Engineering Glossary

Degree of technical assistance provided for a product or service, often tiered based on response times and scope of support.

Set of tools for designing, building, documenting, and consuming RESTful web services.

General-purpose, multi-paradigm, compiled programming language developed by Apple.

Monitoring technique that uses scripted recordings or transactions to simulate user activity.

Open-source system-level exploration and troubleshooting tool for Linux systems, providing deep visibility into system behavior.

Standard for message logging, often used in Unix and Unix-like systems for system management and security auditing.

Team responsible for building and maintaining the platforms used by stream-aligned teams.

Digital certificate that authenticates a website's identity and enables an encrypted connection.

Patterns of activities or methods associated with a specific threat actor or group of threat actors.

Technique used to identify and track data in a program that has been tainted with user input.

Organizational design approach focused on optimizing team interactions and boundaries for effective software delivery.

Powerful and user-friendly continuous integration server by JetBrains, supporting various version control systems and build tools.

Implied cost of future rework caused by choosing quick, easy solutions now instead of better, more time-consuming approaches.

Set of technologies used to build and run a single application, including programming languages, frameworks, and tools.

Automated process of collecting data at remote points and transmitting it to receiving equipment for monitoring.

Telemetry is continuous data collection, while logging is recording specific events.

In multi-tenant architecture, distinct groups of users who share a common access with specific privileges to the software instance.

Open-source infrastructure as code software tool that enables defining and provisioning data center infrastructure using a declarative language.

Managed service offering of Terraform for teams and organizations, providing collaboration features and workflow management.

Use of software to execute tests and compare actual outcomes with predicted outcomes.

Approach of automating all possible tests in the software development process to improve quality and efficiency.

Process of creating, managing, and maintaining test data for software testing, ensuring data quality and relevance.

Setup of software and hardware on which the testing team performs testing of a new build.

Process of planning, creating, maintaining, and managing environments for software testing, ensuring consistency and reliability.

Tool for testing infrastructure code and software on isolated target platforms, supporting multiple providers and test frameworks.

Generic term for any object used in place of a real object for testing purposes.

Software development process relying on software requirements being converted to test cases before software is fully developed.

Apple's platform for over-the-air installation and beta testing of mobile applications before they are submitted to the App Store.

Process of creating, managing, and maintaining test data for software testing, ensuring data quality and relevance for various test scenarios.

Ability for testers to provision and manage their own test environments, increasing efficiency and autonomy.

Outsourcing of testing activities to a third-party service provider, offering specialized expertise and tools for comprehensive testing.

Logs, metrics, and traces; key components for understanding the behavior of distributed systems.

Principles underpinning DevOps movements: Flow, Feedback, Continual Learning and Experimentation.

Management paradigm that views any manageable system as being limited in achieving its goals by a small number of constraints.

Cybersecurity process of identifying, analyzing, and mitigating threats to an organization's IT infrastructure in real-time.

Proactive cybersecurity technique to detect hidden threats that have evaded existing security solutions.

Information about potential or current threats to an organization's security, used to inform better decision-making.

Comprehensive view of potential security threats facing an organization or industry, crucial for effective risk management.

Process of identifying, understanding, and categorizing potential security threats.

Measure of responsiveness that indicates the time between a user making an HTTP request and the first byte of the page being received by the browser.

Metric measuring how long it takes to restore a service after an incident, important for assessing system reliability.

Duration between the initiation of a process and the realization of its benefits, crucial for measuring efficiency and ROI.

Feature flag technique that enables or disables features based on geographical location.

Feature flag technique that enables or disables features based on user permissions.

Manual, repetitive, automatable work in running production services that lacks long-term value and scales linearly with service growth.

Proliferation of tools within an organization, often leading to inefficiency and integration challenges.

Set of programming tools used to perform a complex software development task or to create a software product.

Process of monitoring, controlling, and optimizing network traffic to ensure efficient data flow and prevent congestion.

Distributed continuous integration service used to build and test software projects hosted on GitHub.

Source control branching model where developers collaborate on code in a single branch.

Open-source Platform as a Service (PaaS) that makes it easy to deploy and manage applications.

Typed superset of JavaScript that compiles to plain JavaScript, offering enhanced tooling and error detection in large-scale applications.

Development approach prioritizing TypeScript over JavaScript for enhanced type safety and tooling support.

User and Entity Behavior Analytics; process of tracking, collecting and analyzing user and machine data to detect anomalies.

Process of testing a product's graphical user interface to ensure it meets its specifications.

Popular, user-friendly Linux distribution based on Debian, known for its ease of use, regular release cycle, and strong community support.

Software testing method where individual units or components of a program are tested in isolation.

Measure of system reliability, expressed as the percentage of time a machine has been working and available.

Service for monitoring websites and alerting users when their sites go down, providing 24/7 uptime monitoring.

Website and server monitoring service that helps businesses ensure their online presence is always available and performing optimally.

Practice of creating simplified versions of system components for testing purposes.

Final phase of software testing where intended users test the software to ensure it can handle required tasks in real-world scenarios.

Final phase of software testing where actual users test the software to ensure it meets business requirements and is fit for purpose.

Security risk of utilizing software components with documented security issues in applications.

Clojure library for managing virtual machines on various virtualization platforms, simplifying VM lifecycle management.

Feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.

Networking connection between two VPCs that enables you to route traffic between them using private IP addresses.

Tool for building and managing virtual machine environments, streamlining the setup process for development environments.

Vagrant plugin that allows the use of LXC (Linux Containers) as a provider, enabling lightweight, OS-level virtualization for development environments.

Process of ensuring that systems and practices meet specified standards or regulations.

Practice of optimizing the flow of value through the software delivery lifecycle.

Lean technique for analyzing current state and designing future state of events that deliver a product or service to the customer.

Secure secret management tool for storing and controlling access to tokens, passwords, certificates, and other sensitive data.

Chaos Monkey-style tool for introducing delays and errors into TCP connections, useful for testing system resilience.

Tool for easily building custom Vagrant base boxes, KVMs, and virtual machine images.

Measure of the amount of work a team completes during a sprint or iteration, used in agile project management.

System that records changes to a file or set of files over time so that you can recall specific versions later.

Software tools that help software teams manage changes to source code over time.

German term for the "four-eyes principle", requiring two individuals to approve an action before it can be taken.

Emulation of a computer system, providing the functionality of a physical computer.

On-demand configurable pool of shared computing resources allocated within a public cloud environment.

Creation of a virtual version of something, such as a server, storage device, network or operating system.

Systematic review of security weaknesses in an information system, often involving scanning and analysis of potential vulnerabilities.

Automated process of proactively identifying security vulnerabilities of computing systems in a network.

Security solution that protects web applications and APIs from various types of attacks.

Application firewall for HTTP applications that applies a set of rules to an HTTP conversation.

Any activity in a process that does not add value to the customer, a key concept in lean methodologies for process improvement.

Traditional, linear approach to software development with distinct phases, often contrasted with more iterative methodologies like Agile.

Network plugin for Kubernetes that creates a virtual network for connecting containers across multiple hosts.

Set of practices and measures taken to protect web APIs from various security threats and unauthorized access.

Process of creating web applications, including design, coding, testing, and deployment, often using various web technologies.

Discipline of protecting websites and web applications against security threats.

Automated process of extracting data from websites, often used for data mining, price monitoring, or content aggregation.

Protocol providing full-duplex communication channels over a single TCP connection.

Automated messages sent from apps when something happens, allowing real-time data transfer and integration between different systems.

Method of testing where the internal structure/design/implementation of the item being tested is known to the tester.

SSL certificate that secures a domain and its subdomains, allowing for flexible and cost-effective implementation of HTTPS.

Record of an occurrence in a Windows operating system or application, crucial for system monitoring and troubleshooting.

Detailed record of system, security, and application notifications stored by Windows.

Measurement tools built into Windows that provide information about system operation.