Control List

A stateless subnet-level firewall (AWS).

Peering / Transit Gateway / Cloud Interconnect

Mechanisms for connecting VPCs / VNets to each other or to on-prem networks.

NAT - Network Address Translation

Lets private-subnet workloads reach the internet through a shared egress IP.

PrivateLink / Private Endpoint / Private Service Connect

Private routable endpoints for cloud services that never traverse the public internet.

Ingress / Egress

Inbound / outbound traffic. Egress controls are where most data exfil hides.

WAF - Web Application Firewall

Layer-7 filter for HTTP traffic - XSS, SQLi, rate limits, geo blocks.

CDN - Content Delivery Network

A globally distributed cache that sits between users and your origin server. Static assets (HTML, images, CSS, JS) are served from the cache nearest the user instead of fetching from origin every time. Side benefits: absorbs DDoS traffic at the edge, hides your origin IP, and survives short origin outages on cached pages. Examples: Cloudflare, Fastly, AWS CloudFront, Google Cloud CDN.

HSTS - HTTP Strict Transport Security

An HTTP response header that tells the browser "always use HTTPS for this site for the next N seconds, even if a link tries to send the user to plain HTTP." Defends against on-path attackers who try to downgrade the connection from HTTPS to HTTP and read or modify traffic. With preload + the browser's preload list, the protection is in effect on the very first visit too.

CSP - Content Security Policy

An HTTP response header that tells the browser exactly which scripts, styles, images, fonts, frames, etc. are allowed to load on a page. A strict CSP (no inline scripts, no eval(), no wildcards) is one of the strongest defenses against XSS - even if an attacker injects script tags, the browser refuses to execute them.

ACME - Automated Certificate Management Environment

The protocol Let's Encrypt and most modern managed-cert systems use to prove you control a domain and issue a TLS certificate for it. The most common challenge type is HTTP-01: the cert authority asks you to serve a specific token at a specific URL on the domain you're claiming, then verifies it with an HTTP request. DNS-01 is the alternative: you put the token in a DNS TXT record instead. ACME is what makes free, auto-renewing TLS certs the default in 2026.

Bastion Host / Jump Box

A hardened entry point into a private network. Modern equivalents: SSM Session Manager, IAP, Azure Bastion.

Zero Trust

Architectural principle: assume the network is hostile. Authenticate and authorize every request, regardless of source.

BeyondCorp

Google's foundational zero-trust paper / model - access decisions based on user + device + context, not network location.

SASE / SSE

Secure Access Service Edge / Security Service Edge - vendor-bundled cloud-delivered SWG + ZTNA + CASB + FWaaS.

ZTNA - Zero-Trust Network Access

Identity-aware proxy that replaces traditional VPN. Per-application access, not network-wide.

CASB - Cloud Access Security Broker

Inline or API-based control point for SaaS usage - DLP, posture, shadow-IT discovery.

Microsegmentation

Fine-grained network isolation between workloads, typically enforced by sidecar proxies or eBPF.

Network Policy

Kubernetes-native firewall rules expressed as YAML, restricting which pods may talk to which. Default-deny network policies are a baseline cluster-hardening control.

DDoS - Distributed Denial of Service

Overwhelming a service with traffic from many sources to make it unavailable. Mitigated by CDNs, scrubbing services, and rate-limited APIs.

AWS Shield

AWS's DDoS mitigation service. The Standard tier is on by default for all customers; Shield Advanced adds 24×7 DDoS Response Team access, cost protection during attacks, and tighter integration with WAF and Route 53.

ENI - Elastic Network Interface

An AWS virtual NIC that can be detached and reattached between EC2 instances. The unit a Security Group is bound to.

NSG - Network Security Group

Azure's stateful packet-filtering primitive. Attached to subnets or NICs; rules are evaluated by priority. The Azure analogue of an AWS Security Group. Pair with Application Security Groups (ASGs) to abstract IP ranges into reusable workload labels.

VPC Service Controls (VPC SC)

GCP's perimeter for blocking data exfiltration through service APIs. Wraps projects in a service perimeter so that even an attacker holding valid credentials can't move data from BigQuery / GCS / Bigtable / etc. out of the perimeter. Has no direct AWS or Azure equivalent - frequently the single feature that decides "we'll do this workload on GCP."

PSC - Private Service Connect

GCP's mechanism for consuming a service over a private IP - the customer creates a PSC endpoint inside their VPC and traffic to that IP routes to the producer without traversing the public internet. The GCP equivalent of AWS PrivateLink and Azure Private Link.

SSE - Security Service Edge

The security half of SASE - SWG + ZTNA + CASB + FWaaS delivered from a vendor's cloud - without the SD-WAN networking layer. Gartner coined the term to recognize that some buyers want the security stack without committing to a full SASE network. Vendors: Zscaler, Netskope, Cloudflare One, Palo Alto Prisma Access.

Envoy

High-performance C++ proxy originally built by Lyft. The data plane for Istio and Cloud Service Mesh; also the engine inside many API gateways and ingress controllers. Configurable via xDS APIs. Where most cloud-native mTLS, retry, circuit-breaking, and HTTP filtering actually happens at runtime.

Cloud Armor

Google Cloud's combined WAF and DDoS service. Sits in front of Global Load Balancers, supports OWASP CRS rules, custom rules in CEL, geo-blocking, and bot management; Cloud Armor Enterprise adds Adaptive Protection (ML-driven L7 anomaly detection).

Data Protection, Secrets & Cryptography

S3 - Simple Storage Service

AWS's object storage service. The most common cloud-security failure surface: public buckets, overly broad bucket policies, world-readable objects, and ACL/policy interactions that produce surprises. Capital One, LastPass, Snowflake-adjacent leaks, and many others all involved S3 as the exfil destination.

KMS - Key Management Service

Managed service that creates, stores, and uses cryptographic keys. AWS KMS, Azure Key Vault, GCP Cloud KMS.

Key Vault

Azure's combined KMS and secrets store. Holds keys (software- or HSM-protected), secrets (passwords, connection strings), and certificates. Access governed by RBAC or legacy access policies.

Cloud KMS

Google Cloud's KMS service. Software keys, HSM-backed keys, and external key support. Integrates with Customer-Managed Encryption Keys (CMEK) across most GCP services.

HSM - Hardware Security Module

Tamper-resistant hardware that performs crypto operations and never lets keys leave it.

KEK / DEK - Key Encryption Key / Data Encryption Key

Pattern: encrypt data with a DEK, then encrypt the DEK with a KEK held in KMS/HSM.

Envelope Encryption

The standard cloud pattern of wrapping a DEK with a KEK so the DEK can travel with the ciphertext.

BYOK / HYOK

Bring/Hold Your Own Key - customer supplies (or holds) the master key, not the cloud provider.

Secrets Manager / Vault

A managed store for credentials, API keys, and connection strings (AWS Secrets Manager, Azure Key Vault, HashiCorp Vault, GCP Secret Manager).

DLP - Data Loss Prevention

Tooling that detects and blocks sensitive data (PII, PHI, secrets) from leaving its boundary.

Microsoft Purview

Microsoft's data-governance and compliance platform - data classification, retention, DLP, insider-risk, and audit. Replaces the older Compliance Center and integrates with Microsoft 365 and Azure data services.

Tokenization

Replacing sensitive values with non-reversible references; the real value lives in a token vault.

Encryption at Rest / In Transit / In Use

Three states data can be in. Cloud KMS handles 1 & 2; confidential computing handles 3.

TLS - Transport Layer Security

Encrypts data in transit. TLS 1.2 minimum; 1.3 preferred.

mTLS - Mutual TLS

Both client and server authenticate via certificates. Common inside service meshes.

PKI - Public Key Infrastructure

The system of CAs, certificates, and trust chains that issues and validates the keys behind TLS, code signing, and S/MIME.

PQC - Post-Quantum Cryptography

Cryptographic algorithms designed to resist attacks from sufficiently large quantum computers. NIST's first standardized PQC suite (ML-KEM, ML-DSA, SLH-DSA) is what cloud providers and TLS implementations are migrating toward.

HNDL - Harvest Now, Decrypt Later

Threat model where an adversary captures encrypted traffic or data today, banking on future quantum computers to break it. The reason PQC migrations are urgent for long-lived secrets even though large quantum computers don't exist yet.

Crypto Agility

The property of a system that can swap cryptographic algorithms (and key sizes) without redesign. Critical for the PQC transition - and for surviving the next algorithm break after that.

DEK - Data Encryption Key

The symmetric key that actually encrypts the data. In envelope encryption the DEK travels with the ciphertext (encrypted by a KEK), so you can rotate the wrapping key without re-encrypting everything underneath.

TEE - Trusted Execution Environment

Hardware-isolated CPU region that protects code and data even from the host OS, hypervisor, and cloud operator. The substrate under confidential computing: AWS Nitro Enclaves, Azure Confidential VMs (AMD SEV-SNP, Intel TDX), GCP Confidential VMs, Confidential GKE Nodes, Confidential Space.

FIPS 140-2 / 140-3

US federal standards for cryptographic modules. Level 1 = software-only with approved algorithms; Level 2 = tamper-evident; Level 3 = tamper-resistant with identity-based auth; Level 4 = active tamper response. The procurement bar for FedRAMP, DoD, and many regulated buyers. Cloud HSMs are typically Level 3.

Air Gap (Cloud)

Physical or logical separation that prevents an attacker on one network from reaching another. In cloud the true physical air gap is rare; the practical pattern is a virtual air gap - backups replicated to a separate account/subscription/project with one-way pull, no shared admin trust, and IAM that does not allow the source side to write or delete in the destination. Pair with immutable backups for ransomware resilience.

Immutable Backup

Backup data that cannot be modified or deleted before its retention window expires - not by accident, not by an attacker, not by an admin. Cloud-native primitives: S3 Object Lock (Compliance mode prevents even root from deleting), Azure Immutable Blob Storage (time-based or legal-hold), GCS Bucket Lock, Glacier Vault Lock. The "L" in the 3-2-1-1-0 rule.

Logging, Detection & Response

SIEM - Security Information and Event Management

Central log aggregation + correlation + alerting. Splunk, Microsoft Sentinel, Chronicle, Elastic, Sumo.

Microsoft Sentinel

Microsoft's cloud-native SIEM and SOAR platform, built on Azure Monitor / Log Analytics. Native ingestion for Microsoft 365, Entra, Defender, and many third-party sources; KQL-based detection rules.

AWS Security Hub

AWS's central findings aggregator. Pulls signals from GuardDuty, IAM Access Analyzer, Inspector, Macie, and partner products into one normalized view, plus automated CSPM checks against frameworks like CIS, AWS FSBP, and PCI.

SOAR - Security Orchestration, Automation, and Response

Runs automated playbooks against alerts - enrich, contain, ticket, page.

SOC - Security Operations Center

The team (and room) that monitors and triages security alerts.

EDR / XDR / NDR / MDR

Endpoint / eXtended / Network Detection & Response. MDR adds a managed service. XDR claims to unify telemetry across surfaces.

CloudTrail / Activity Log / Audit Log

The control-plane audit trail for AWS / Azure / GCP. Your most important log source in cloud.

VPC Flow Logs

Network metadata (5-tuple, action, bytes) for traffic in a VPC. Cheap, useful for DFIR.

GuardDuty / Defender for Cloud / Security Command Center (SCC)

Native threat detection services in AWS / Azure / GCP.

Falco

Open-source runtime threat detection for Linux and Kubernetes, originally based on syscalls and now eBPF.

Sigma

Vendor-agnostic detection rule format that compiles to SIEM-specific queries.

YARA

Pattern-matching rules for files, malware, and memory artifacts.

Detection Query Languages (KQL / SPL / EQL / YARA-L)

The query and rule languages detection engineers actually write in: KQL (Microsoft Sentinel and Defender), SPL (Splunk), EQL (Elastic), and YARA-L (Google Chronicle). Each turns a hunt or alert hypothesis into something the SIEM can run, test, and version-control.

OpenTelemetry (OTel)

Open standard for emitting traces, metrics, and logs across languages and platforms.

IOC - Indicator of Compromise

An artifact (hash, IP, domain) tied to known-bad activity.

IOA - Indicator of Attack

A pattern of behavior suggesting attack regardless of specific artifacts.

Dwell Time

How long an attacker is in your environment before detection. The metric defenders try to shrink.

MTTD / MTTR

Mean Time To Detect / Respond. Common SOC KPIs.

DFIR - Digital Forensics & Incident Response

The discipline (and team) that handles incidents end-to-end.

Detection Engineering

The practice of building, testing, and maintaining detection content as code - Sigma rules, KQL queries, YARA signatures - with measurable coverage against MITRE ATT&CK techniques. Distinct from "writing alerts," in that it treats detections as a versioned, peer-reviewed, regression-tested artifact.

Detection-as-Code

Managing detection rules the way you manage software: versioned in Git, peer-reviewed, unit-tested against sample telemetry, and shipped through CI/CD. The detection-engineering counterpart to Policy-as-Code, and what separates a maintainable rule set from a pile of console-clicked alerts.

Threat Hunting

Hypothesis-driven search through telemetry for adversary activity that hasn't tripped an alert. Hunting tests detection coverage, surfaces dwell-time issues, and produces new detection-engineering content.

Incident Response (IR)

The end-to-end process of preparing for, detecting, containing, eradicating, and recovering from security incidents - plus the post-mortem that feeds back into detection engineering. DFIR is the forensics-heavy variant; IR is the umbrella program. Codified by NIST SP 800-61 and SANS PICERL.

Threat Intelligence (CTI)

Collected, analyzed information about adversaries, their TTPs, infrastructure, and victims - used to prioritize defenses and inform detection engineering. Tactical (IOCs), operational (campaigns), strategic (motives, geopolitics). Feeds: vendor reports, ISACs, OSINT, and internal incident telemetry.

SCC - Security Command Center

GCP's native cloud security platform. Standard tier covers asset inventory and basic findings; Premium adds CSPM, Event Threat Detection, Container Threat Detection, Web Security Scanner; Enterprise integrates Mandiant threat intel and the Google SecOps (formerly Chronicle) SIEM/SOAR - effectively a full CNAPP + SIEM bundle.

Defender for Cloud

Microsoft's native cloud security platform for Azure (and AWS / GCP, in multi-cloud mode). The free tier provides Cloud Security Posture Management; paid Defender plans add workload protection for servers, containers, databases, storage, App Service, Key Vault, etc. Findings flow to Microsoft Sentinel.

CALDERA

Open-source adversary-emulation framework from MITRE. Runs ATT&CK-mapped techniques end-to-end against a live environment to validate detections and response playbooks. Complementary to Stratus Red Team (cloud-focused) and Atomic Red Team (per-technique).

Atomic Red Team

Open-source library of small, single-technique tests mapped to MITRE ATT&CK. The standard for "does my detection actually fire when this technique runs?" - invoked by hand or by Invoke-AtomicRedTeam, the PowerShell harness. The "atomic" complement to CALDERA's full-chain emulation.

Posture, Policy & the *PM Family

CSPM - Cloud Security Posture Management

Continuous misconfiguration scanning of cloud accounts (public S3, open SGs, missing MFA, etc.).

KSPM - Kubernetes Security Posture Management

Same idea, scoped to Kubernetes (RBAC sprawl, privileged pods, missing PSS).

CIEM - Cloud Infrastructure Entitlements Management

Permission analysis - finds unused permissions, identifies privilege paths, drives least privilege.

CWPP - Cloud Workload Protection Platform

Runtime protection for VMs, containers, and serverless - agent-based or eBPF.

CNAPP - Cloud-Native Application Protection Platform

The vendor super-bundle: CSPM + CWPP + CIEM + IaC scanning + sometimes DSPM/ASPM.

DSPM - Data Security Posture Management

Discovers and classifies sensitive data across cloud and SaaS, then flags risky exposure.

SSPM - SaaS Security Posture Management

Continuous configuration and identity audit across SaaS apps (Microsoft 365, Google Workspace, Salesforce, GitHub, Slack, Okta, etc.). Covers admin sprawl, third-party OAuth-app risk, weak baselines, dormant accounts, and external sharing. The third leg of the *PM stool alongside CSPM (IaaS) and KSPM (Kubernetes). Vendors: Adaptive Shield (CrowdStrike), AppOmni, Obsidian, Wing, Grip, Reco, Valence.

ASPM - Application Security Posture Management

Aggregates SAST/DAST/SCA findings and ties them to ownership, priority, and reachability.

CADR - Cloud Application Detection and Response

Newer category: runtime detection focused on application-layer attacks in cloud.

AI-APP - AI Application Protection Platform

Emerging category (coined by Wiz) for platforms that secure deployed AI/LLM applications end-to-end - model inventory, prompt-injection defenses, data-flow monitoring between models and tools, and runtime detection of agent misuse. Pairs with CNAPP for the AI workload layer.

OPA - Open Policy Agent

General-purpose policy engine. Decisions in, decisions out.

Rego

The query language used by OPA.

Policy-as-Code

Expressing security and compliance rules as code - versioned, reviewable, testable.

Drift

Live infrastructure no longer matching its declared state (Terraform, Bicep, CFN). A common post-incident artifact.

Hardening / Baseline

Reducing attack surface to a defined "known good" configuration (CIS Benchmark, vendor security best practices).

PSS - Pod Security Standards

Kubernetes' built-in pod-hardening tiers - Privileged / Baseline / Restricted - replacing the deprecated PodSecurityPolicy.

CTEM - Continuous Threat Exposure Management

Gartner-coined program model that unifies vulnerability management, attack-surface management, identity-risk analysis, and red-team validation into one continuous loop. Increasingly the framing replacing traditional "patch the CVE" vulnerability programs.

Prowler

Open-source multi-cloud security assessment tool. Runs hundreds of CSPM-style checks against AWS, Azure, GCP, and Kubernetes mapped to CIS, NIST, PCI, and other frameworks. The default starting point for someone learning cloud posture without a commercial CNAPP.

ScoutSuite / Scout Suite

Open-source multi-cloud security auditing tool that inspects AWS, Azure, GCP, and other accounts for risky configurations, then renders the findings as a browsable HTML report. A common read-only companion to Prowler for posture reviews and pentest reconnaissance.

Attack Surface

The sum of all points where an unauthenticated or low-privilege actor can interact with your systems - public IPs, exposed APIs, leaked credentials, third-party SaaS integrations, signed artifacts, employee inboxes. Attack Surface Management (ASM) is the discipline of continuously discovering and reducing it.

Vulnerability & Supply-Chain Security

Supply-Chain Attack

Compromising the path that produces or delivers software so the malicious change rides through trusted channels - a poisoned dependency, a backdoored build step, a stolen signing key, a malicious GitHub Action. SolarWinds, the PyPI/npm typosquats, Codecov, and the XZ backdoor are all examples. The SLSA framework, SBOMs, and Sigstore exist to harden it.

CVE - Common Vulnerabilities and Exposures

A unique ID for a publicly disclosed vulnerability, assigned by MITRE/CNAs.

CVSS - Common Vulnerability Scoring System

0-10 severity score for a CVE. Famously poorly correlated with actual exploitation.

EPSS - Exploit Prediction Scoring System

FIRST-maintained probability that a CVE will be exploited in the next 30 days. Pairs better with CVSS than CVSS does alone.

KEV - Known Exploited Vulnerabilities

CISA's catalog of CVEs known to be actively exploited. The "fix this now" list.

SAST / DAST / IAST

Static / Dynamic / Interactive Application Security Testing. Source-time / run-time / both.

SCA - Software Composition Analysis

Identifies open-source dependencies and their known vulnerabilities.

SBOM - Software Bill of Materials

The ingredient list for a piece of software - components, versions, licenses, hashes. Formats: SPDX, CycloneDX.

SLSA - Supply-chain Levels for Software Artifacts

OpenSSF framework defining levels of build-pipeline integrity (signed provenance, isolated builders, etc.).

Sigstore / cosign

Free, keyless artifact signing using short-lived OIDC-based certs and a public transparency log.

Pinning

Referring to a dependency by an immutable identifier - a content hash or commit SHA - instead of a moveable label like a version tag or branch. A line like nginx:1.27-alpine or actions/checkout@v4 resolves to whatever bytes the publisher has pointed that label at right now; pinning replaces it with @sha256:65645c… or a 40-character commit SHA, which the publisher can't quietly redefine. If the upstream artifact is tampered with, the hash no longer matches and the build fails closed instead of silently shipping the new bytes. Standard hardening for container base images, GitHub Actions, package lockfiles, and any other build-time dependency exposed to supply-chain attacks. The trade-off is friction: pins must be manually updated to take new versions, but that friction is the feature - automated upstream compromise can't propagate without a human noticing.

Provenance

Verifiable record of how a build artifact was produced - source commit, builder, dependencies.

Dependency Confusion

Supply-chain attack where a public package matches the name of a private internal one and gets pulled by mistake.

Typosquatting

Malicious package using a misspelling of a legitimate one.

PyPI - Python Package Index

The official public repository for Python packages. A frequent supply-chain target - typosquatting, dependency confusion, and account takeovers of maintainers all show up here regularly.

npm

The default package registry for JavaScript / Node.js. Same threat profile as PyPI: typosquatting, dependency confusion, post-install scripts that steal secrets, and high-blast-radius compromises of popular packages.

VEX - Vulnerability Exploitability eXchange

Statement attached to an SBOM saying whether a known CVE is actually exploitable in this product / build.

CWE - Common Weakness Enumeration

MITRE's catalog of weakness types (e.g., CWE-79 = XSS, CWE-89 = SQL injection). CVEs are concrete instances; CWEs are the categories.

Vulnerability Management

The program of discovering, prioritizing, remediating, and verifying vulnerabilities across an environment. Modern cloud VM blends CVE data with EPSS, KEV, reachability, runtime evidence, and ownership routing - moving toward CTEM rather than chasing every CVSS 7+.

Reachability

Whether a vulnerable function in a dependency is actually invoked by the application - call-graph analysis from the entrypoint down to the vulnerable code. Cuts an SCA backlog by 60-90% in most codebases because most CVEs are in unused code paths. Vendors: Endor Labs, Backslash, Aikido, Apiiro, Snyk Code (in part), Wiz (in part).

CAPEC - Common Attack Pattern Enumeration and Classification

MITRE's catalog of how attacks are carried out - the technique-shaped counterpart to CWE's weakness catalog. Used in threat modeling to enumerate attack patterns against a system. Cross-referenced from CWE and ATT&CK.

Compliance Frameworks

NIS2 Directive

EU directive (2022/2555) expanding cybersecurity obligations across "essential" and "important" entities - energy, transport, banking, health, cloud providers, MSPs, and more. Member states transposed it into national law in 2024-2025. Mandates risk management, supply-chain due diligence, 24-hour incident notification, and personal liability for management.

SOC 2

AICPA audit covering Security (required) plus optional Availability, Confidentiality, Processing Integrity, and Privacy.

ISO/IEC 27001

International standard for an Information Security Management System (ISMS). Certifiable.

PCI DSS

Payment Card Industry Data Security Standard. If you process card data, this applies.

HIPAA

US healthcare regulation governing protected health information (PHI).

GDPR / CCPA / CPRA

EU and California data-protection laws. Govern lawful basis, rights, and breach disclosure.

FedRAMP

US federal program authorizing cloud services for government use. Low / Moderate / High baselines.

NIST CSF - Cybersecurity Framework

Govern / Identify / Protect / Detect / Respond / Recover. Common North-Star for security programs.

NIST SP 800-53

The US-government control catalog underlying FedRAMP and many compliance regimes.

NIST SP 800-171

Controls for protecting Controlled Unclassified Information (CUI) in non-federal systems.

CIS Benchmarks

Hardening guides for specific platforms (AWS, Azure, GCP, K8s, OSes). Maintained by the Center for Internet Security.

CSA CCM - Cloud Controls Matrix

Cloud Security Alliance's cloud-specific control framework.

DORA

EU Digital Operational Resilience Act - financial-sector ICT risk and third-party oversight.

CMMC - Cybersecurity Maturity Model Certification

US Department of Defense framework gating eligibility for DoD contracts. CMMC 2.0 has three levels: Level 1 (self-assessed, 17 controls aligned to FAR 52.204-21), Level 2 (third-party C3PAO-assessed, 110 controls aligned to NIST SP 800-171), Level 3 (DIBCAC-assessed, adds 800-172 controls). Phased rollout began in late 2024.

TSC - Trust Services Criteria

AICPA's five criteria categories underneath SOC 2: Security (always required), Availability, Confidentiality, Processing Integrity, Privacy. The criteria are what the auditor tests against; selecting Security alone is the baseline SOC 2 report.

BAA - Business Associate Agreement

The HIPAA-mandated contract between a Covered Entity (e.g., a hospital) and any vendor that handles Protected Health Information on its behalf. AWS, Azure, GCP, and most major SaaS sign BAAs covering specific services; using a non-BAA-covered service for PHI is itself a HIPAA violation.

SOX - Sarbanes-Oxley Act

2002 US law that mandates internal controls over financial reporting for public companies. In cloud the relevant artifacts are IT General Controls (ITGCs) - change management, access reviews, segregation of duties, backup verification - applied to systems that touch the general ledger. Auditors trace from a financial transaction back to the IAM model that protected it.

ISO/IEC 27017 / 27018

Cloud-specific addenda to ISO/IEC 27001. 27017 adds cloud-service-provider and cloud-customer controls (shared responsibility, virtual environment hardening); 27018 adds protections for PII processed by cloud providers (a partial GDPR-aligned baseline).

ISO/IEC 42001

2023 standard for AI Management Systems - the AI-specific analogue of ISO 27001. Certifiable. Covers governance, risk, lifecycle, transparency, and continuous improvement for organizations that build or deploy AI systems. The first formal compliance framework for AI risk; pairs with NIST AI RMF on the controls side.

GRC (Governance, Risk & Compliance)

The umbrella discipline that aligns security work with business risk and regulatory obligation: setting policy, assessing and tracking risk, and demonstrating conformance to frameworks like SOC 2, ISO 27001, and FedRAMP. The function a CISO ultimately owns.

CISO (Chief Information Security Officer)

The executive accountable for an organization's security program: strategy, budget, risk acceptance, and reporting to the board. Owns the GRC function and is the final escalation point during a major incident.

Cloud Security Certifications (CCSP / CISSP / CCSK / CKS / OSCP / GIAC / Security+)

Credentials that signal cloud-security competence to employers. Common ones: CCSP and CCSK (cloud-focused), CISSP (broad security management), CKS (Kubernetes security), OSCP (offensive testing), the GIAC family (SANS), and the entry-level Security+. Useful for getting past resume screens; no substitute for hands-on lab work.

Threats, Attacker Techniques & Frameworks

MITRE ATT&CK

Knowledge base of adversary tactics, techniques, and procedures. Has Cloud, Containers, Mobile, ICS matrices.

D3FEND

MITRE's defensive counterpart to ATT&CK - countermeasure techniques mapped to attacker techniques.

TTP - Tactics, Techniques, and Procedures

The "how" of an adversary's behavior, increasingly specific from tactic → technique → procedure.

Kill Chain

Lockheed Martin's seven-stage model of an intrusion: Recon → Weaponization → Delivery → Exploitation → Installation → C2 → Actions on Objectives.

Initial Access

How the attacker first lands - phish, exposed service, valid credentials, supply chain.

Lateral Movement

Pivoting from one foothold to other systems, often using stolen tokens.

Privilege Escalation

Gaining higher rights than originally granted (vertical) or rights of a peer (horizontal).

Persistence

Mechanisms attackers leave to survive reboots, password rotations, and credential rotations.

Exfiltration

Stealing data out of the environment - often via DNS, S3, GitHub, or messaging services.

C2 - Command & Control

The channel an attacker uses to control implants. Often blended with legitimate cloud services.

Credential Stuffing

Replaying breached username/password pairs against other services.

Infostealer

Commodity malware (RedLine, Raccoon, LummaC2, Vidar…) that scrapes browser-saved credentials, session cookies, crypto wallets, and authenticated SaaS tokens off an infected workstation. Logs are then sold on criminal markets - the same data that fueled the Snowflake/UNC5537 wave. The reason "the laptop got infected" is now a cloud problem.

Data Exfiltration

Stealing data out of the environment. The "Actions on Objectives" stage of most cloud breaches. Common channels: S3 uploads, DNS tunneling, GitHub gists, Discord/Slack webhooks, Telegram bots, and outbound HTTPS to attacker infrastructure. Egress controls and DLP are the defensive layer.

Red Team / Blue Team / Purple Team

Red-team operators emulate an adversary against a real target with realistic objectives and stealth. Blue-team operators defend, detect, and respond. Purple-team engagements run them together - red executes, blue watches, both tune detections in real time. Distinct from a one-off pen test, a red-team engagement assumes weeks-to-months and full TTP latitude.

Phishing / Spear Phishing / Whaling

Email-borne credential theft, targeted variant, and exec-targeted variant.

Consent Phishing / OAuth Phishing

Tricking a user into granting an attacker-owned OAuth app permission to their account. No password ever stolen.

MFA Fatigue / Push Bombing

Spamming push prompts until the user accepts one. Defeated by number matching and FIDO2.

SSRF - Server-Side Request Forgery

Trick a server into fetching an attacker-chosen URL. In cloud, the historical path to IMDS credentials.

XSS - Cross-Site Scripting

Injecting attacker-controlled JS into another user's session. Stored, reflected, DOM-based.

CSRF - Cross-Site Request Forgery

Tricking a victim's browser into making an authenticated request to a target site.

RCE - Remote Code Execution

Running attacker code on a server. The most consequential class of bug.

Golden SAML

Forging arbitrary SAML assertions after stealing the IdP's signing key. Made famous by SolarWinds.

Golden Ticket / Silver Ticket

Active Directory Kerberos ticket forgeries (krbtgt or service-account hashes).

Pass-the-Hash / Pass-the-Token / Pass-the-Cookie

Reusing stolen credential material without ever knowing the underlying password.

BOLA / IDOR - Broken Object Level Authorization

API1 in the OWASP API Top 10 (also known as Insecure Direct Object Reference). The endpoint authorizes the caller but doesn't check that the caller is allowed to act on this specific object. GET /accounts/123 returns Bob's account when Alice asks because the API only checks "is the caller authenticated" and not "does Alice own account 123." The single most common API bug; almost every real-world API breach traces back to a BOLA-shaped flaw.

Living Off the Land (LOTL)

Attackers using legitimate, signed tools already in the environment (PowerShell, certutil, AWS CLI) to evade detection.

Shadow IT / Shadow AI

Unsanctioned services / AI tools adopted by employees, outside the visibility of security and IT.

Stratus Red Team

Open-source cloud attack-emulation tool from DataDog. Lets defenders trigger a catalog of granular MITRE ATT&CK-mapped techniques (S3 exfil, IAM persistence, EC2 IMDS abuse, etc.) against a real cloud account to validate detection engineering coverage.

CloudGoat

Rhino Security Labs' intentionally vulnerable AWS environment. Spins up scenario-based scenarios (privilege escalation paths, IAM misconfigurations, exposed services) you attack and learn from - the de facto starter CTF for AWS pentesting.

Pacu

Open-source AWS exploitation framework from Rhino Security Labs, often described as Metasploit for the cloud. Red teams and penetration testers use its modules to chain misconfigurations into privilege escalation, persistence, and data access. Pairs naturally with intentionally vulnerable ranges like CloudGoat.

flAWS / flAWS2

Scott Piper's classic AWS-focused security CTFs. Each level teaches a real misconfiguration class - public S3 buckets, EC2 metadata, IAM trust policies, federated identity. Free, browser-driven, and still the most-recommended on-ramp into AWS attacker thinking.

Threat Modeling

A structured exercise that answers Adam Shostack's four questions: What are we building? What can go wrong? What are we going to do about it? Did we do a good job? Outputs a prioritized list of threats and mitigations against a specific system or change. Best done at design time - when fixes are cheap - and re-run when the architecture shifts.

STRIDE

Microsoft's threat-categorization mnemonic: Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege. Applied per element or per data-flow in a system diagram to enumerate threats. The most common starting framework in threat modeling.

PASTA - Process for Attack Simulation and Threat Analysis

Seven-stage risk-driven threat modeling methodology: define objectives → define technical scope → decompose the application → threat analysis → vulnerability analysis → attack modeling → risk & impact analysis. Heavier than STRIDE; pairs well with business-context risk discussions.

LINDDUN

Privacy-focused threat modeling framework: Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness, Non-compliance. Increasingly used to satisfy GDPR Article 25 ("data protection by design") and Article 35 (DPIA) requirements.

DREAD

Microsoft's risk-scoring mnemonic - Damage, Reproducibility, Exploitability, Affected users, Discoverability - each scored 0-10, averaged for a threat. Officially deprecated by Microsoft (the scoring is too subjective to be reliable), but still seen in older threat-modeling material. Modern programs prefer FAIR or simple Likelihood × Impact heuristics.

FAIR - Factor Analysis of Information Risk

A quantitative model for translating cyber risk into expressed financial loss exposure ranges. Decomposes Risk into Loss Event Frequency (Threat Event Frequency × Vulnerability) and Loss Magnitude. Standardized by The Open Group; the foundation of most modern cyber-risk quantification programs.

Attack Tree

Bruce Schneier's tree-shaped representation of attacker goals: the root is the goal (e.g., "exfiltrate customer data"), children are sub-goals or methods, leaves are concrete techniques. Nodes can be AND/OR combined. A complement to STRIDE - STRIDE enumerates categories, attack trees enumerate paths.

MITRE ATLAS - Adversarial Threat Landscape for AI Systems

MITRE's ATT&CK-shaped knowledge base for attacks on AI and ML systems - tactics like reconnaissance, ML model access, exfiltration, impact, and techniques like prompt injection, model evasion, training-data poisoning, and model exfiltration. The de facto cross-vendor taxonomy for AI red-team work.

BFLA - Broken Function Level Authorization

API5 in the OWASP API Top 10. A non-admin can call admin-only endpoints because the function-level authorization isn't enforced - e.g., POST /admin/users works for any authenticated caller. Often hidden by UI conventions: the front-end never shows the button, so the back-end forgot to check.

BOPLA - Broken Object Property Level Authorization

API3 in the OWASP API Top 10. The caller can read or modify properties of an object they're not supposed to - e.g., the user-update endpoint accepts an is_admin field that should only be settable by admins. Encompasses excessive data exposure (read-side) and mass assignment (write-side).

OWASP API Security Top 10

OWASP's API-specific risk catalog (2023 edition): API1 BOLA, API2 Broken Authentication, API3 BOPLA, API4 Unrestricted Resource Consumption, API5 BFLA, API6 Unrestricted Access to Sensitive Business Flows, API7 SSRF, API8 Security Misconfiguration, API9 Improper Inventory Management, API10 Unsafe Consumption of APIs. Distinct from the original OWASP Top 10 because most API attacks aren't web-layer attacks.

AI, LLM & Agentic-System Security

AI - Artificial Intelligence

In a cloud-security context, "AI" almost always means systems built around large language models - chat assistants, RAG pipelines, autonomous agents, and the cloud services that host them. The security concerns are configuration of model endpoints, data flow into and out of models, prompt injection, and the blast radius of agents with tool access.

LLM - Large Language Model

Transformer-based models trained on huge text corpora; the engine behind chat assistants and agents.

Fine-Tuning

Continuing the training of a base LLM on a narrower dataset to specialize it. Security implications: the fine-tuning corpus often contains sensitive internal data, the resulting weights become a sensitive asset, and training-data extraction attacks can recover memorized examples.

Embedding

A vector representation of text (or images, code) produced by a model so semantic similarity can be computed by distance. The retrieval half of RAG runs over a vector database of embeddings. Embeddings can also leak information about the source text, so embedding stores need access controls.

Prompt Injection

Untrusted input that overrides the system prompt or coerces the model into actions it shouldn't take. The defining LLM vulnerability.

Indirect Prompt Injection

Injection delivered via content the model retrieves (web pages, emails, docs) rather than the user's message.

Jailbreak

Inputs that bypass an LLM's safety training to elicit prohibited content.

RAG - Retrieval-Augmented Generation

Retrieving relevant documents at query time and stuffing them into the model's context.

MCP - Model Context Protocol

Open standard for giving LLMs structured access to tools and data sources.

Agent / Agentic System

An LLM that can take actions via tools, often in multi-step loops. Expands the blast radius of prompt injection.

Tool Use / Function Calling

An LLM emitting a structured request to call an external function (API, shell, browser).

Confused-Deputy (in agents)

An agent acting on behalf of the wrong principal - typically because tool input from one user is interpreted as instructions from another.

Guardrails

Input/output filters around an LLM to block prompt injection, PII leaks, or off-topic responses. Helpful, not sufficient.

Model Exfiltration

Stealing weights or fine-tuning data from a hosted model.

Training-Data Extraction

Eliciting verbatim training data from a model, especially memorized PII or secrets.

AI Red-Teaming

Adversarial probing of a model or agent for harmful, biased, or insecure behaviors. Distinct from infrastructure red-teaming: the targets are prompt injection, jailbreaks, training-data leakage, and tool-use abuse rather than networks and credentials.

OWASP LLM Top 10

The community-maintained top risks list for LLM applications.

NIST AI RMF

NIST's AI Risk Management Framework - Govern / Map / Measure / Manage.

Promptware

Malicious payloads delivered via prompts to LLMs and agents - a cloud-relevant attack class as agents gain real-world tool access (see Breach Kill Chains).

DevOps, IaC & Operating Concepts

IaC - Infrastructure as Code

Declaring infrastructure in versioned code. Terraform / OpenTofu, CloudFormation, Bicep, Pulumi, Crossplane.

Landing Zone / Cloud Foundation

The baseline of accounts, identities, networks, logging sinks, and guardrails that workloads land into. Each major cloud has a reference design: AWS Control Tower / Landing Zone Accelerator, Azure Cloud Adoption Framework landing zones, GCP Enterprise Foundations Blueprint. The goal is that the second, fifth, and five-hundredth workload all start with the same identity model, network segmentation, log aggregation, and policy-as-code guardrails - not whatever the team that built it decided in the moment. See our landing zones guide.

GitOps

Use Git as the source of truth for desired state; an agent reconciles the live system to match.

CI/CD - Continuous Integration / Continuous Delivery

Pipelines that build, test, and deploy code automatically.

Immutable Infrastructure

Servers/containers are never modified after deploy - they're replaced. Reduces drift and forensics surprises.

Blue/Green & Canary Deploys

Deployment patterns that ship to a subset of traffic to limit blast radius.

Blast Radius

The scope of damage if a credential, identity, or system is compromised. Minimizing it is a design principle.

Ephemeral Credentials

Short-lived (minutes to hours) credentials issued by STS / OIDC federation. The replacement for long-lived access keys.

Secrets Sprawl

Long-lived API keys checked into repos, dumped in shell histories, or shared in chat. Cloud's most reliable attack source.

Shift Left / Shift Right

Doing security in dev/CI (left) vs. runtime/production (right). Both are needed.

Toil

Repetitive manual operational work. SRE term - the thing automation aims to eliminate.

SLO / SLI / SLA

Service Level Objective / Indicator / Agreement - what you target, how you measure, what you're contractually liable for.

Runbook / Playbook

Documented procedures for handling specific operational or security events.

Terraform / OpenTofu

HashiCorp's IaC tool - declarative HCL configurations applied via a state file to provision cloud resources. OpenTofu is the open-source fork after the 2023 license change. Most cloud-security findings ultimately get fixed in Terraform; IaC scanners (Checkov, tfsec, KICS, Terrascan) catch issues before apply.

IaC Scanners (Checkov / Trivy / tfsec / KICS / Terrascan)

Static-analysis tools that scan Infrastructure-as-Code (Terraform, CloudFormation, Kubernetes manifests, Helm) for insecure settings before deploy. Checkov, tfsec, KICS, and Terrascan focus on IaC policy; Trivy also covers container images, dependencies, and secrets. Usually wired into CI/CD as a merge gate so misconfigurations fail the build instead of reaching production.

DevSecOps

Embedding security checks into the developer workflow - SAST, SCA, IaC scanning, secret scanning, and policy gates running in CI rather than as a pre-prod review. The cultural goal is shared ownership; the practical goal is finding issues at the left end of the pipeline where they're cheapest to fix.

RTO - Recovery Time Objective

The maximum acceptable wall-clock time between a disruption and the service being restored. Set per workload tier: tier-0 systems might have a 1-hour RTO; an internal report can have 72 hours. Drives the architecture spend - multi-region active-active is RTO ≈ 0; cold standby may be 24+ hours.

RPO - Recovery Point Objective

The maximum acceptable amount of data loss measured in time. RPO of 1 hour means you can afford to lose up to 1 hour of writes. Sets the cadence and replication mode for backups - synchronous replication for near-zero RPO, scheduled snapshots for hour-class RPO, daily backups for day-class RPO.

3-2-1-1-0 Rule

Modern backup principle, extending the classic 3-2-1: 3 copies of data, on 2 distinct media or platforms, with 1 copy offsite, 1 copy immutable, and 0 errors when restoration is tested. The "1 immutable" and "0 errors" additions are post-ransomware-era updates that distinguish working programs from theatre.

Ambient Mode (Service Mesh)

A sidecarless service mesh architecture pioneered by Istio Ambient. Mesh functions (L4 mTLS via a per-node ztunnel; optional L7 policy/observability via a "waypoint" proxy) are deployed as shared infrastructure rather than as a sidecar injected into every pod. Trades the per-pod isolation of sidecars for substantially lower memory and operational cost. Cilium offers a similar eBPF-based sidecarless mode.

GraphQL

Query language for APIs where the client specifies the shape of the response. Security pitfalls unique to GraphQL: introspection enabled in production (exposes the full schema), query-depth / complexity attacks (a single nested query can fan out to millions of resolver calls), batching attacks that bypass per-request rate limits, and authorization checks that must move from endpoint-level to resolver-level. Defenses: persisted queries, depth/complexity limits, server-side authz at the resolver, and disabled introspection in prod.

gRPC

Google-originated RPC framework using HTTP/2 and Protocol Buffers. Security characteristics: binary protocol opaque to most WAFs, no built-in rate limiting, server reflection often left on in dev/staging (exposes the schema). Pair with mTLS for service-to-service auth and put a gRPC-aware proxy (Envoy, Linkerd) in front for retries, timeouts, and rate limiting.

Standards Bodies & Authorities

NIST

US National Institute of Standards and Technology. Owns CSF, the SP 800-series, NVD, and the AI RMF.

CISA

US Cybersecurity & Infrastructure Security Agency. Publishes KEV, advisories, and Secure-by-Design guidance.

MITRE

Operates the CVE program, ATT&CK, D3FEND, and CWE.

CSA - Cloud Security Alliance

Industry body behind CCSK, CCAK, the CCM, and the Egregious Eleven / Top Threats reports.

OWASP

Open Worldwide Application Security Project. Top 10 series, ASVS, ZAP.

ENISA

EU Agency for Cybersecurity. Publishes risk reports and threat-landscape research.

FIRST

Forum of Incident Response and Security Teams. Owns CVSS and EPSS, hosts the global CSIRT community.

CNCF

Cloud Native Computing Foundation. Stewards Kubernetes, Falco, OPA, OpenTelemetry, and more.

OpenSSF

Open Source Security Foundation. Stewards SLSA, Sigstore, Scorecard.

NVD - National Vulnerability Database

NIST's enriched feed of CVEs with CVSS scoring and CPE tagging.

CISA KEV

The Known Exploited Vulnerabilities catalog maintained by CISA. The authoritative "patch this now" list for vulnerabilities seen in real attacks.

OWASP ZAP

Open-source web-application security scanner from OWASP. Common in CI pipelines for DAST.

OpenSSF Scorecard

Automated checks that score the security posture of an open-source project - signed releases, branch protection, dependency pinning, fuzzing - producing a 0-10 score.