New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›

Version 2.0

Cybersecurity Style Guide

D

daemon (n.)

Pronounced as “demon” or “day-mun.” A background system process on a computer. Daemon processes often include the letter D at the end, as in sshd.

daisy chain (n.), daisy-chain (v.)

An electrical engineering wiring scheme. Informal.

Related:

Danger Drone

A Bishop Fox creation. A Raspberry Pi on a drone that can access tall buildings inconspicuously as a flying hacker laptop.

DAO, DAOs (n.)

Short for decentralized autonomous organization or data access object. Spell out on first use.

dark net or Dark Net (n.)

A nebulous term (along with “dark web” and “deep web”) written and used inconsistently to refer to unindexed online black markets. In formal writing, it’s better to call it the black market or specify the site or service.

Related:

Dark Reading

A security industry publication.

DARPA

Defense Advanced Research Projects Agency.

Related:

DoD
data (n.)

Always write data in the singular, as in “the data was recovered.”

data://

Use the tech font for data URIs.

dates (n.)

Write out dates (e.g., October 15, 2020) where possible to avoid day/month confusion with global audiences.

datetime (n.)

Related:

Day of Shecurity

A one-day, women-centered security conference. https://www.dayofshecurity.com/

day-to-day (adj.)

Ex: day-to-day activities

DB, DBs (n.)

Database. Spell out on first use unless it’s part of a name, as in MongoDB or IMDb.

DBA (n.)

Database administrator. Pronounced as letters. Spell out on first use in public-facing documents.

Related:

dba

Short for “doing business as.”

DDE

Dynamic Data Exchange. Spell out on first use.

DDoS (n.)

Distributed denial of service. Pronounced “D-doss” or as letters. Spell out on first use.

DDR (n.)

Short for double data rate or the arcade game Dance Dance Revolution. Spell out on first use to clarify your intended meaning.

Related:

bus
dead code (n.)

OK to use in formal writing.

dead drop (n.)

Related:

USB
deauthenticate (v.)

Avoid using this term. If possible, try a more specific description like revoke a token or end a session.

Debian

A Linux distribution. Pronounced “debb-ee-an.”

decap (v.), decapped (adj.)

Short for decapsulate. To remove the outer coating from a chip.

declare (v.)

To tell a program that a function exists before the function has been defined.

decommed (adj. or v.)

Short for decommissioned. Informal.

Deep Blue

Famous IBM chess-playing AI. The name was inspired by Deep Thought: the fictional supercomputer in The Hitchhiker’s Guide to the Galaxy.

deepfake, deepfakes (n. or adj.)

AI-fabricated video, originally used in pornography.

DEF CON

An annual security conference in Las Vegas. https://www.defcon.org/

DEFCON system

Defense readiness condition. A U.S. military alert scale that is set at DEFCON 5 during peacetime and elevates to DEFCON 4 and above during threatening situations.

Related:

defense in depth (n.), defense-in-depth (adj.)

Ex: If you are interested in defense in depth, employ a defense-in-depth strategy.

denial of service (n.), denial-of-service (adj.) (DoS)

Spell out on first use. DoS is pronounced as “doss” or the whole phrase.

Ex: A denial of service is caused by denial-of-service attacks.

deny any any

A network access rule.

Related:

denylist, denylisting (n.)

Bishop Fox’s preferred alternative term to blacklist. Rephrase to avoid using this term as a verb in formal writing.

dependency hell (n.)

Frustration from software malfunctions caused by errors in third-party software. Informal.

deprecate (v.), deprecated (adj.)

Describes hardware or software that is considered retired but left in for backward compatibility; included but outdated and unsupported.

DES

Data Encryption Standard. A symmetric-key encryption cipher. DES is pronounced as letters or “dezz.” Do not spell out; briefly define on first use.

Related:

deserialize (v.), deserialization (n.)

The process of reconstructing a serialized object. Do not use this interchangeably with “unserialize.” There is an unserialize() function in PHP.

deus ex machina (n.)

Latin for “god from the machine.” A plot device in which an unresolvable problem is conveniently fixed by an unlikely solution.

dev (n. or adj.)

Short for developer or a system in development, as opposed to a production (prod) system. Also called test. Informal.

DevOps

Development operations. Corporate jargon.

Related:

DevSecOps (n.)

Short for development, security, operations. Corporate jargon.

DFIR

Digital Forensics and Incident Response. Spell out on first use.

Related:

IR
DH or DHE

Diffie-Hellman key exchange.

DHS

Department of Homeland Security.

Related:

DHTML (n.)

Dynamic HTML. Do not spell out.

The Diana Initiative

An annual, women-centered security conference held at the same time as DEF CON in Las Vegas.

DICOM

Digital Imaging and Communications in Medicine. The standard for managing medical imaging information.

dictionary attack (n.)

A brute-force attack in which words from a list such as a dictionary or prior security breach are used to guess a password or decrypt a cipher.

diff (n. or v.)

A tool that finds the differences between two files, or the output of such a tool. Can also refer to the Linux tool diff.

Diffie-Hellman (DH) key exchange (n.)

A method for securely exchanging secret information.

-Diggity

A common suffix for Bishop Fox tools created by Fran Brown.

Ex: GoogleDiggity, SearchDiggity, ZipDiggity

DirBuster

A pen testing tool.

Related:

directives (n.)

If it’s a type of directive, use the normal font. If it’s a named directive, use the tech font, as in “SetCookies directive” or “unsafe-inline.”

Related:

directory (n.)

Also called a folder. If it’s a type of directory, use the normal font. If it’s a named directory, use the tech font, as in ”the Moss directory.”

directory traversal (n.)

Also called path traversal.

Dirty COW

Dirty copy-on-write; the CVE-2016-5195 vulnerability.

Discord

A messaging platform that originally focused on video gaming.

disrupt (v.), disruptive (adj.)

Corporate jargon; use sparingly.

Related:

distro (n.)

Short for distribution, as in a version of Linux. Informal.

DKIM

DomainKeys Identified Mail. This standard allows messages that originate from a protected domain to be cryptographically signed. Pronounced “D-kim.” Spell out on first use.

DLL, .dll file

Dynamic-link library. Do not spell out.

Related:

DLP (n.)

Data loss prevention.

DM, DMs (n. or v.)

Short for direct message or dungeon master in Dungeons and Dragons. Both are informal.

DMA (n.)

Direct memory access. An exploitable hardware feature.

DMARC

Domain-based Message Authentication, Reporting and Conformance. This protocol allows an organization to instruct other mail servers on what to do when fraudulent mail from the protected domain is received. Pronounced “D-mark.”

Related:

DMCA

Digital Millennium Copyright Act. A U.S. copyright law. Spell out on first use.

Related:

DMZ, DMZs (n.)

Demilitarized zone. Also known as a perimeter network. It refers to a less secured portion of a network between external firewalls and the WAN connection.

DN, DNs (n.)

Short for Distinguished Name in the LDAP API. Spell out on first use.

DNS, DNS name (n.)

Domain Name System. Types of records stored in the DNS database include IP addresses, name servers, SMTP mail exchangers, and Start of Authority (SOA). Do not spell out.

DOB, DOBs (n.)

Date of birth.

Related:

PII
doc (n.)

Short for document. Do not use in formal writing.

Docker

A platform that makes and manages containers.

DOCTYPE

Document type declaration.

Related:

DTD
DoD

Department of Defense.

Related:

DOE

Department of Education.

Related:

dogfooding (n. or v.)

The practice of a company deliberately using the product they make. Corporate jargon; do not use in formal writing.

DOJ

Department of Justice.

DOM

Document Object Model. Pronounced “dahm.”

domain, domain name (n.)

Write domain names in tech font.

Ex: bishopfox.com domain

Related:

dongle (n.)

An object that interfaces with a port and protrudes from it.

Ex: Bluetooth adapter, USB drive

Related:

DOS

Disk Operating System. This is unlikely to come up in our formal writing, but readers may confuse denial of service (DoS) with this.

DoS (n. or adj.)

Denial of service; a common vulnerability. Spell out on first use. DoS is pronounced as “doss” or the whole phrase.

dot-com bubble (n.)

Corporate jargon; use sparingly.

Related:

dotfile (n.)

A type of configuration file.

downgrade attack (n.)

A cryptographic attack that takes advantage of backward compatibility.

Ex: POODLE attack

dox, doxed (v.), doxing (v. or n.)

Revealing PII to maliciously target an individual online and IRL.

DPAPI

The data protection API used in some Microsoft products. Pronounced as letters. Spell out in public-facing writing.

dpi

Dots per inch, as in 300 dpi.

DRAC

Dell Remote Access Control. Spell out on first use.

Related:

DREAD (n.)

Damage, reproducibility, exploitability, affected users, and discoverability: five categories of security threats. A risk assessment model.

drive (n.)

A data storage device. If it’s a type of drive, use the normal font. If discussing a drive by name, use the tech font, as in “the C: drive."

drive-by (adj.)

Describes a method of attack that does not require direct user interaction. A drive-by download delivers malicious software without the user noticing their device is compromised.

-driven (adj.)

Always hyphenate, as in “server-driven.”

DRM (n.)

Digital rights management. Spell out on first use.

Dropbox

A file-hosting service.

Related:

DROWN

Decrypting RSA with Obsolete and Weakened eNcryption attack. A TLS bug. Do not spell out.

Related:

Drupal

An open source content management system.

DTD, DTDs (n.)

Document type definition. Spell out on first use.

Related:

DuckDuckGo

A search engine that doesn’t record search history.

Dufflebag

A Bishop Fox tool that searches for exposed Amazon EBS instances.

Related:

dump (v. or n.)

Informal. For the verb, try download, exfiltrate, extract, gather, remove, retrieve, take, or view instead. For the noun, use extraction.

Related:

dump file (n.)

A file from a memory dump, core dump, stack dump, hex dump, heap dump, etc. Informal.

Duo

An authentication provider.

Related:

DVD, DVR (n.)

Related:

Dvorak

An alternate keyboard setup that is efficient but uncommon. Pronounced “duh-vor-ack,” differently than the last name of classical composer Antonin Dvořák.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.