DevOps Glossary

System providing real-time analysis of security alerts generated by applications and network hardware.

Evidence-based knowledge about existing or emerging threats to assets, crucial for effective cybersecurity strategies.

Improper configuration of security controls, often leading to vulnerabilities and potential security breaches.

Practice of gaining insight into the security posture of systems through the collection and analysis of security-relevant data.

Centralized unit dealing with security issues on an organizational and technical level.

Overall security status of an organization's systems, networks, and data, reflecting its ability to protect from cyber threats.

Process of addressing and fixing identified security vulnerabilities or weaknesses in systems, applications, or networks.

Practice of building and operating security controls as code to ensure consistent and repeatable security processes.

German for "self-healing systems"; systems that can detect and recover from failures automatically.

Popular open-source tool for automating web browsers, primarily used for testing web applications across various platforms.

Systems capable of detecting and recovering from failures without human intervention.

Capability allowing users to deploy applications or services independently, without IT intervention.

Lightweight, cloud-native continuous integration and delivery platform designed for speed and simplicity in software development workflows.

Security vulnerability where an application does not adequately protect sensitive information from unauthorized access.

Open-source monitoring framework designed to empower organizations with flexible and scalable monitoring for their infrastructure and applications.

Tool used in network security for analyzing and manipulating network protocols, often employed in penetration testing and vulnerability assessment.

Decentralized solution for cluster membership, failure detection, and orchestration, designed for service discovery and orchestration.

Process of reviewing and analyzing a server for availability, operations, performance, security and other operations-related processes.

Cloud computing execution model where the cloud provider manages server infrastructure.

Cloud computing model where the cloud provider manages server infrastructure, allowing developers to focus solely on code.

Open-source tool for building and deploying serverless applications across various cloud providers, simplifying serverless development.

Process of observing and managing the performance, availability, and cost of serverless applications and functions.

Contract between a service provider and the end user defining the expected level of service.

Quantitative measure of the level of service provided, used to evaluate whether a Service Level Objective is being met.

Quantitative measures of the level of service provided, used to evaluate whether Service Level Objectives are being met.