Engineering Glossary

Feature or functionality that works immediately after installation without any modification.

Tools that are ready to use immediately without additional configuration or customization.

Tool for spinning up and tearing down multi-VM Vagrant environments, facilitating the creation of reproducible development setups.

Adherence to the Payment Card Industry Data Security Standard for organizations that handle credit card information.

Payment Card Industry Data Security Standard; information security standard for organizations that handle credit card data.

Category of cloud computing services providing a platform for developers to build, run, and manage applications.

Tool for creating identical machine images for multiple platforms from a single source configuration.

Duration it takes for a web page to fully load in a user's browser, a crucial metric for web performance and user experience.

Digital operations management platform that helps organizations respond to critical incidents and manage on-call schedules effectively.

Agile software development technique where two programmers work together at one workstation.

Cloud-hosted log management service for collecting, analyzing, and storing logs from applications, servers, and devices.

Security method that allows users to access systems without traditional passwords, often using biometrics or security tokens.

Standardized set of tools and processes for software development within an organization.

Penetration Testing; authorized simulated cyberattack on a computer system to evaluate its security.

Method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders.

Process of determining the speed, responsiveness, and stability of a computer, network, software program or device under workload.

Defense strategy focusing on securing the boundaries of an organization's network from external threats and unauthorized access.

Kubernetes resource that requests specific storage resources, allowing pods to access persistent storage in a cluster.

Any data that could potentially identify a specific individual, subject to strict privacy and security regulations.

Concept in DevOps where "pets" are unique, indispensable servers, while "cattle" are identical, replaceable instances.

Website monitoring service that checks the availability and performance of websites and web applications, providing alerts and detailed reports.

Series of automated processes for delivering software from development to production.

Practice of overseeing and optimizing the processes involved in software delivery pipelines.

Open-source cloud application platform providing a choice of clouds, developer frameworks, and application services.

Discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations.

Group responsible for building and maintaining the platform that other teams use to build and run applications.

Cloud computing model where a third-party provider delivers hardware and software tools to users over the internet.

Pre-defined set of procedures to be carried out in response to specific DevOps events or incidents.

Entity that makes authorization decisions for itself or other entities that request such decisions.

Entity in a network that enforces security policies for resource access, typically working in conjunction with a Policy Decision Point.

Practice of defining and managing policies using code, enabling version control, automation, and consistent policy enforcement.

Ability of an object to take on many forms in object-oriented programming, enabling flexible and extensible code design.

Tool for defining and running multi-container Docker applications, similar to Docker Compose but with additional features.

Approach to security that specifies what is allowed and rejects everything else.

Use of data, statistical algorithms and machine learning techniques to identify the likelihood of future outcomes based on historical data.

Cloud computing services offered either over the Internet or a private internal network to select users.

Person responsible for maximizing the value of the product resulting from the work of the development team.

Environment where software and other products are actually used by end users or consumers.

Setting where software and other products operate to perform their intended functions for end users.

Any information about health status, provision of health care, or payment for health care that can be linked to a specific individual.

Process of setting up IT infrastructure, including servers, networking, and storage.

File used to code sign iOS apps, containing information about the app ID, allowed devices, and other settings.

Open-source server virtualization management platform that combines KVM hypervisor and LXC containers, offering a comprehensive solution.

Computing services offered by third-party providers over the public Internet, available to anyone who wants to use or purchase them.

Mechanism in version control systems for notifying team members that a feature or fix is ready for review and integration.

Platform for managing repositories of software packages, facilitating the aggregation, mirroring, and distribution of software content.

Configuration management tool for centralizing and automating configuration management.

Security team that functions as a combined red team (offensive) and blue team (defensive) to maximize effectiveness.

High-level, interpreted language known for readability and versatility, widely used in web development, data science, and other domains.

Set of threshold conditions that must be met in order to move on to the next stage in a software delivery process.

Data structure that follows the First In First Out (FIFO) principle, commonly used in programming for task scheduling and data buffering.

State of a system or component when it's inactive or in a state of rest, often used in database systems for consistent backups.

Predefined limit on the amount of resources that can be consumed by a user, process, or system to prevent overuse and ensure fair allocation.

RESTful API Modeling Language files used for describing RESTful APIs, facilitating API design and documentation.

Security technology that is built into an application to detect and prevent real-time attacks.

Amazon Relational Database Service, a distributed relational database service by Amazon Web Services.

Open source message broker software that implements the Advanced Message Queuing Protocol (AMQP).

Large, visible display of key project metrics and statuses, providing immediate feedback on the state of a project or system.

Technique used to control the rate of requests sent or received by a network interface controller.

Open-source mobile application development framework created by Facebook for building native apps using React and JavaScript.

Passive monitoring technique that captures and analyzes every transaction of every user of a website or application.

Process of analyzing large volumes of data as it is generated, providing immediate insights for decision-making.

Visual display providing immediate updates on key performance indicators and metrics for quick decision-making.

Technique in database systems to recover data by reapplying transactions from log files.

Group that plays the role of an adversary to provide security testing for an organization.

Process of restructuring existing computer code without changing its external behavior.

Type of software testing to confirm that a recent program or code change has not adversely affected existing features.

Process of making a software product available for use, including planning, scheduling, and controlling the build through different stages.

Use of automation in the software delivery process to deploy software across various environments.

Process of managing, planning, scheduling and controlling a software build through different stages and environments.

Visual interface for tracking and managing software releases, providing insights into release progress and status.

Coordination and management of complex software releases across multiple teams, tools, and environments.

Practice allowing business stakeholders to initiate releases with a simple action.

Ability of a system or component to perform its required functions under stated conditions for a specified period of time.

Vulnerability that allows an attacker to run arbitrary code on a target machine.

Duration it takes for a browser to display the contents of a web page after receiving data from the server.

Ability of a system to withstand and recover from failures and disruptions, crucial for maintaining service availability.

Duration between a user's action and the system's reaction, a critical metric for measuring application performance and user experience.

Practices and measures taken to protect REST APIs from various security threats.

Organizational restructuring strategy aimed at aligning team structures with the desired software architecture.

Configuration management and application deployment tool written in Perl, designed for simplicity and flexibility.

Monitoring system designed for distributed systems, focusing on collecting events from servers and applications for processing and analysis.

Systematic process of evaluating potential risks and their impact on an organization, crucial for effective security management.

Forecasting and evaluation of financial risks together with the identification of procedures to avoid or minimize their impact.

Approach to restricting system access to authorized users based on their role within an organization.

Process of restoring a database, program, or system to a previous state, often used when issues arise after an update or change.

Deployment strategy where new versions of an application are gradually rolled out to a subset of users.

Deployment strategy where an application's containers are updated in a rolling fashion, one after the other.

Method of problem solving used for identifying the root causes of faults or problems.

Debugging technique where a programmer explains the code line-by-line to an inanimate object.

Open-source IT automation and compliance tool that helps manage large-scale, complex IT infrastructures across various environments.

Practice of executing code directly from a version control repository, often used in continuous integration workflows.

Compilation of routine procedures and operations that a system administrator or operator carries out.

Collection of procedures and operations that describe how to run a computer system or network, crucial for IT operations.

Open-source operations management and automation platform, designed to streamline routine and ad-hoc tasks across various systems.

Component in CI/CD systems responsible for executing jobs and reporting results back to the CI/CD server, often customizable for different environments.

Scalable object storage service from AWS, designed for durability, availability, and performance across various use cases.

Security Assertion Markup Language; XML-based open-standard for exchanging authentication and authorization data.

Static Application Security Testing; method of testing applications without executing them.

Software Development Kit; set of software development tools for creating applications for a specific platform.