Glossary

Following is a list of terms that are referenced within our documentation or generally applicable to our application.

.key

A .key file has the path to a PEM encoded file containing the private key.

.pem

A .pem file has the path to a PEM encoded file containing the certificate (or certificate chain) that will be presented when requested.

CyBOX

Cyber Observable Expression. The standardized schema for the specification, capture, characterization, and communication of events or stateful properties that are observable in the operational domain. Mainly, it’s a way to point out what a specific threat is doing.

Fields

Fields are discrete data types that contain data. Fields are collected together and put into Form Groups or Forms. Fields have many type options depending upon the desired data format to be stored.

Field Types

Field types include Text, Radio Buttons, Checkboxes, Numbers, etc., and define the type of data being stored in a field.

Note: By default, lookup fields in FortiSOAR™ display only the first 30 items. If you want to search for more than 30 items, please use the Search text box.

Form

A collection of Fields and Form Groups that are displayed in an interface and may be user editable depending upon permissions.

Form Group

A collection of Fields with a title. This is typically a section of a Form. Form Groups may have properties that enable them with special types, such as only displaying under certain logical conditions.

FortiSOAR™

Our primary platform is called Fortinet Security Orchestration, Automation, and Response Platform, or FortiSOAR™ for short. This refers to the application.

Module

A module is a specific model typically visible within the UI or potentially a collection of models that make up a unit of the FortiSOAR™ application.

Service Oriented Architecture (SOA)

A Service Oriented Architecture leverages separate software resources operating in a loosely coupled collection, allowing for more scalability and better failure tolerance if a specific application component encounters an issue.

STIX

Structured Threat Information Expression. A schema developed by Mitre for classifying and sharing security threats across organizations in a way that ensures no trade secrets or competitor information is passed. More info here.

TAXII

Trusted Automated eXchange of Indicator Information. Method for sending STIX information between different entities. Also developed by Mitre.

VERIS Security Model

An alternate schema for scoring, classifying, and working with incidents. VERIS stands for Vocabulary for Event Recording and Incident Sharing. This is used by some of our customers as well.

View Templates

View Templates are a structured layout for building the user interface across specific areas of the application including the Dashboard and Modules. View Templates may be modified to change the interface appearance and information rendering.

Widgets

Widgets are individual display elements that are used to compose a View Template.