Engineering Glossary

Computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services.

Approach where features are treated as experiments to validate business outcomes.

Measure of the amount of data processed by a system's input/output operations in a given amount of time.

Interactive Application Security Testing; security testing methodology that analyzes code for security vulnerabilities while the app is run.

Integrated Development Environment; software application that provides comprehensive facilities to computer programmers for software development.

Tool for analyzing and troubleshooting logs from Microsoft Internet Information Services.

Microsoft's web server for hosting websites, web applications, and services on Windows operating systems, offering various features and security options.

Performance measurement for storage devices, indicating how many read/write operations can be performed in one second.

Composite hardware, software, network resources, and services required for the existence, operation, and management of an enterprise IT environment.

Daily work of managing the IT infrastructure and systems that support an organization's business operations.

Practices and processes for operating, administering, and maintaining IT infrastructure and services.

IT Service Intelligence; uses machine learning for monitoring, anomaly detection, and service health.

Infrastructure as Code; managing and provisioning infrastructure through code instead of manual processes.

Infrastructure as a Service; cloud-computing service in which compute, storage, and networking resources are provided on-demand.

Open source monitoring system checking availability and performance of network resources.

Framework of policies and technologies for ensuring that the right users have the appropriate access to resources.

Security issue where an organization fails to properly inventory, update, and manage its IT assets.

Any unplanned interruption or reduction in quality of a service, requiring prompt response and resolution to minimize impact.

Structured approach to responding to and resolving IT service disruptions, minimizing their impact on business operations.

The Incident Prozess involves identifying, managing, and resolving unexpected disruptions to restore normal service, minimizing impact and preventing recurrence.

Organized approach to addressing and managing the aftermath of a security breach or attack.

Pieces of forensic data that identify potentially malicious activity on a network or system.

Open-source time series database designed to handle high write and query loads, often used for monitoring and metrics.

Set of policies and procedures for systematically managing an organization's sensitive data.

Composite of all DevOps components that make up an organization's environment, including hardware, software, and networking.

Unplanned changes to infrastructure over time, deviating from the desired state.

Process of managing essential operation components, such as policies, processes, equipment, data, human resources, and external contacts.

Measurements used to assess the performance, health, and efficiency of IT infrastructure components.

Process of collecting and analyzing data from infrastructure to ensure optimal performance.

Ability of IT infrastructure to withstand and recover from disruptions and disasters.

Managing and provisioning infrastructure through code instead of manual processes. Enables version control, automation, and consistent environments.

Set of tools and practices for managing infrastructure through machine-readable definition files.

Approach to infrastructure management where the desired state is described as data, not procedural code.

Treating infrastructure configuration and management as a software development problem.

Ability to provision and de-provision infrastructure resources as needed, often in cloud environments.

Cloud computing model providing virtualized computing resources over the internet. Users can rent servers, storage, networks, and operating systems.

Kubernetes resource managing external access to services in a cluster, typically HTTP.

Security vulnerability where untrusted data is sent to an interpreter as part of a command or query.

Inner loop is local development cycle; outer loop involves CI/CD processes for team collaboration and deployment.

Security vulnerability occurring when untrusted data is used to abuse the logic of an application.

Security flaw allowing attackers to bypass authorization and access resources directly by modifying the value of a parameter.

Single copy of a running computer program, often referring to a virtual server in cloud computing.

Security weakness where systems lack adequate logging and real-time monitoring, hindering threat detection and forensics.

Phase in software testing where individual modules are combined and tested as a group.

Use of AI and machine learning to automate complex business processes and decisions.

Security testing tool that combines static and dynamic testing methods to detect vulnerabilities in running applications.

Set of tools and practices that improve developer experience and productivity within an organization.

Process of gathering, analyzing, and disseminating information about potential internal security threats.

Excessive accumulation of IT resources, often in cloud environments, leading to waste and inefficiency.

Open-source SDK for developing hybrid mobile applications using web technologies.

Process of recording and following the progress of problems or tasks in a project.

Fixed time periods in Agile development during which a team completes a set amount of work.

Portion of memory where the Java Virtual Machine stores objects, crucial for application performance and garbage collection processes.

Lightweight processes within the Java Virtual Machine that allow concurrent execution of tasks in Java applications.

Web development architecture based on client-side JavaScript, reusable APIs, and prebuilt Markup.

Java library providing a multi-cloud abstraction layer, simplifying cloud platform interactions.

Open-source automation server that enables developers to build, test, and deploy their software reliably.

Runnable task configured in Jenkins, defining a series of related steps to be executed.

Suite of plugins supporting implementation and integration of continuous delivery pipelines into Jenkins.

JavaScript testing framework designed to ensure correctness of any JavaScript codebase.

Modern toolkit for building native Android UI, using a declarative and composable approach.

Project management tool used for issue tracking, bug tracking, and agile project management.

Open-source application modeling tool for deploying, configuring, scaling, and operating software.

Design principle stating that systems perform best when kept simple rather than made complicated.

Distributed event streaming platform capable of handling trillions of events a day.

Japanese business philosophy of continuous improvement of working practices and personal efficiency.

Visual system for managing work as it moves through a process, emphasizing continuous delivery.

Visual representation of work items as they progress through different stages of a process.

Programming exercise aimed at honing coding skills through practice and repetition, often used in coding dojos and training sessions.

Software or hardware that records keyboard inputs, often used maliciously to capture sensitive information.

Data visualization and exploration tool for Elasticsearch, allowing users to create interactive dashboards and analyze large volumes of data.

Method of performing automatic installation and configuration of operating systems, particularly in Linux.

Open-source system for automating deployment, scaling, and management of containerized applications.

Alternative abbreviation for Kubernetes, where 8 replaces the eight letters between K and s.

Alternate abbreviation for Kubernetes, the open-source container orchestration platform for automating application deployment and scaling.

Kubernetes object for creating recurring scheduled tasks, allowing automated execution of jobs at specified intervals.

Observing and tracking the health, performance, and resource usage of Kubernetes clusters and applications.

Method of packaging, deploying, and managing a Kubernetes application using custom resources and controllers.

Smallest deployable unit in Kubernetes, consisting of one or more containers sharing storage and network resources.

Quality of Service classes in Kubernetes that determine how pods are scheduled and evicted based on resource requirements.

Identical copy of a pod, used to ensure specified number of pod instances are running at any given time.

Objects in Kubernetes that manage a set of pods, such as Deployments, StatefulSets, and DaemonSets.

Insufficient tools, infrastructure, skills, or personnel needed to implement and maintain efficient CI/CD pipelines and automation processes.

Metric measuring the render time of the largest image or text block visible within the viewport.

Time between the initiation and completion of a process, often used in software development to measure efficiency.

Metric measuring the time it takes for a commit to be deployed to production, indicating the efficiency of the development process.

API that unintentionally exposes sensitive data or functionality, potentially leading to security vulnerabilities and data breaches.

Methodology aimed at maximizing customer value while minimizing waste, applicable to various industries including software development.

Application of lean manufacturing principles to IT operations, focusing on eliminating waste and improving efficiency in IT processes.

Outdated computer system, programming language or application software that is still in use.

Open-source, Unix-like operating system kernel that forms the basis of many popular distributions, known for its stability and flexibility.

Linux kernel process that terminates applications in low memory situations to prevent system crashes.

Device that distributes network or application traffic across multiple servers to ensure no single server bears too much demand.

Process of distributing network traffic across multiple servers to ensure no single server bears too much demand.

Vulnerability allowing an attacker to include files on a server through the web browser.

Process of collecting and centralizing log data from multiple sources into a single, searchable repository for analysis and monitoring.

Process of examining log files to identify events, patterns, or anomalies, crucial for troubleshooting and security monitoring.

Process of forwarding log data from its origin to a centralized log management system.

Practice of recording all modifications made to a system or application, crucial for auditing and troubleshooting.

Record of events occurring within an organization's systems and networks, crucial for troubleshooting and security analysis.