DevOps Glossary

Unplanned changes to infrastructure over time, deviating from the desired state.

Process of managing essential operation components, such as policies, processes, equipment, data, human resources, and external contacts.

Measurements used to assess the performance, health, and efficiency of IT infrastructure components.

Process of collecting and analyzing data from infrastructure to ensure optimal performance.

Ability of IT infrastructure to withstand and recover from disruptions and disasters.

Managing and provisioning infrastructure through code instead of manual processes. Enables version control, automation, and consistent environments.

Set of tools and practices for managing infrastructure through machine-readable definition files.

Approach to infrastructure management where the desired state is described as data, not procedural code.

Treating infrastructure configuration and management as a software development problem.

Ability to provision and de-provision infrastructure resources as needed, often in cloud environments.

Cloud computing model providing virtualized computing resources over the internet. Users can rent servers, storage, networks, and operating systems.

Kubernetes resource managing external access to services in a cluster, typically HTTP.

Security vulnerability where untrusted data is sent to an interpreter as part of a command or query.

Inner loop is local development cycle; outer loop involves CI/CD processes for team collaboration and deployment.

Security vulnerability occurring when untrusted data is used to abuse the logic of an application.

Security flaw allowing attackers to bypass authorization and access resources directly by modifying the value of a parameter.

Single copy of a running computer program, often referring to a virtual server in cloud computing.

Security weakness where systems lack adequate logging and real-time monitoring, hindering threat detection and forensics.

Phase in software testing where individual modules are combined and tested as a group.

Use of AI and machine learning to automate complex business processes and decisions.

Security testing tool that combines static and dynamic testing methods to detect vulnerabilities in running applications.

Set of tools and practices that improve developer experience and productivity within an organization.

Process of gathering, analyzing, and disseminating information about potential internal security threats.

Excessive accumulation of IT resources, often in cloud environments, leading to waste and inefficiency.

Open-source SDK for developing hybrid mobile applications using web technologies.