Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Version 2.0

Cybersecurity Style Guide


M.2 (n.)

A specification for connectors and expansion ports used by many device classes, such as SSDs. Successor to other connector types such as SATA and IDE.


Mergers and acquisitions. Corporate jargon. Spell out on first use in public-facing documents.

MAC, MACs (n.)

Message authentication code. Spell out on first use.

MAC address (n.)

Media access control address. A unique identifier on a network-enabled device, one level below the IP address.





Mac OS X, OS X 10.11

The name of versions of macOS released between 2012 and 2015.


macro (n.)

OK in formal writing if relevant, but use automation for the general technique.

magic IP address (n.)

In AWS, this may refer to the Instance Metadata IP address, Do not use outside of a cloud context.



Previously styled as MailChimp.

Maker Faire

A global series of DIY community events that started in the Bay Area.


An esoteric programming language.


malformed (adj.)

A syntactically improper bit of data or code.

malicious actor (n.)

This represents a wide range of potential attackers from individuals to nation-states. When writing about individual threats, use attacker or malicious user.

malware (n.)

Malicious software. A catch-all term for anything that could be called malicious including CryptoLockers, spyware, viruses, worms, trojans, and backdoors.

MAM (n.)

Mobile application management. Can also refer to media asset management. Spell out on first use.


MAN, MANs (n.)

Metropolitan area network. Spell out on first use.

Man-in-the-Browser (MitB) (adj.)

When written as MitB, precede with “an.” Spoken out loud as the whole phrase.

Man-in-the-Middle (MitM) (adj.)

When written as MitM, precede with “an.” Spoken out loud as the whole phrase. Spell out on first use. Do not use as a verb. A malicious user in this position can be described as an unauthorized intermediary or unauthorized proxy.


An open source clone of MySQL.


A markup language.


Markov chain (n.)

A predictability model that bases potential outcomes on only the previous event.

Martin Bishop

A fictional character (played by Robert Redford) who leads a security consulting team in the 1992 movie Sneakers. Because of his offensive hacking skills, we use his name in our company name.

mass assignment (n.)

A vulnerability that allows a user to add and modify fields to increase their privileges or gain access to private information.

Master Control Program

The fictional AI antagonist that digitally captures Flynn in the 1982 movie Tron.


master/slave (n.)

We prefer to use primary/replica to discuss inheritance and leader/follower to discuss control relationships. However, in general, refer to the alternate terminology used by the technology you are discussing. Alternatives for “master” include primary, parent, leader, and main. Alternatives for “slave” include replica, follower, child, and worker. If a component name is “master” or “slave,” put the name in the tech font, as in, “The worker node, slave, was improperly configured.”

The Matrix

A 1999 movie about a hacker named Neo.

MB (n.)

Megabyte. A megabyte may be 1,000 or 1,024 kilobytes (KB). No space between the number and unit, as in 75MB. Do not pluralize MB.

MBean, MBeans (n.)

Managed bean. A Java object. Pronounced as “M-bean.”

MBps vs. Mbps

Capitalization matters. MBps is megabytes per second. Mbps is megabits per second. No space between the number and unit, as in “500Mbps.”

MCU, MCUs (n.)

Microcontroller unit. Spell out in public-facing documents to avoid confusion with the Marvel Cinematic Universe. Do not spell out in technical documents.


Message Digest 5. An efficient but highly insecure hashing algorithm that should never be used in situations where security is a concern. Pronounced as letters and numbers. Do not spell out.

MDM (n.)

Mobile device management.


meatspace (n.)

An informal term for the analog world.

mechanism (n.)

Write the name in the tech font, as in “the protect_from_forgery mechanism.”


A flaw that affects Intel, AMD, and ARM chipsets. It was publicly disclosed in January 2018.

memcache (n.)

A memory cache.


A memory caching server. Pronounced as “mem-cash-dee” or “mem-cashed.”


Pronounced as “mee-moh-jee.”



A source control tool.




metacharacter (n.)

A character with a special meaning in a programming language or regex. It must be set apart (escaped) by another character to use its literal meaning, as in * vs. *.


A pen testing framework.


A Metasploit payload used to establish a shell and communicate back to the attacker. Pronounced as “meh-ter-preh-ter,” similar to “interpreter.”

MFA (n.)

Multi-factor authentication. Factors are typically something you have (a badge), something you know (a password), or something you are (biometrics). Spell MFA out on first use.

MHz (n.)

Megahertz. Use a space between the number and the unit, as in “100 MHz.” Do not pluralize.

MiB (n.)

Mebibyte. A mebibyte is exactly 1,024 kibibytes. Do not pluralize.


microservice (n.)

A small process or application that operates independently but is integrated with similar processes to form a larger application or service.

Microsoft Security Bulletin number

Write the names of specific vulnerabilities in the normal font.

Ex: MS15-034


Musical instrument digital interface. Do not spell out. Pronounced as “midd-ee.”

military-grade encryption (n.)

May refer to AES-256 encryption. Do not use this term; refer to the type of encryption by name instead.

military time (n.)

Avoid using military (24-hour) time unless relevant to the context.

Ex: 0900 PDT


milkshake duck (n.)

A hypothetical wholesome new public figure who is quickly revealed to be vile.


millennial (n. or adj.)

Corporate jargon. When broadly used, this can include people born between 1980 and 2010. It’s better to describe groups with other demographic markers (such as age ranges).


Multipurpose internet mail extensions. A MIME type or media type is a file format identifier. Do not spell out. Pronounced as “mime.”

Ex: application/json, text/html


A post-exploitation tool typically used to extract passwords during internal network assessments.

minification (n.), minify (v.)

The process of reducing character count in source code. Also called minimization.



The name is derived from “Mini-Unix.” Pronounced as “minn-icks.”


A botnet worm that used IoT devices to cause DDoS in October 2016. Pronounced as “mee-rye.” Mirai means “future” in Japanese.

mirror (n. or v.)

A duplicate website.


mitigate (v.)

To lessen the impact of potential future attacks. Not interchangeable with “reduce.”


mitigation (n.)

The application of compensating controls to decrease the impact of identified vulnerabilities while not fully remediating those vulnerabilities.


MitM (adj.)

Man-in-the-Middle. When written as MitM, precede with “an.” Spoken out loud as the whole phrase, not the acronym. In cryptography, this can also refer to the Meet-in-the-Middle attack. Spell out on first use.


A resource and framework for offensive attacks and techniques.


mixed content (n.)

A mix of HTTP and HTTPS content on the same page that exposes the content to vulnerabilities due to the parts delivered via HTTP.


When recommending limitations on allowable characters in date fields, write this format in the tech font.


Mobile Application Security Assessment (MASA)

A Google Play security assessment framework. Spell out on first use.


Multimedia over Coax Alliance. A standard for wired internet over coaxial cables. Pronounced as “mo-kah.”


mod (v. or n.)

Short for modify or modulo. Informal.

model numbers (n.)

Use the normal font for software version numbers, product model numbers, serial numbers, and builds.

monorepo (n.)

A single, large repository that holds code for multiple projects. Informal.

moonshot (n.)

Corporate jargon; use sparingly.

Moore’s Law

About every 18 months since 1965, the number of transistors per square inch on integrated circuits has doubled. Observed by Intel co-founder Gordon Moore.


MOTD (n.)

Message of the day banner. Pronounced as letters or the whole phrase. Spell out on first use in public-facing documents.

MP3, .mp3 file, MP4, .mp4 file

Audio and video file types. Pronounced as letters and numbers.

mpv, .mpv file

A video player and file type. Pronounced as letters.


Mr. Robot

A 2015-2019 TV show about a paranoid hacker that used some Bishop Fox exploits.


Microsoft. Use sparingly in reports.

ms (n.)

Millisecond. Put a space between the number and the unit, as in “250 ms.”

MSA, MSAs (n.)

Master service agreement. Spell out on first use.



Microsoft SQL Server Data Engine. Spell out on first use.


A tool used for exploit development to generate shellcode.

MSI, .msi file

A Windows installer package file format.


MSP, MSPs (n.)

Managed service provider. Pronounced as letters. Spell out on first use.



Microsoft SQL Server.

multi-factor authentication (MFA) (n.)

The factors can be something you have (a badge), something you know (password), or something you are (biometrics). Spell out on first use.


multimeter (n.)

Pronounced as “multi-meeter.”



An HTML template system.

MVC (n.)

The Model-View-Controller architectural pattern. Spell out on first use.



A type of database. Pronounced as “my-sequel.”


This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.