Wiki
Microsoft 365 & cyber, plain English, Australian context
Every Microsoft 365 licence, cyber framework, Microsoft product and industry acronym — written for Australian buyers and decision makers. No marketing, no hype, no vendor language. Just what each thing actually is, what it costs and when it matters.
Microsoft 365 licences
Every Microsoft 365 SKU explained for Australian buyers — what's bundled, what isn't, when each pays back.
- Microsoft 365 E3Microsoft 365 E3 is the standard enterprise SKU bundling Office apps, Windows Enterprise, Entra ID P1, Intune, basic Defender and Purview controls.
- Microsoft 365 E5Microsoft 365 E5 is the top enterprise bundle — adds Defender for Identity, Defender for Cloud Apps, full Purview, Entra ID P2 / Governance, Power BI Pro and Teams Phone.
- Microsoft 365 Business PremiumMicrosoft 365 Business Premium is the most popular SKU for sub-300-seat Australian businesses — Office, Intune, Entra ID P1 and Defender Business Premium in one bundle.
- Microsoft 365 Business StandardBusiness Standard is the apps-and-cloud SKU without the security stack — fine for non-regulated SMBs, dangerous for any business handling personal data.
- Microsoft 365 F3Microsoft 365 F3 is the licence for shift / frontline / shop-floor workers who don't need full Office apps — typically saves 70%+ versus E3.
- Microsoft 365 CopilotMicrosoft 365 Copilot is the AUD ~$45/user/month AI add-on that lives inside Word, Excel, PowerPoint, Outlook and Teams, grounded in your tenant's data.
- M365 Apps for BusinessMicrosoft 365 Apps for Business provides desktop versions of core Office applications, but excludes key services like Exchange Online and Microsoft Teams, making it a niche option in Australia.
- M365 Apps for EnterpriseMicrosoft 365 Apps for Enterprise provides standalone desktop Office applications like Word and Excel, without integrated email, collaboration, or security features.
- M365 F1Microsoft 365 F1 is a licence designed for frontline workers who primarily need web-based applications and collaboration tools, without a desktop Office suite.
- Office 365 E1Office 365 E1 provides web-only versions of core Microsoft applications like Exchange, Teams, SharePoint, and OneDrive, suitable for users who primarily work in a browser environment.
- Office 365 E3Office 365 E3 provides a comprehensive suite of Microsoft applications and services, including desktop Office, Exchange Online, Teams, and SharePoint, but lacks key security and management features found in Microsoft 365 E3.
- Office 365 E5Office 365 E5 is Microsoft’s highest-tier commercial subscription, bundling advanced security, analytics, and communication tools beyond the E3 offering, but without full M365 capabilities.
- Teams Phone StandardTeams Phone Standard provides core Teams voice features without requiring a traditional calling plan or associated phone numbers, offering a foundation for custom voice solutions.
- Teams Phone with Calling PlanTeams Phone with Calling Plan combines Teams Phone Standard with a Microsoft-provided domestic calling plan, simplifying telephony for AU mid-market organisations.
- Defender for Endpoint P1Microsoft Defender for Endpoint Plan 1 (MDE P1) provides essential endpoint protection capabilities, including next-generation antivirus and attack surface reduction, forming a foundational layer of defence.
- Defender for Endpoint P2Microsoft Defender for Endpoint Plan 2 (MDE P2) provides comprehensive endpoint detection and response capabilities, including advanced threat hunting, vulnerability management, and automated remediation, crucial for AU mid-market organisations.
- MDO Plan 1Microsoft Defender for Office 365 Plan 1 provides foundational email and collaboration protection, preventing threats like phishing and malware, and is commonly bundled with Microsoft 365 Business Premium.
- MDO Plan 2Microsoft Defender for Office 365 Plan 2 (MDO Plan 2) provides advanced threat protection for email, attachments, and links, building on the capabilities of Plan 1 and offering automated investigation and response.
- Intune Plan 1Microsoft Intune Plan 1 provides core mobile device management (MDM) and mobile application management (MAM) capabilities, enabling organisations to secure devices and applications.
- Intune Plan 2Microsoft Intune Plan 2 extends Intune’s capabilities with advanced features like Endpoint Privilege Management and Microsoft Tunnel, providing greater control and security over managed devices.
- Intune SuiteMicrosoft Intune Suite combines Intune P1 with several advanced add-on services, offering a comprehensive endpoint management solution for organisations needing more than basic mobile device management.
- Purview Information Protection licenceThe Purview Information Protection licence governs the use of sensitivity labels for classifying and protecting data within Microsoft 365, with varying levels of functionality available based on your subscription.
- Entra ID P1Microsoft Entra ID P1 builds on the free tier, providing essential identity and access management capabilities including Conditional Access and self-service password reset, crucial for AU mid-market security posture.
- Entra ID P2Microsoft Entra ID P2 builds on Entra ID P1, providing advanced features for identity governance, risk detection, and privileged access management to strengthen your organisation’s security posture.
- Entra ID GovernanceEntra ID Governance enhances Microsoft Entra ID P2 with advanced access management features like lifecycle workflows, verifiable credentials, and machine learning-powered access reviews, crucial for AU regulatory compliance.
- Power BI Pro licenceA Power BI Pro licence enables users to publish and share reports, consume content from others, and build larger data models, essential for many AU mid-market organisations.
- Power BI Premium Per UserPower BI Premium Per User (PPU) provides enhanced Power BI capabilities beyond the Pro licence, offering increased storage, refresh rates, and advanced features for Australian organisations.
- Copilot ProCopilot Pro is a Microsoft AI assistant subscription offering enhanced capabilities within Microsoft 365 apps for personal use, distinct from the enterprise-focused Microsoft 365 Copilot.
- Copilot ChatMicrosoft Copilot Chat provides a free conversational AI experience for Microsoft 365 users, with varying levels of functionality depending on your licence and data requirements.
- Project Plan 3Microsoft Project Plan 3 provides a comprehensive project management solution combining web, online, and desktop access, bridging the gap between basic web-only options and advanced portfolio management.
- Visio Plan 2Visio Plan 2 provides a comprehensive suite of diagramming tools, including the desktop application, web access, and data visualisation capabilities within Excel, expanding on the web-only features of Visio Plan 1.
Cyber & compliance frameworks
Australian cyber and compliance frameworks plain-English — and how the Microsoft 365 stack covers each control.
- Essential EightThe ACSC's Essential Eight is the Australian baseline of cyber mitigation strategies, scored on Maturity Levels 0–3.
- Privacy Act 2026The Privacy Act reform package introduces new individual rights, expanded definitions of personal information, a statutory tort, and a higher 'reasonable steps' bar for security.
- APRA CPS 234APRA's Prudential Standard CPS 234 sets information security obligations for Australian banks, insurers and superannuation funds — and now applies to many of their service providers.
- SOCI ActThe Security of Critical Infrastructure Act extends Australian Government cyber and resilience obligations to designated critical-infrastructure operators across 11 sectors.
- ASD ISMThe Australian Signals Directorate’s Information Security Manual (ISM) provides comprehensive security controls for Australian Government entities and those handling sensitive information, going beyond the Essential Eight.
- Essential Eight ML0Essential Eight Maturity Level 0 signifies a minimal implementation of the eight mitigation strategies, leaving organisations highly vulnerable to common cyber attacks.
- Essential Eight ML1Essential Eight Maturity Level 1 represents the foundational cybersecurity posture expected of Australian non-government organisations to mitigate common threats.
- Essential Eight ML2Essential Eight Maturity Level 2 represents a heightened baseline for cyber security, demanding more robust controls than Level 1, particularly relevant for organisations facing significant risk or regulatory scrutiny.
- Essential Eight ML3Essential Eight Maturity Level 3 represents the highest achievable level of security controls, designed to protect against advanced persistent threats and requiring significant investment and ongoing operational maturity.
- NIST CSF 2.0The NIST Cybersecurity Framework 2.0 provides a structured approach to managing cybersecurity risk, offering guidance on governance, identification, protection, detection, response, and recovery.
- PCI-DSS 4.0PCI-DSS 4.0 is the current standard for protecting cardholder data, outlining security requirements for organisations that process, store, or transmit payment card information.
- NDB schemeThe Notifiable Data Breach scheme requires Australian organisations to notify the Office of the Australian Information Commissioner (OAIC) and affected individuals when eligible data breaches occur, posing a risk of serious harm.
- APRA CPS 230APRA CPS 230 establishes a framework for operational risk management within Australian financial institutions, mandating robust controls and oversight across critical operations and third-party relationships.
- ISO 27001 in AustraliaISO 27001 is an internationally recognised standard for information security management systems, helping AU organisations protect sensitive data and build trust with stakeholders.
- IRAPThe Information Security Registered Assessors Program (IRAP) assesses information security controls against the Information Security Manual (ISM) for Australian Government and Critical Infrastructure systems.
- PSPFThe Protective Security Policy Framework (PSPF) is the Australian Government’s overarching security guidance for organisations handling sensitive information and assets, particularly those working with or on behalf of the Federal Government.
- AU Voluntary AI Safety StandardThe Australian Voluntary AI Safety Standard, released by DISR in 2024, outlines 10 guardrails to guide the responsible development and deployment of artificial intelligence systems in Australia.
- Australian Privacy PrinciplesThe Australian Privacy Principles (APPs) are a set of 13 principles under the Privacy Act 1988, outlining how organisations must handle personal information.
- SOC 2SOC 2 is an auditing procedure for service organisations, primarily SaaS providers, demonstrating controls relevant to data security, availability, and privacy, increasingly a standard expectation for AU mid-market enterprises.
Microsoft products
Microsoft product reference — what each component does, who needs it, and where it sits in the stack.
- Microsoft Entra IDMicrosoft Entra ID is the rebranded Azure AD — Microsoft's cloud identity and access management platform underpinning Microsoft 365, Azure and integrated SaaS.
- Microsoft IntuneMicrosoft Intune is the cloud-native endpoint management platform — devices, mobile apps, app protection policies and update rings, all controlled from Entra-aware policies.
- Microsoft PurviewMicrosoft Purview is Microsoft's umbrella for data governance, information protection, DLP, eDiscovery, insider risk, communication compliance and records management.
- Microsoft SentinelMicrosoft Sentinel is Microsoft's cloud-native SIEM and SOAR — billed per gigabyte ingested, deployed into your Azure subscription, integrated with Defender XDR and Logic Apps for response automation.
- Defender for EndpointMicrosoft Defender for Endpoint is Microsoft's enterprise EDR — endpoint detection and response across Windows, macOS, Linux, iOS and Android, integrated with Entra Conditional Access for compliance enforcement.
- Copilot StudioMicrosoft Copilot Studio is the low-code platform for building custom Copilot agents — integrated with Microsoft 365 Copilot, the Power Platform and Microsoft 365 data sources.
- Microsoft FabricMicrosoft Fabric is Microsoft's unified analytics platform — a single SaaS product that bundles Power BI, Synapse Analytics, Data Factory and Real-Time Intelligence on a shared OneLake storage layer.
- Global Secure AccessGlobal Secure Access is Microsoft's Security Service Edge (SSE) — Entra-native Internet Access and Private Access agents that replace traditional VPN and on-prem SWG/CASB stacks.
- Privileged Identity ManagementPrivileged Identity Management is the Entra ID P2 feature that converts standing admin role assignments into just-in-time, time-bound, justification-and-approval gated elevations.
- Windows Hello for BusinessWindows Hello for Business is Microsoft's passwordless sign-in for Windows — a device-bound asymmetric credential unlocked by PIN or biometric, replacing passwords with a phishing-resistant factor.
- Defender for Office 365Microsoft Defender for Office 365 (MDO) provides advanced threat protection for email, attachments, and links, supplementing Exchange Online Protection (EOP) within Microsoft 365.
- Defender for IdentityMicrosoft Defender for Identity (MDI) provides advanced threat detection and response capabilities for on-premises Active Directory and Microsoft Entra ID, helping AU organisations identify and mitigate sophisticated attacks.
- Defender for Cloud AppsMicrosoft Defender for Cloud Apps provides visibility and control over cloud applications, helping Australian organisations manage risk and comply with relevant regulations.
- Defender for CloudMicrosoft Defender for Cloud provides centralised cloud security management across Azure, AWS, and Google Cloud, combining cloud security posture management (CSPM) and cloud workload protection (CWPP) capabilities.
- Defender XDRMicrosoft Defender XDR consolidates endpoint, identity, email, and cloud app security data into a single platform for improved threat detection and response capabilities.
- Defender Vulnerability ManagementDefender Vulnerability Management enhances Microsoft Defender for Endpoint by providing deeper visibility into vulnerabilities and prioritised remediation guidance, crucial for AU regulatory compliance.
- Defender EASMMicrosoft Defender External Attack Surface Management (EASM) continuously discovers and assesses your organisation’s internet-exposed assets, providing visibility and reducing attack surface risk.
- Defender ExpertsMicrosoft Defender Experts provides managed extended detection and response (XDR) services, offering proactive threat hunting and 24x7 incident response to augment existing security capabilities.
- Power AppsMicrosoft Power Apps is a low-code platform enabling users to build custom business applications with minimal coding, integrating with various data sources and automating workflows.
- Power AutomateMicrosoft Power Automate is a cloud-based service that enables users to automate repetitive tasks and workflows across various applications and services, integrating M365 with external systems.
- Power BIMicrosoft Power BI is a business intelligence platform enabling organisations to visualise data, analyse trends, and make data-driven decisions, integrating with various data sources and offering diverse deployment options.
- Power PagesMicrosoft Power Pages enables AU mid-market organisations to build and deploy low-code, data-driven websites and portals, often leveraging data stored within Dataverse.
- DataverseMicrosoft Dataverse is a cloud-based data platform used to store and manage data for Power Platform apps, Dynamics 365, and custom solutions, offering structured data and robust security features.
- Microsoft LoopMicrosoft Loop provides live, collaborative components that can be embedded across Microsoft 365 apps, enabling real-time updates and shared workflows for AU mid-market organisations.
- Microsoft ListsMicrosoft Lists provides a flexible, low-code way to track information, from simple to-do lists to complex asset registers, within the Microsoft 365 ecosystem.
- PlannerMicrosoft Planner is a task management tool designed for team collaboration, now combining Planner, To Do, and Project for the Web into a unified experience.
- Microsoft StreamMicrosoft Stream, now integrated within SharePoint, is a video service for recording, sharing, and collaborating on video content within your Microsoft 365 environment.
- WhiteboardMicrosoft Whiteboard provides a digital canvas for real-time collaboration during Teams meetings and persistent, personal whiteboards stored in OneDrive, with emerging AI capabilities.
- FormsMicrosoft Forms is a tool for creating surveys, quizzes, and polls, offering simple data collection and basic automation capabilities within the Microsoft 365 ecosystem.
- BookingsMicrosoft Bookings is a scheduling tool enabling businesses to offer online appointment booking, streamlining customer interactions and reducing administrative overhead.
- Viva EngageMicrosoft Viva Engage, formerly Yammer, is a Microsoft 365 platform designed to foster employee communities, conversations, and knowledge sharing within an organisation.
- Viva InsightsMicrosoft Viva Insights provides data-driven insights into employee productivity and well-being, drawing from Microsoft 365 usage data to help individuals, managers, and leaders optimise workflows.
- Viva LearningMicrosoft Viva Learning brings learning resources from various sources into Microsoft Teams, providing a central hub for employees to discover and engage with training.
- Viva GoalsViva Goals is a Microsoft Viva module enabling organisations to define, track, and achieve objectives and key results (OKRs) directly within Microsoft Teams.
- Microsoft ProjectMicrosoft Project is a suite of tools for planning, scheduling, and managing complex projects, evolving from desktop applications to a cloud-based platform integrated with Microsoft 365.
- VisioMicrosoft Visio is a diagramming tool for creating flowcharts, network diagrams, and other visual representations of processes and systems, available in web and desktop versions.
- OneDriveMicrosoft OneDrive for Business provides users with cloud storage, file sharing, and collaboration capabilities, integrated with Microsoft 365, with specific governance considerations for Australian organisations.
- SharePointSharePoint is Microsoft's platform for building team sites, intranets, and document repositories, intrinsically linked to Microsoft 365 Groups and Teams.
- Microsoft TeamsMicrosoft Teams is a collaboration platform combining chat, video meetings, file sharing, and calling, widely used by AU mid-market organisations for internal and external communication.
- Exchange OnlineMicrosoft Exchange Online provides cloud-based email and calendaring services, forming a core component of Microsoft 365 subscriptions and requiring careful management for Australian compliance.
- OutlookMicrosoft Outlook is a widely used email and calendar client, available in various versions, providing core communication and scheduling functionality for AU mid-market organisations.
- Microsoft WordMicrosoft Word is a widely used application for creating, editing, and sharing documents, available across desktop, web, and mobile platforms, now integrated with Copilot.
- Microsoft ExcelMicrosoft Excel is a spreadsheet application widely used for data analysis, budgeting, and reporting, but its prevalence introduces specific data security and compliance challenges for AU mid-market organisations.
- PowerPointMicrosoft PowerPoint is a widely used presentation software enabling users to create and deliver visual presentations, now enhanced with features like Designer and Copilot.
- OneNoteMicrosoft OneNote is a note-taking application allowing users to create and share notebooks, sections, and pages for collaboration and information management, integrated with Microsoft 365.
- Conditional AccessMicrosoft Conditional Access lets you create policies that control access to your Microsoft 365 applications based on factors like user identity, location, and device compliance, bolstering your security posture.
- Microsoft Information ProtectionMicrosoft Information Protection (MIP) helps Australian organisations classify, label, and protect sensitive data, whether it’s at rest, in transit, or in use, aligning with regulatory obligations.
- Compliance ManagerMicrosoft Compliance Manager, part of Microsoft Purview, helps AU mid-market organisations assess, remediate, and track compliance with relevant regulations and industry standards.
- eDiscoveryMicrosoft eDiscovery, now part of Microsoft Purview, helps AU organisations identify, preserve, collect, and review data for legal hold, investigations, and litigation, balancing compliance with operational needs.
- Purview AuditMicrosoft Purview Audit provides centralised logging of user activity and data access within Microsoft 365, helping AU organisations meet compliance obligations and investigate incidents.
- Communication ComplianceMicrosoft Communication Compliance helps AU organisations monitor and manage communications within Microsoft 365 and connected platforms, reducing legal and reputational risks.
- Data Lifecycle ManagementMicrosoft Data Lifecycle Management, formerly Retention, helps organisations control how long data is stored and when it’s deleted, aligning with regulatory requirements and reducing risk.
- Insider Risk ManagementMicrosoft Purview Insider Risk Management (IRM) helps AU organisations identify and mitigate risks posed by employees, contractors, and other insiders, protecting sensitive data and complying with regulations.
- Microsoft AuthenticatorMicrosoft Authenticator is an app providing multi-factor authentication (MFA), passwordless sign-in, and secure storage for credentials, commonly used within Microsoft 365 environments.
- Entra External IDMicrosoft Entra External ID unifies Azure AD B2B and B2C capabilities, enabling secure collaboration with external partners and managing customer identities for consumer-facing applications.
- Entra Permissions ManagementMicrosoft Entra Permissions Management (formerly Cloud Identity Entitlement Management) helps Australian organisations discover, right-size, and continuously manage permissions across their cloud environments, reducing risk and improving compliance.
- Entra Verified IDMicrosoft Entra Verified ID provides a way to issue and verify digital credentials, enabling secure and privacy-respecting identity solutions based on decentralised identifiers and verifiable credentials.
- M365 LighthouseMicrosoft 365 Lighthouse provides managed service providers (MSPs) with centralised tools to manage multiple Microsoft 365 tenant environments, improving efficiency and security posture for their clients.
- Security Exposure ManagementMicrosoft Security Exposure Management (SEM) consolidates vulnerability and exposure data across your Microsoft security estate, providing a prioritised view to reduce cyber risk.
- Microsoft Secure ScoreMicrosoft Secure Score provides a numerical representation of your Microsoft 365 security posture, highlighting areas for improvement and helping you prioritise security investments.
Glossary
Microsoft and cyber acronyms decoded — short, accurate, no marketing.
- MFAMulti-Factor Authentication: requiring two or more verification factors at sign-in — something you know, something you have, something you are.
- PIMPrivileged Identity Management: just-in-time activation of admin roles in Microsoft Entra, with approval, MFA challenge and time-limited access.
- DLPData Loss Prevention: rules that detect and block sensitive content from leaving the tenant — across SharePoint, OneDrive, Teams, Exchange and endpoints.
- EDREndpoint Detection and Response: the next-generation replacement for traditional antivirus — continuous monitoring, behavioural detection, automated investigation and response.
- CAEContinuous Access Evaluation: real-time enforcement of access decisions — sessions are revalidated when something changes (location, device compliance, password reset) instead of waiting for token expiry.
- Zero TrustZero Trust: the security model that assumes breach, verifies every request explicitly, applies least-privilege access, and continuously validates trust signals.
- MAMMobile Application Management: managing the corporate app on a personal device without enrolling the whole device — the BYOD-friendly alternative to MDM.
- CASBCloud Access Security Broker: a security control point between users and cloud apps — visibility into shadow IT, policy enforcement, threat protection across SaaS.
- SIEMSecurity Information and Event Management: a platform that aggregates logs, detects threats with correlation rules, and gives a SOC analyst the single pane of glass to investigate them.
- XDRExtended Detection and Response: a security platform that correlates signals across endpoint, identity, email and cloud — going beyond a single-control EDR into a unified detection layer.
- SSOSingle Sign-On: one identity, one sign-in, all the apps — federated authentication where users authenticate once with the identity provider and then access connected applications without re-entering credentials.
- ZTNAZero Trust Network Access: identity-aware, application-level access that replaces traditional VPN — every connection is brokered, authenticated, authorised per-session.
- SSESecurity Service Edge: a cloud-delivered platform combining Secure Web Gateway, CASB and ZTNA — the security half of SASE, delivered without the network half.
- SASESecure Access Service Edge: the convergence of network (SD-WAN) and security (SSE) into a single cloud-delivered service — the architectural answer to a workforce that is no longer in offices.
- MDRManaged Detection and Response: a managed service where a third-party SOC operates EDR/XDR/SIEM on your behalf — 24/7 monitoring, triage, response actions and threat hunting.
- IAMIdentity and Access Management: the discipline and platform that manages who can access what — provisioning, authentication, authorisation, access reviews, lifecycle.
- PAMPrivileged Access Management: specialised controls for admin and high-impact accounts — credential vaulting, just-in-time elevation, session recording, separation of duties.
- IGAIdentity Governance and Administration: the controls that prove the right people have the right access — access reviews, entitlement management, joiner-mover-leaver, segregation of duties.
- SAMLSecurity Assertion Markup Language (SAML) is a standard protocol enabling single sign-on (SSO) between an identity provider, like Microsoft Entra ID, and service providers, such as SaaS applications.
- OIDCOpenID Connect is an authentication layer built on top of OAuth 2.0, providing a standardised way for applications to verify user identity and obtain basic profile information.
- OAuthOAuth 2.0 is a standard that enables secure delegated access to resources, allowing applications to act on behalf of a user without needing their credentials.
- JWTA JSON Web Token (JWT) is a standard for securely transmitting information as a JSON object, often used for authentication and authorisation in web applications and APIs.
- SCIMSystem for Cross-domain Identity Management (SCIM) is a standard REST API enabling automated user provisioning, deprovisioning, and modification across different cloud applications, streamlining identity management.
- JITJust-in-Time (JIT) access grants temporary, role-based permissions only when needed, enhancing security by minimising standing privileges and reducing the attack surface for AU mid-market organisations.
- BYODBring Your Own Device (BYOD) refers to employees using personal devices like smartphones and laptops to access corporate data and applications, presenting both convenience and security challenges.
- MDMMobile Device Management (MDM) is a system for securing and managing mobile devices accessing corporate data, often implemented via Microsoft Intune to enforce policies and protect information.
- RBACRole-Based Access Control (RBAC) restricts user access to only the resources they need to perform their job, improving security and reducing the risk of accidental or malicious data breaches.
- ABACAttribute-Based Access Control (ABAC) is an access control model that grants or denies access based on attributes associated with the user, the resource being accessed, the action being performed, and the environment.
- FIDO2FIDO2 is an open authentication standard combining WebAuthn and CTAP2, providing a significantly more secure alternative to passwords and SMS-based MFA, resistant to phishing attacks.
- PasskeyPasskeys are a secure authentication method replacing passwords, leveraging cryptographic keys stored on devices or in password managers to verify user identity without shared secrets.
- TPMA Trusted Platform Module (TPM) is a dedicated hardware chip that securely stores encryption keys, protects identity, and helps ensure the integrity of a device, increasingly vital for AU cybersecurity posture.
- SPFSender Policy Framework (SPF) is a DNS record that authorises which mail servers are permitted to send email on behalf of your domain, helping to prevent email spoofing and improve deliverability.
- DKIMDomainKeys Identified Mail (DKIM) is a cryptographic email authentication method that adds a digital signature to outgoing emails, verifying the sender's identity and ensuring message integrity.
- DMARCDomain-based Message Authentication, Reporting and Conformance (DMARC) builds on SPF and DKIM to verify email legitimacy, reduce spoofing, and provide feedback on sending practices.
- BIMIBrand Indicators for Message Identification (BIMI) allows organisations to display verified logos in email inbox previews, enhancing brand trust and combating phishing, subject to strict technical and policy prerequisites.
- SOCA Security Operations Centre is a centralised team and technology environment responsible for continuously monitoring an organisation’s IT infrastructure for security threats, responding to incidents, and improving overall security posture.
- NOCA Network Operations Centre (NOC) is a centralised location monitoring an organisation's IT infrastructure, ensuring availability and performance, and responding to incidents impacting network services.
- IRIncident Response (IR) is the planned, structured process for dealing with cyber security incidents, from initial detection through to recovery and lessons learned.
- CSIRTA Computer Security Incident Response Team (CSIRT) is a group responsible for handling cybersecurity incidents, from detection and analysis to containment, recovery, and post-incident activity.
- MITRE ATT&CKMITRE ATT&CK is a globally recognised knowledge base detailing adversary behaviours, structured as tactics, techniques, and sub-techniques, used to improve threat detection and response capabilities.
- CVEA CVE is a unique identifier assigned to known software vulnerabilities, enabling consistent tracking and remediation across different vendors and security tools.
- CVSSCVSS is an industry-standard scoring system that assesses the severity of software vulnerabilities, helping organisations prioritise remediation efforts and manage cyber risk effectively.
- IOCAn Indicator of Compromise (IOC) is a piece of forensic data that suggests a system or network has been compromised, providing early warning signs of malicious activity.
- IOAAn Indicator of Attack (IOA) describes the behaviours of malicious activity, focusing on what an attacker *does*, rather than the specific files or tools they use.
- SBOMA Software Bill of Materials (SBOM) is a formal, nested inventory of software components, similar to a product's ingredient list, providing transparency into software supply chains.
- SASTStatic Application Security Testing (SAST) analyses application source code for security vulnerabilities without running the application, helping developers identify and remediate flaws early in the development lifecycle.
- DASTDynamic Application Security Testing (DAST) assesses application security by simulating real-world attacks against a running application, identifying vulnerabilities that static analysis might miss.
- SCASoftware Composition Analysis (SCA) is a process of identifying and managing the open source components used in your applications, focusing on vulnerabilities and licensing compliance.
- WAFA Web Application Firewall (WAF) filters HTTP traffic to protect web applications from common attacks, acting as a security barrier between users and your application servers.
- DDoSA Distributed Denial of Service (DDoS) attack overwhelms a system with malicious traffic, rendering it unavailable to legitimate users, impacting business operations and potentially triggering regulatory scrutiny.
- NACNetwork Access Control (NAC) manages device access to a network, traditionally via posture assessment, but increasingly through identity-led approaches like Zero Trust Network Access (ZTNA).
- IDSAn Intrusion Detection System (IDS) monitors network traffic for malicious activity and policy violations, generating alerts but typically not blocking threats itself.
- IPSAn Intrusion Prevention System (IPS) is a network security technology that monitors network traffic for malicious activity and automatically takes action to block it, going beyond the detection capabilities of an Intrusion Detection System (IDS).
- NDRNetwork Detection and Response (NDR) provides visibility into network traffic to detect and respond to threats that evade traditional security controls, often focusing on east-west traffic.
- EASMExternal Attack Surface Management (EASM) is a security practice that continuously discovers and monitors an organisation's publicly exposed digital assets, identifying potential vulnerabilities and risks outside the traditional network perimeter.
- ASMAttack Surface Management (ASM) identifies and manages all potential entry points for attackers, encompassing external and internal systems, cloud environments, and identity vulnerabilities.
- CSPMCloud Security Posture Management (CSPM) continuously assesses your cloud environments, identifying misconfigurations and compliance gaps against industry best practices and regulatory requirements.
- CWPPA Cloud Workload Protection Platform (CWPP) provides security controls for cloud-based infrastructure, protecting virtual machines, containers, and serverless functions from threats.
- CNAPPA Cloud-Native Application Protection Platform (CNAPP) consolidates multiple cloud security tools, offering a unified view and control over cloud-native applications and infrastructure, reducing complexity and risk.
- CIEMCloud Infrastructure Entitlements Management (CIEM) helps AU mid-market organisations discover, assess, and optimise identity-based access rights across cloud environments, reducing risk and improving compliance.
- PIIPersonally Identifiable Information (PII) refers to data that can be used to identify an individual, though the Australian Privacy Act 1988 defines 'personal information' more broadly, encompassing a wider range of data.
Wiki entries: 171 and growing. Email hello@frontrowtech.com.au with anything you'd like Frontrow to write up next.