Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Version 2.0

Cybersecurity Style Guide

Appendix A: How to Codify Your Own Terms

Security vocabulary is rapidly changing and expanding, so it’s likely that you’ll need to tame new tech terms on your own, in between versions of this style guide. To codify a term for your own use, determine the following:

  • How is the term capitalized by its creators and its users?
    • Ex: BeEF, iPhone, JavaScript, Metasploit, PuTTY, QWERTY
  • If it’s an acronym, how is it pronounced by its creators and its users?
    • Ex: SQL, ngrep, Hping, NAND
  • If it’s an acronym, should its components be written out on first use or never?
    • Ex: 3G, APT, IP, RSA
  • Can it be confused with another term? If so, how can it be consistently distinguished?
    • Ex: crypto, fingerprints, MFA, shell
  • If it’s a compound, is it written differently if it’s a verb or a noun?
    • Ex: reverse-engineer (v.) vs. reverse engineering (n.) - Do spacing and hyphens change the meaning, or is it a personal preference? If it’s a personal preference, determine a company-wide preference.
  • Which type of font should be used?
    • Ex: admin (a username) vs. admin (a concept/role)
    • fixed-width (monospace) or variable-width font

Capitalization, spacing, and punctuation all matter—often for different reasons when writing code and writing reports. Be sure to consider all three visual components when determining how to incorporate new terms in your documents and presentations.

In the likely event that you find a term that is written or pronounced inconsistently, contact the creators and follow their preference. If that’s not possible, check their most recent documentation. Ultimately, make a choice, write it down, and use it consistently, but be willing to revise your answer in the future. (And if you think it might help other security writers, tell us about it at [email protected], and we’ll add it to the next version of the style guide.)

Avoid The Red Squiggly

cyber.dic is an auxiliary spellcheck dictionary that can be added to your word processor to augment its standard spellcheck list. This is a resource for anyone who regularly writes about tech and is not a fan of the red underline that plagues any highly technical document.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.