Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Version 2.0

Cybersecurity Style Guide

Download Style Guide

Welcome

Welcome to our cybersecurity style guide! We are Bishop Fox, a leading offensive security company operating globally. We compiled this guide to keep ourselves technically accurate and up to date in our reports, publications, and social media interactions. Now we want to share our current standards with you.

This guide is designed for professionals in security and related technical fields. It provides advice on which terms to use in technical writing, how they should look in the middle of a sentence, and how to pronounce them out loud. The terms are listed alphabetically and stem from a variety of contexts, so although much of the usage advice is serious-minded, you will find other entries from the far-flung corners of internet culture to be more playful.

Each term in the guide earned its place by being unintuitive in some way:

  • It may look like a non-technical word (execute, pickling, shell),
  • It may be uniquely written (BeEF, LaTeX, RESTful),
  • It may not follow a clear pattern (web page vs. website),
  • It may have a very specific technical distinction (invalidated vs. unvalidated),
  • Or its meaning may change depending on the context (crypto, PoC, red teaming).

Language is always evolving, and language changes are especially visible in an innovative field like information security. This guide aspires to record those changes in vocabulary and encourage professionals to use language intentionally as the digital lexicon continues to grow.

This is a work in progress. We intend to further revise this list in the future and share subsequent versions with the public. Please contact [email protected] with ideas about new entries or improvements to existing entries.

Note

This guide is a place to start when researching technical terms; it is not a comprehensive dictionary. While some terms are briefly defined, we have not attempted to define every included term but have endeavored to provide enough context for you to also continue researching the term elsewhere. We provide usage notes about capitalization, font, and pronunciation where needed. The external resources listed in Appendix B can help you locate more detailed technical definitions.

Avoid The Red Squiggly

cyber.dic is an auxiliary spellcheck dictionary that can be added to your word processor to augment its standard spellcheck list. This is a resource for anyone who regularly writes about tech and is not a fan of the red underline that plagues any highly technical document.

View on GitHub

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.