Skip to main content

Glossary

Acronyms and simple definitions:

  • API – Application Programming Interface, allows systems or applications to communicate and exchange data.

  • CEF – Common Event Format, a standard log format used for security events.

  • CSV – Comma-Separated Values, a simple file format for storing tabular data.

  • DNS – Domain Name System, translates domain names (like example.com) into IP addresses.

  • GELF – Graylog Extended Log Format, a structured log format used by Graylog for consistent message ingestion.

  • GIM – GravityZone Information Model, Bitdefender’s schema for normalizing and enriching log data.

  • HTTP – Hypertext Transfer Protocol, a standard protocol for transferring web data.

  • IAM – Identity and Access Management, controls user identities and access permissions.

  • ICMP – Internet Control Message Protocol, used by network devices to send error or status messages (like “ping”).

  • IDS – Intrusion Detection System, monitors network traffic for suspicious activity.

  • IOCs – Indicators of Compromise, data points that suggest potential security breaches or threats.

  • IP – Internet Protocol, a set of rules for routing data across networks.

  • JSON – JavaScript Object Notation, a lightweight format for data exchange, often used in APIs.

  • JSON-RPC – Remote Procedure Call over JSON, a protocol that uses JSON to invoke commands remotely.

  • MAC – Media Access Control, a unique identifier assigned to a network interface.

  • MDR – Managed Detection and Response, Bitdefender’s managed security service that provides continuous threat monitoring and response.

  • NAT – Network Address Translation, a process that remaps IP addresses for network routing.

  • NXLog – A log collection agent that forwards event data to systems like Graylog.

  • OS – Operating System, the main software controlling computer hardware and software resources.

  • OTX – Open Threat Exchange, AlienVault’s community threat intelligence platform.

  • RPM – Red Hat Package Manager, a software package format used by Red Hat-based Linux systems.

  • SDK – Software Development Kit, a set of tools for building applications or integrations.

  • SDL – Security Data Lake, Bitdefender’s centralized platform for storing, normalizing, and analyzing security data.

  • SQS – Simple Queue Service, Amazon’s managed message queuing service, used for event notifications.

  • ST – Security Telemetry, Bitdefender’s raw endpoint event data, usually sent via syslog.

  • Syslog – System Logging Protocol, a standard way to send system log messages over a network.

  • TLS – Transport Layer Security, a protocol for encrypting data transmitted over a network.

  • UDP – User Datagram Protocol, a fast, connectionless network protocol used for transmitting data.

  • UEBA – User and Entity Behavior Analytics, a method for detecting anomalies based on user or system activity.

  • URL – Uniform Resource Locator, the full web address used to access a resource (for example, https://example.com).

  • UUID – Universally Unique Identifier, a 128-bit value used to uniquely identify information.

  • VM – Virtual Machine, a software-based emulation of a physical computer.

  • WMI – Windows Management Instrumentation, a Microsoft framework for managing data and operations on Windows systems.

  • YAML – YAML Ain’t Markup Language, a human-readable format used for configuration files.

In this section: