Engineering Glossary

Categories used to distinguish the importance and nature of logged messages, aiding in log analysis and troubleshooting.

Process of collecting, storing, analyzing, and disposing of log data generated by various IT systems and applications.

Set of guidelines and procedures governing the collection, storage, analysis, and retention of log data within an organization.

Systematic approach to collecting, storing, analyzing, and disposing of log data.

Process of archiving filled log files and starting new ones to prevent excessive disk space usage.

Real-time log monitoring tool that allows users to view and search logs from multiple sources in a single web-based interface.

Critical security flaw in the Log4j library, allowing remote code execution and posing significant security risks.

Cloud-based log management and analytics service that helps organizations collect, analyze, and act on machine-generated data from various sources.

Open-source data processing pipeline that ingests data from multiple sources simultaneously.

Utility for reading log files and generating metrics for monitoring systems like Graphite and Ganglia.

Project aimed at adding lightweight concurrency and new programming models to Java.

Software development approach requiring little to no coding to build applications and processes.

Apple's custom-designed ARM-based processors for Mac computers, offering improved performance and energy efficiency.

Globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Set of practices that aims to deploy and maintain machine learning models in production reliably and efficiently.

Mean Time to Identify; average time between the start of an incident and its discovery.

Average time required to repair a failed system and restore it to normal operation, a key metric for measuring system reliability.

Digital information created by the activity of computers, mobile phones, embedded systems and other networked devices.

Field of study giving computers the ability to learn without being explicitly programmed.

Group of threat actors that specialize in stealing credit card data from online stores.

Cybersecurity service that combines technology and human expertise to rapidly identify and respond to threats.

Security Information and Event Management offered as a managed service, providing expert monitoring and threat detection.

Process of securely storing and handling sensitive information like passwords and API keys.

Vulnerability where an active record pattern in a web application is abused to modify data items that the user should not be allowed to access.

Structured representation of improvement across multiple dimensions of an organization or service.

Framework for building server orchestration or parallel job execution systems, facilitating large-scale system management.

Average time between system failures, used to measure reliability and predict future failure occurrences.

Average time required to repair a failed system and restore it to normal operation.

Average time between the detection of an incident and its full resolution, a key metric in IT service management.

Practice of collecting metrics on all aspects of software development and operations to enable data-driven decisions.

Distributed memory caching system designed to speed up dynamic web applications.

Situation where system performance is limited by the amount or speed of available memory.

Cloud-native observability platform for log management and analysis, helping organizations gain insights from their machine data.

Architectural style where a frontend app is decomposed into individual, loosely coupled components.

Security technique that creates secure zones in data centers and cloud deployments to isolate workloads from one another.

Architectural style structuring an application as a collection of loosely coupled services.

Infrastructure designed to support the deployment and operation of microservices.

Software development technique that structures an application as a collection of loosely coupled services.

Architectural style that structures an application as a collection of small autonomous services.

Cloud computing service created by Microsoft for building, testing, deploying, and managing applications and services.

Network application framework which helps users develop high performance and high scalability network applications easily.

Tools and processes for measuring and analyzing mobile app usage and user behavior.

Tools and processes for measuring and analyzing mobile app usage and user behavior.

Process of testing mobile applications for functionality, usability, and consistency.

Process of testing mobile applications for security vulnerabilities, ensuring protection of user data and app integrity.

Data or files generated during mobile app development and testing, including binaries, logs, and test results.

Process of testing mobile devices and applications to ensure proper functionality and user experience.

Software testing technique in which test cases are derived from a model that describes the system under test.

Popular open-source document-oriented database program classified as a NoSQL database, known for its flexibility and scalability.

Continuous observation and checking of a system's performance, health, and security to ensure optimal operation and detect issues.

Practice of defining and managing monitoring configurations using code and version control systems.

Software design where all components of an application are interconnected and interdependent.

Development approach where code for many projects is stored in the same repository.

Japanese term for waste in lean methodologies, referring to any activity that doesn't add value to the final product or service.

Use of multiple cloud computing and storage services in a single heterogeneous architecture.

Japanese term in lean methodologies referring to unevenness or irregularity in processes, which can lead to inefficiencies.

Japanese term in lean methodologies referring to overburden or unreasonableness, which can lead to stress and inefficiencies.

Infrastructure that can be updated or modified after it is deployed, contrasting with immutable infrastructure approaches.

Non-Functional Requirements; requirements that specify criteria for judging the operation of a system, rather than specific behaviors.

Guidelines set by the National Institute of Standards and Technology for Security Information and Event Management systems.

Node Package Manager, the default package manager for Node.js, used for installing and managing JavaScript packages and dependencies.

Open source monitoring system for computer systems, networks and infrastructure.

Progressive Node.js framework for building efficient and scalable server-side applications.

Point in a network where bandwidth is limited, causing slowdowns in data transfer.

Cloud model where network services are delivered over the internet, offering flexibility and scalability.

Cloud-based observability platform that helps developers monitor, debug, and optimize their entire stack.

Advanced WAF that uses machine learning and behavioral analytics to protect web applications.

Repository manager that organizes, stores, and distributes software components, facilitating dependency management in development.

Software repository manager for storing and distributing build artifacts, supporting various package formats and integrations.

Web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.

Concept where an IT environment becomes so automated that there's no need for a dedicated team to manage software in-house.

NoSQL Injection; security exploit targeting databases that use non-SQL query languages.

Process of recording events and data from individual nodes in a distributed system.

Group of nodes within a cluster, typically with the same configuration, used in container orchestration platforms like Kubernetes.

JavaScript runtime built on Chrome's V8 JavaScript engine for building scalable network applications.

Flexible workload orchestrator to deploy and manage containers and non-containerized applications.

Testing of non-functional aspects of software like performance, usability, and reliability.

Open Source Vulnerabilities; database of vulnerabilities affecting open source software.

Open Web Application Security Project; nonprofit foundation working to improve software security.

List of the ten most critical API security risks, providing awareness and guidance for developers and security professionals.

Standard awareness document for developers about the most critical security risks to web applications.

Measure of how well internal states of a system can be inferred from knowledge of its external outputs.

Observability provides insights into system behavior, while monitoring tracks predefined metrics.

Computing infrastructure physically located within an organization's facilities.

Single location or service providing multiple resources or capabilities, often used in IT service management.

Open standard for access delegation, commonly used for secure authorization in web applications.

Set of standards and practices for integrating different software systems, promoting interoperability and flexibility.

Software with source code that anyone can inspect, modify, and enhance, promoting collaboration and transparency.

Software applications whose source code is openly available for modification and distribution.

Container application platform by Red Hat that brings Docker and Kubernetes to the enterprise.

Free, open-standard cloud computing platform, primarily deployed as infrastructure-as-a-service.

Collection of tools, APIs, and SDKs used to instrument, generate, collect, and export telemetry data.

Real-time dynamic business analytics that delivers visibility and insight into data, streaming events, and business operations.

Discipline of designing and managing systems for maximum efficiency and reliability.

Operational aspect of DevOps, focusing on system administration, infrastructure management, and deployment.

Incident management and alert notification tool designed to help teams handle critical issues quickly and efficiently.

Chatbot designed to assist with operational tasks and incident management, streamlining IT operations and support.

Basic structure or framework for operations in a software project, providing a starting point for implementing DevOps practices.

Automated configuration, coordination, and management of computer systems and software.

Holistic, single command developer tool for managing development environments across multiple platforms and languages.