DevOps and Security Glossary Terms

A

Active DirectoryActive Directory is a specialized software tool that was developed by Microsoft to make it easier for the administrators to manage and deploy system changes.

Agile methodologyAgile methodology is a set of techniques, values and principles designed to guide how software development teams work together to deliver new applications and updates.

AIOpsAIOps, artificial intelligence for IT operations, refers to using artificial intelligence and machine learning to perform and automate tasks normally executed manually by IT operators.

Amazon RedshiftLearn what Amazon Redshift is, how it works, and why it’s a powerful, fully-managed cloud data warehouse for running scalable analytics on large data.

ApacheApache HTTP is the most popular web hosting platform in the world and is used across industries and sectors to host all types of applications.

APIAPI is a specified communication protocol that allows two applications to interface with each other, or for a client application to access information within another application.

API managementAPI (Application Program Interface) management includes the entire process of creating and publishing an API for your application.

Application containerizationApplication containerization is a rapidly developing technology that is changing the way developers test and run application instances in the cloud.

Application infrastructureApplication infrastructure includes all of the computational and operational infrastructure and components that are necessary to manage the development, deployment, and management of enterprise applications.

Application lifecycle managementApplication lifecycle management (ALM) encompasses all aspects of the application lifecycle, especially the usage, maintenance and servicing of the application after it has already been developed.

Application migrationApplication migration describes the process of moving an application, along with its associated data and host servers, from one environment into another.

Application performance monitoringAPM (Application performance monitoring) tools capture data, and aggregate and analyze the data to detect patterns and present actionable insights in a human-readable format.

Application securityApplication security is a catch-all term that encompasses any security measures deployed at the application level of an organization's technology stack.

Application whitelistingApplication whitelisting is a common method used by IT organizations to secure on-premise and cloud-based networks and infrastructure against malicious cyber attacks and unwanted network penetration.

ASP.Net Core monitoringASP.Net Core is a free and open-source rewrite of the ASP.NET framework running on .NET Core and Full Framework.

Attack vectorAn attack vector is a method or pathway used by a hacker to access or penetrate the target system. Attack vectors can be former employees or even hackers.

Audit logAn audit log is a chronological record of events, actions and changes within a computer system, software application, network or organization.

Authentication factorAn authentication factor is a security credential that is used to verify the identity and authorization of a user attempting to gain access or request data from a secured network.

AWS app development toolsYou can use AWS app development tools to build applications.

AWS CloudWatchAmazon CloudWatch allows developers, system architects, and administrators to monitor their AWS applications in the cloud, in near-real-time.

AWS CodeDeployAWS CodeDeploy deploys application code from AWS S3, GitHub, or BitBucket to EC2 instances or on-prem instances.

AWS CodePipelineAWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipeline

AWS EC2AWS Classic Load Balancer vs. Application Load Balancer

AWS ELBAmazon Web Services' Elastic Load Balancer (AWS ELB) integrates seamlessly with Amazon's other cloud services.

AWS LambdaThe AWS Lambda service is a way to run your applications in your AWS environment without worrying about underlying infrastructure such as CPU, memory or storage.

AWS monitoringAWS is the most popular cloud platform in the world. Learn about the many different tools that are available to monitor and secure the performance of apps powered by AWS.

AWS RDSThe Amazon Relational Database Service (RDS) enables developers to create and manage relational databases in the cloud.

AWS RDS Postgres monitoringFor applications based in the Amazon Cloud, tracking and monitoring performance is a critical, but relatively easy, process to undertake to ensure optimum performance and avoid critical failure.

AWS S3The Amazon Simple Storage Service (Amazon S3) application brings cloud-based, scalable, affordable and reliable storage options under your command.

AWS S3 cost optimizationAmazon Simple Storage Service (Amazon S3) is one of the most popular Amazon Web Services (AWS) offering with flexible pricing.

AWS SecurityAWS Security is the process of protecting your data, accounts, and workloads, either using AWS tools or third parties.

B

Blue/green deploymentBlue/green deployment is a methodology for releasing new code into the production environment whose purpose is to reduce software downtime, make it easy to roll back new changes, and avoid service interruptions to applications with critical up-time requirements.

Business analyticsThe term business analytics refers to the practice or discipline, often with the aid of specialized software tools, of extracting information and insights from collected data that can be used to inform effective planning and decision-making in a business context.

Business intelligenceBusiness intelligence (BI) describes the set of processes that business use to analyze operational data and create actionable insights that drive effective business decision-making.

Business technologyBusiness technology can be simply defined as any application of information technology that is integrated into the operation of a business.

C

CaaSContainers-as-a-service (CaaS) is a category of cloud services where the service provider offers customers the ability to manage and deploy containerized applications and clusters.

CASBA cloud access security broker (CASB) is a software application that mediates user access to a cloud-based application. CASB tools can be hosted on-premises or in the cloud.

Cloud applicationA cloud application simply refers to any software application that is deployed in a cloud environment rather than being hosted on a local server or machine.

Cloud automationCloud automation is the practice of using specialized software and methodologies to automate the manual tasks associated with managing cloud-based IT infrastructure.

Cloud computingCloud computing is the delivery of computer system resources, including applications, virtual machines, containers, data storage and processing power over the internet.

Cloud infrastructureCloud infrastructure consists of all hardware and software components that are needed to support the delivery of cloud services to the customer.

Cloud infrastructure securityCloud infrastructure security is the cloud computing security practice of securing cloud environments, sensitive data and supporting information systems.

Cloud managementCloud management is the process of maintaining oversight and administrative control of cloud computing products and services.

Cloud migrationCloud migration is the process of moving applications, data, and other components hosted on servers inside an organization to a cloud-based infrastructure.

Cloud orchestrationCloud orchestration is designed to help IT organizations manage interconnections and interactions between disparate systems in increasingly complex cloud environments.

Cloud security monitoringCloud security monitoring typically involves supervising servers, both virtual and physical, in order to continuously assess and analyze data and infrastructures for threats and vulnerabilities.

Cloud security posture managementCloud security posture management (CSPM) is the practice of continuously monitoring and managing the security of an organization's cloud infrastructure to ensure it aligns with best practices, compliance requirements and security policies.

ContainerA container is a virtualized environment whose contents are an application and all of the files, libraries, binaries and dependencies needed to execute that application.

Content delivery network (CDN)A content delivery network (CDN) is an important tool for optimizing the performance of heavily-trafficked websites and applications that are deployed in cloud environments.

Continuous deliveryContinuous delivery is an ongoing DevOps practice of building, testing, and delivering improvements to software code and user environments with the help of automated tools.

Continuous deploymentContinuous deployment (CD) is a strategy where any new code change is deployed directly into the live production environment where it will be visible to customers.

Continuous integrationContinuous integration is a software engineering practice where all developers merge their working copies into a shared mainline several times a day.

Continuous intelligenceContinuous intelligence (CI) is real-time analytics and insights delivered from a single, cloud-native platform across multiple use cases to speed decision-making and drive world-class customer experiences.

Continuous monitoringContinuous monitoring is a technology and process that IT organizations may implement to enable rapid detection of compliance issues and security risks within the IT infrastructure.

CRUDCRUD is an acronym that refers to the four functions that are considered necessary to implement a persistent storage application: create, read, update and delete.

CybersecurityCybersecurity refers to the set of processes, policies and techniques that work together to secure and organization against digital attacks.

D

Data securityData security can be described as the set of policies, processes, procedures, and tools that IT organizations implement to prevent unauthorized access to their networks, servers, data storage and any other on-premise or cloud-based IT infrastructure.

Database managementDatabase management is the process of defining, manipulating, retrieving and otherwise managing data that exists in a database.

Denial of service (DoS)Denial of service (DoS) attacks are threats that directly shut down a machine or network, making it impossible for its intended users to access their devices/servers.

DevOpsDevOps is a collection of best practices for the software development process to shorten the development life cycle such as continuous integration, delivery and deployment.

DevOps-as-a-ServiceDevOps as a Service is an emerging philosophy in application development.

DevSecOpsDevSecOps is the philosophy of integrating security practices within the DevOps process.

Digital customer experienceDigital experiences are where your customers meet your business. The majority of consumers find a positive experience with a brand to be more influential than great advertising. Learn why.

Directory traversalA directory traversal is an HTTP attack that allows attackers to gain access to restricted files. Directory traversal attacks, also known as path traversal, are some of the most common and dangerous attacks that businesses will see.

Distributed tracingWith the popularity of microservice architectures, or simply microservices, the demand to understand control flow and monitor distributed systems is becoming more and more of a necessity.

DockerDocker is an open-source containerization platform for virtualization.

Docker log managementDocker log management includes logging drivers in the platform to give you access to performance data.

Docker SwarmDocker Swarm is a container orchestration tool, meaning that it allows the user to manage multiple containers deployed across multiple host machines.

DORA metricsLearn what DORA metrics are. Explore how to measure them, why they matter, and how they help engineering and DevOps teams maximize performance.

E

EncapsulationEncapsulation is way to restrict direct access to some components of an object, so users cannot access state values for all of the variables of a particular object.

Endpoint securityEndpoint security is an organizations’ strategy and approach to maintaining the security of network endpoints and external devices that are directly connected to the IT infrastructure.

Enterprise application integration (EAI)Enterprise application integration (EAI) is the implementation of technologies that facilitate communication between enterprise applications.

Enterprise securityThere are several challenges and considerations related to security that apply in a special way to enterprises, which are typically defined as organizations with at least one thousand employees.

Error budgetAn error budget is how much downtime a system can afford without upsetting customers, or, in other words, the margin of error permitted by a service level objective (SLO).

Error trackingError tracking is the proactive process of monitoring web applications or microservices to identify problems and fix them before they become serious issues. Usually, error tracking reports will monitor your applications for any deviation from benchmark activity levels.

F

File inclusionBusinesses rely on their web applications. They’re the essential building blocks that provide organizations with the tools they need to execute their tasks, automate tedious processes, manage and store data, and so much more.

Function-as-a-Service (FaaS)Functions-as-a-Service (FaaS) is a cloud computing model on serverless technologies and architectures that allow software developers to easily deploy applications in the cloud.

G

Gain privilegesGaining privileges (also known as privilege escalation) is the act of exploiting a vulnerability or configuration issue in a software/operating system that gives attackers more administrative privileges.

H

Hadoop architectureHadoop architecture was designed to allow many data storage devices to work in parallel instead of one large one, making it one of the most popular data processing platforms.

HIPAAHIPAA is a comprehensive U.S. federal law enacted in 1996 to ensure the privacy, security and standardization of electronic health information.

Hybrid cloudHybrid cloud describes a specific deployment model or architecture for cloud service delivery that combines private, on-premises cloud infrastructure and services with public cloud services and permits some orchestration and interactions between them.

I

IIS Log ViewerAn IIS Log Viewer is a software application whose function is to streamline the process of viewing log files from an IIS web server.

IIS serverThe Windows Internet Information Services (IIS) Server is an extensible web server that was created by Microsoft to be used on Windows operating systems.

Incident responseIncident response is a documented, formalized set of policies and procedures for managing cyber attacks, security breaches and other types of IT or security incidents.

Indicators of compromise (IoC)Indicators of compromise (IoC) are pieces of evidence that suggest that a data breach may have occurred and that further investigation and engagement of the CSIRT incident response plan is necessary.

Information security managementInformation security management describes the set of policies and procedural controls that IT and business organizations implement to secure their informational assets against threats and vulnerabilities.

Infrastructure management (IM)In the context of an IT organization, infrastructure refers to the hardware, software and other systems that are necessary for delivering IT services in accordance with service-level agreements (SLAs).

Infrastructure metricsMetrics are numeric samples of data collected over time. Infrastructure metrics can measure the performance of various IT infrastructure components, such as the operating system, disk activity, servers or virtual machines.

Infrastructure monitoringInfrastructure monitoring software tools capture log files from throughout the network and aggregate them into a single database where they can be sorted, queried and analyzed by either humans or machine algorithms.

Infrastructure-as-a-ServiceInfrastructure-as-a-Service (IaaS), also called Hardware-as-a-Service (HaaS), describes a standard delivery model for cloud services where customers purchase access to managed IT infrastructure from a third-party cloud service provider.

Infrastructure-as-codeInfrastructure-as-Code (IaC) refers to the increasingly common practice of provisioning and managing IT infrastructure using coding.

IT InfrastructureAn organization’s IT infrastructure (also known as information technology infrastructure) includes all of the hardware, software, and network resources that are necessary to deliver IT services within the organization.

IT operationsIT operations (ITOps) refer to the set of processes and services that are administered by an IT department within a larger organization or business. ITOps is one of the four defined functions in the ITIL best practices framework for IT service management, along with technical management, application management and the service desk.

IT operations management (ITOM)IT operations management (ITOM) refers to the administration of all technology components and application requirements within an organization.

ITSIInformation Technology Service Intelligence (ITSI) is a new type of software tool that uses artificial intelligence and machine learning to help IT managers monitor increasingly complex computing environments.

K

Kubernetes monitoringKubernetes monitoring helps DevOps practitioners manage complex app modernization and scale-up containerization in human-readable environments.

L

Load balancerWhen an organization allocates more than one server to handle requests for a website or business application, a load balancer is used to distribute requests between them.

Log aggregationLog aggregation is a software function that consolidates log data from throughout the IT infrastructure, including microservices, into a single centralized platform where it can be reviewed and analyzed.

Log analysisLog analysis is the process of reviewing, interpreting and understanding computer-generated records called logs.

Log fileLog files are the primary data source for network observability. A log file is a computer-generated data file that contains information about usage patterns, activities and operations within an operating system, application, server or another device. Log files show whether resources are performing properly and optimally.

Log levelsLog levels describe the type and severity of a logged event based on the severity of the impact on users and the urgency of response required by the IT organization.

Log managementLog management is facilitating, transmitting, analyzing, storing, and archiving large sets of log data.

Log management policyA log management policy provides guidelines and procedures for: collecting log data; organizing and storing log data; analyzing log data; reporting on log data; transmitting log data; and accessing log data.

Log management processThe log management process involves facilitating, transmitting, analyzing, storing and archiving large sets of log data.

Log4Shell vulnerabilityLog4Shell is a zero-day vulnerability (CVE-2021-44228) with Apache’s Log4j. The vulnerability can be exploited by allowing hackers to execute authenticated code execution.

M

Machine dataMachine data, sometimes called machine-generated data, is the digital information that is automatically created by the activities and operations of networked devices, including computers, mobile phones, embedded systems, and connected wearable products.

Machine learningMachine learning is a cutting-edge programming technique used to automate the construction of analytical models and enable applications to perform specified tasks more efficiently without being explicitly programmed.

Managed detection and responseManaged detection and response (MDR) is an outsourced security service that helps organizations detect malicious network activity (network intrusions, malware attacks, attempted data theft, etc.) and quickly respond to eliminate the threat.

Managed SIEMManaged SIEM is an alternative to on-premise deployment, setup and monitoring of a SIEM software solution where an organization contracts with a third-party service provider to host a SIEM application on their servers and monitor the organization's network for potential security threats.

Mean time to resolution (MTTR)MTTR stands for mean time to resolve. It refers to the average amount of time it takes for an organization to detect and then fully resolve a security incident or breach. MTTR is a key performance indicator and reliability metric that helps measure the effectiveness and efficiency of an organization's incident response and resolution processes.

MicroservicesMicroservices are a specific example of a service-oriented software architecture, where application components are used to supply specific services to other applications over a network using an agreed or specified communication protocol or APIs.

Microsoft AzureAzure is Microsoft’s platform for both hybrid and fully cloud-based IT architectures.

MITRE ATT&CKThe MITRE ATT&CK framework is primarily designed to help cybersecurity professionals understand, categorize and respond to cyber threats and attacks.

MLOpsMLOps, short for Machine Learning Operations, is a practice that aims to streamline the process of developing, deploying and maintaining machine learning models at scale.

MTTIMean time to identify (MTTI) is calculated by taking the sum of the time intervals between the occurrence of each security incident and its identification and then dividing that sum by the total number of incidents.

Mutable and immutable infrastructureMutable server infrastructure means the server infrastructure will be continually updated, tweaked, and tuned to meet the ongoing needs of its purpose. It extends to every server and switch that is unique.

N

NIST SIEM requirements and standardsThe National Institute of Standards and Technology (NIST) produces guidance on security information and event management (SIEM).

Node loggingNode logging helps debug by saving information about an application and giving developers the insight to identify the causes of various incidents and errors.

O

ObservabilityObservability is monitoring all of the behaviors and activities of a system that can be evaluated based on its outputs.

Open Integration Framework (OIF)Open Integration Framework (OIF) is an integration framework created to make the process of integration within a platform run as smoothly as possible.

OpenTelemetryOpenTelemetry (OTel) is a set of tools, APIs, and open standards for collecting, processing, and exporting telemetry data from distributed systems.

Operational IntelligenceOperational Intelligence is the application of data analysis techniques to data that is generated or collected in real-time through an organization’s IT infrastructure.

P

PaaS (Platform-as-a-Service)Platform-as-a-service (PaaS) is a cloud service delivery model where a third-party cloud service provider delivers some hardware and software tools, often those needed for application hosting or development, to customers over the internet.

PCI DSSPCI DSS stands for Payment Card Industry Data Security Standard. It is a set of security standards designed to ensure the secure handling, processing and storage of credit card information to prevent data breaches and protect cardholder data.

Pen testingPenetration testing, commonly called pen testing, is a critical component of a comprehensive cybersecurity strategy to assess the security posture of an organization's digital assets.

Pivotal Cloud Foundry (PCF)Pivotal Cloud Foundry, also known as PCF, is a distribution of the open-source Cloud Foundry platform that includes additional features and services that expand the capabilities of Cloud Foundry and make it easier to use.

PolymorphismPolymorphism is a feature of object-oriented programming languages that allows a specific routine to use variables of different types at different times.

Predictive analyticsPredictive analytics is a set of methods and technologies that can be used to analyze current and historical data to make predictions about future events.

Private cloudA private cloud is defined as a deployment model for cloud services where the cloud environment and infrastructure are dedicated to providing services for a single organization.

R

Real time big data analyticsReal-time big data analytics is a software feature or tool capable of analyzing large volumes of incoming data at the moment that it is stored or created with the IT infrastructure.

Real time dashboardA real-time dashboard is a type of graphical user interface that provides simplified, easy-to-review visualizations of key metrics or performance indicators concerning a business objective, function or process in real time.

Real user monitoring (RUM)Real user monitoring (RUM) is an important aspect of application performance management that helps capture and analyze every event that your users make within your application or website.

Role based access controlRole-based access control (RBAC) is a critical capability for organizations that deploy applications into the cloud.

Root cause analysisRoot cause analysis (RCA) is a method of problem-solving used to investigate known problems and identify their antecedent and underlying causes.

S

ScrumScrum is a project management framework or methodology that is used to efficiently produce quality work while adapting quickly to change.

SecOpsSecOps, a combination of the terms security and operations, is a methodology that IT managers implement to enhance the connection, collaboration and communication between IT security and IT operations teams, helping to ensure that the IT organization as a whole can meet its application and network security objectives without compromising on application performance.

Security analyticsSecurity analytics uses data analytics and machine learning techniques to identify and respond to cybersecurity threats in real time.

Security information and event management (SIEM)SIEM is a combination of security event management (SEM) and security information management (SIM).

Security intelligenceSecurity intelligence refers to the practice of collecting, standardizing and analyzing data that is generated by networks, applications, and other IT infrastructure in real-time, and the use of that information to assess and improve an organization’s security posture.

Security orchestration, automation and response (SOAR)SOAR stands for security orchestration, automation and response, helps security professionals identify repeatable patterns and behaviors and use the knowledge of historically accumulated data to accurately detect false positives.

Security remediationSecurity remediation is the process of identifying threats and taking the proper steps to resolve them.

Server monitoringServer monitoring helps maintain the security of cloud servers while tracking their performance and availability.

ServerlessServerless computing is an execution model for cloud computing services that is very similar to the PaaS model.

Service Level Agreement (SLA)A Service Level Agreement (SLA) is a legal obligation or set of obligations made between a service provider and a client or customer, which guarantees certain quality assurances for availability, responsibility and other key metrics.

Service Level Indicator (SLI)A service level indicator (SLI) is a specific metric that helps companies measure some aspect of the level of services to their customers.

Service Level Objective (SLO)Service Level Objectives make it easier for DevOps and site reliability engineering (SRE) teams to evaluate and assess how well their services are being maintained and how well their SLA is being upheld.

Service reliabilityService reliability is a method for measuring the probability that a system, product, or service will maintain performance standards for a specific period of time.

SIEM environmentA Security Information and Event Management (SIEM) environment is a virtual space in which log data is collected, interpreted and represented visually.

SIEM loggingA SIEM log refers to the log data generated by Security Information and Event Management (SIEM) systems.

SIEM toolsSecurity Information and Event Management (SIEM) tools are typically external software solutions that aggregate and analyze log data with the hopes of improving security and security response for IT teams.

SOC2The SOC 2 (Service Organization Control 2) framework is a set of auditing standards and guidelines developed by the American Institute of CPAs (AICPA) to assess the security, availability, processing integrity, confidentiality and privacy of information processed by service organizations.

Software as a Service (SaaS)Software as a service (SaaS) is a model of software distribution where customers pay a monthly subscription or licensing fee and a third-party, typically the software vendor makes, the application available over the internet.

Software developmentSoftware deployment includes all of the steps, processes, and activities that are required to make a software system or update available to its intended users.

Software development lifecycleThe software development lifecycle (SDLC) is the set of steps, tasks, activities, and processes required to develop a new application.

Software stackA software stack refers to the set of components that work together to support the execution of the application.

Standard operating procedures (SOPs)Standard operating procedures (SOPs) are processes that include a set of written instructions that help security practitioners follow a straightforward and well-laid-out framework to achieve optimum efficiency in task completion.

Structured loggingStructured logging is the practice of implementing a consistent, predetermined message format for application logs that allows them to be treated as data sets that can be more easily searched and analyzed than text.

SyslogSyslog is a protocol that computer systems use to send event data logs to a central location for storage.

T

Tactics techniques and procedures (TTPs)Tactics techniques and procedures (TTPs) are fundamental components used in the field of cybersecurity, threat intelligence and incident response, and they describe how cyber adversaries operate and execute attacks.

Technology stackA technology stack includes all of the hardware and software systems that are needed to develop and run a single website, web integration or mobile application.

TelemetryTelemetry automatically collects, transmits and measures data from remote sources, using sensors and other devices to collect data.

Testing as a serviceTesting-as-a-Service (TaaS) allows a third-party service provider to provide testing services in connection with the organization’s key business activities.

Threat detection and response (TDR)Threat detection and response allows a security team to identify and respond to potential threats to networks, applications or other assets within the network.

Threat huntingThreat hunting, cyber threat hunting or proactive threat hunting, is the seeking out unknown cybersecurity threats to a network.

Threat intelligenceThe term threat intelligence refers to collecting data, information and knowledge that keep an organization informed about past, present, or potential cyber-attacks.

Tool sprawlTool sprawl happens when a company accesses an unnecessarily high number of IT tools that individually address different use cases.

U

Unstructured logsUnstructured logs are machine-generated records of events, activities, or messages that don’t follow a predefined format or structure.

User entity behavior analytics (UEBA)UEBA is a security technology that uses advanced analytics, machine learning and artificial intelligence (AI) to identify a potential security threat based on user and entity behavior.

V

Virtual private cloudA virtual private cloud (VPC) is a unique delivery model for private cloud services that allows an IT organization to provide an isolated section of public cloud infrastructure.

VPC flow loggingVirtual Private Cloud (VPC) Flow logging provides built-in power to monitor information about how your network resources are operating in Amazon Web Services.

W

Web application developmentWeb application development describes the process of designing, building, testing and deploying web-based applications that will be installed on remote servers and delivered to users or customers via the internet. Once a web application has been deployed on an application server, users can access the application and its functions and services using any web browser (Google Chrome, Mozilla Firefox, Microsoft Edge, etc.)

X

XDRExtended Detection and Response (XDR) is a cyber security tool promoted by endpoint detection and response (EDR) vendors to aggregate and analyze disparate data and security sources, with the goal to improve threat detection and remediation operations. XDR works to improve threat detection and mitigate cyberattacks by automatically finding, analyzing, and responding to threat data.