Glossary

The glossary is a constant work-in-progress. If you have words you’d like to have defined let me know. Or if you have definitions that are messing, let me know that too.

3 | 4 | a | b | c | d | e | f | g | h | i | j | k | l | m | n | p | s | v | w | z
Reset list
DAST -  DAST tests an application for security vulnerabilities by monitoring and probing an application while it is actually running - thus the dynamic test. DAST starts from inputs and is a black-box or external view. This gives is a very realistic view of application behavior, but is difficult to be completely thorough. Penetration testing or pen-test is a common form of DAST.
- Synonyms: Dynamic Application Security Testing
denial-of-service -  Attackers try to make a computer, network, or application unavailable to end-users. For example by overloading it with too much traffic as in a distributed denial of service.
- Synonyms: DoS, DDoS
Development Testing -  Development Testing is a software development process that involves practices such as static analysis, data flow analysis, metrics, peer code review, unit testing, code coverage and other steps that can be performed at development time. The goal is not to replace traditional QA, but to reduce time and cost by catching problems earlier.
- Synonyms: salting
DISA -  Defense Information Systems Agency - responsible for IT through the DoD - Department of Defense. For examples, creates and maintains SRG and STIG guides that help people install, configure, deploy, and monitor systems and applications securely. See https://www.disa.mil/
DMCA -  A United States digital rights bill signed in 1998 by Bill Clinton. The aim of DMCA is to protect the rights of both copyright owners and consumers. The act is controversial and some feel that it limits innovation and consumer choice to the benefit of existing content interests such as the RIAA and movie industry.
- Synonyms: Digital Millenium Copyright Act
Dongle -  A small electronic device like a USB drive that provides security. Sometimes used for secure access. Also used to hold license keys for controlled software.