Technical Definitions
Simplified explanations of complex technologies and industry concepts.
Backup & Recovery
14 items3-2-1 Backup Strategy
A best practice backup methodology that recommends keeping 3 copies of data on 2 different media types with 1 copy stored offsite.
Backup Window
The designated time period during which backup operations are scheduled to run, typically during low-usage periods to minimize impact on system performance.
Cloud Backup / Online Backup
A backup method that stores data copies in remote cloud storage services over the internet, providing offsite data protection and accessibility.
Deduplication (Data Dedup)
A data optimization technique that eliminates redundant copies of data by storing only unique data blocks, significantly reducing storage requirements.
Differential Backup
A backup type that copies all data that has changed since the last full backup, regardless of how many incremental backups have occurred.
Encryption
The process of converting data into a coded format to prevent unauthorized access, ensuring data security during storage and transmission.
Full Backup
A complete copy of all data in a system, database, or application at a specific point in time.
Immutable Backup
A backup copy that cannot be modified, deleted, or tampered with for a specified period, providing protection against ransomware and accidental changes.
Incremental Backup
A backup type that only copies data that has changed since the last backup, whether it was a full or incremental backup.
Mirror Backup
An exact copy of data that replicates the source structure and content, creating a complete mirror image of the original.
On-site Backup
A backup method where data copies are stored within the same physical location as the original data, typically on local storage systems.
Point-in-Time Recovery
A data recovery technique that allows restoration of data to any specific moment in time, enabling precise recovery before data corruption or unwanted changes occurred.
Restore / Recovery
The process of retrieving and recovering data from backup copies to restore systems, applications, or files to a previous state after data loss or system failure.
Retention Policy
A set of rules that defines how long backup data should be kept before being deleted or overwritten, balancing storage costs with recovery requirements.
Kubernetes
1 itemsAI
23 itemsAgentic AI
AI systems that exhibit goal-directed behavior and can autonomously plan, execute, and adapt their actions to achieve specific objectives without continuous human intervention.
AI Ethics
The branch of ethics that studies and evaluates moral problems related to AI systems, including the development, deployment, and use of artificial intelligence technologies in society.
Anthropic
An AI safety company that develops large language models with a focus on safety and constitutional AI principles, known for creating the Claude family of AI assistants.
ChatGPT
A conversational AI model developed by OpenAI based on the GPT architecture, designed to engage in human-like conversations and assist with various tasks through natural language interaction.
Claude
A family of large language models developed by Anthropic, designed with a focus on safety, helpfulness, and harmlessness through constitutional AI techniques.
Deep Learning
A subset of machine learning that uses artificial neural networks with multiple layers to model and understand complex patterns in data, inspired by the structure and function of the human brain.
Deepseek
An open-source AI company that develops large language models, including DeepSeek-Coder for programming tasks and other specialized models for various applications.
Explainable AI (XAI)
A set of tools and techniques that enable humans to understand and trust the decisions made by artificial intelligence systems, particularly for complex models like deep neural networks.
Fine-tuning
The process of taking a pre-trained machine learning model and further training it on a specific task or dataset to adapt its general capabilities to a particular use case or domain.
Gemini
A family of multimodal large language models developed by Google DeepMind, designed to understand and generate responses based on text, images, audio, video, and code inputs.
Generative AI
A type of artificial intelligence that uses algorithms to generate new content such as text, images, audio, video, code, and other data based on patterns learned from training data.
Graphics Processing Unit - (GPU)
A specialized electronic circuit designed to rapidly manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device, now widely used for parallel computing in AI and machine learning.
Hallucination
In AI, particularly large language models, the phenomenon where a model generates factually incorrect, fabricated, or nonsensical information that appears plausible but is not based on its training data or reality.
Inference
In AI, the process of using a trained machine learning model to make predictions or generate outputs on new, unseen data after the model has completed its training phase.
Large Language Model - (LLM)
A type of artificial intelligence model that is trained on vast amounts of text data to understand and generate human-like language, often containing billions or trillions of parameters.
Machine Learning
A branch of artificial intelligence that enables computers to learn and improve from experience without being explicitly programmed, using algorithms that identify patterns in data and make predictions or decisions.
Multimodal
In AI, a system or model that can process and understand multiple types of input data simultaneously, such as text, images, audio, and video, to provide more comprehensive analysis or generate richer outputs.
OpenAI
An artificial intelligence research laboratory consisting of OpenAI Inc. and OpenAI LP, known for developing large language models and AI systems like GPT, ChatGPT, and DALL-E.
Prompt Engineering
The practice of designing and crafting input prompts to effectively guide AI models in generating desired outputs, optimizing the interaction between humans and AI systems.
Reinforcement Learning from Human Feedback (RLHF)
A machine learning technique that uses human feedback to train AI models through reinforcement learning, where human preferences and evaluations guide the model's learning process.
Retrieval-Augmented Generation - (RAG)
An AI technique that combines information retrieval with text generation, where a model retrieves relevant documents or information before generating a response to ensure accuracy and grounding in factual data.
Token
In AI and NLP, the smallest unit of text that an AI model processes, which can be a word, subword, or character depending on the tokenization method used by the model.
Vector Embeddings
Numerical representations of data such as words, sentences, or documents in a multi-dimensional space, where similar items are positioned closer together, enabling semantic similarity calculations.
AI & Security
1 itemsSecurity
64 itemsAgentic SOC
A Security Operations Center (SOC) that leverages artificial intelligence agents to automate security monitoring, threat detection, and incident response activities.
Anti-malware
A security solution designed to detect, prevent, and remove malicious software including viruses, worms, trojans, spyware, adware, and other harmful programs.
Antivirus (AV)
A security software designed to prevent, detect, and remove viruses and other malicious software from computer systems.
API Keys
A unique identifier used to authenticate and authorize access to Application Programming Interfaces (APIs), typically used to track and control how APIs are being used.
Attack Surface
The total sum of all possible entry points, interfaces, and pathways that an attacker could use to gain unauthorized access to a system or application.
Blue Team
A group of security professionals responsible for defending an organization's systems and networks against attacks, often working in conjunction with red teams to improve security posture.
Checkov
An open-source static analysis tool that scans infrastructure as code files to detect security and compliance misconfigurations, supporting multiple infrastructure providers and configuration formats.
Cloud Access Security Broker (CASB)
A security policy enforcement point that sits between cloud service consumers and providers to monitor and control access to cloud applications and services.
Compliance as Code
An approach that treats compliance policies and controls as code, enabling automated enforcement, testing, and management of compliance requirements.
Container Security
The practice of securing containerized applications throughout their lifecycle, including image creation, orchestration, runtime, and monitoring.
Continuous Compliance
An automated approach to compliance monitoring and enforcement that continuously assesses and validates adherence to regulatory requirements, security policies, and industry standards throughout the development and deployment lifecycle.
Continuous Security
An approach that integrates security practices throughout the entire software development lifecycle, ensuring security is considered at every stage rather than as an afterthought.
CSPM
Cloud Security Posture Management - a technology that continuously monitors cloud infrastructure to identify and remediate security issues and compliance violations.
Data Loss Prevention / Data Leakage Prevention (DLP)
A security solution that detects potential data breaches and prevents unauthorized access to, or sharing of, sensitive data.
Data Privacy
The relationship between the collection and dissemination of data, technology, the public expectation of privacy, and the legal and regulatory obligations related to personal information.
Deepfake
An artificial intelligence-based technique used to create realistic fake images, audio, or video content that depicts people saying or doing things they never actually said or did.
Defense-in-Depth
A security strategy that employs multiple layers of security controls to protect information and assets, ensuring that if one layer fails, others continue to provide protection.
Dynamic Application Security Testing (DAST)
Dynamic Application Security Testing - a security testing methodology that examines running applications for vulnerabilities by simulating real-world attacks without access to the source code.
Endpoint Detection and Response (EDR)
A security solution that continuously monitors endpoints to detect and investigate suspicious activities and security threats.
Endpoint Security
A comprehensive approach to securing endpoints such as laptops, desktops, mobile devices, and servers from cyber threats and unauthorized access.
Extended Detection and Response (XDR)
A security solution that integrates data from multiple security products to provide comprehensive detection, investigation, and response capabilities across endpoints, networks, cloud, and other security layers.
IBM Identity and Access Management
IBM's suite of identity and access management solutions that provide authentication, authorization, and governance capabilities for enterprise applications and cloud services.
Identity and Access Management (IAM)
A framework of policies and technologies that ensures the right individuals have the appropriate access to technology resources at the right times and for the right reasons.
Incident Response
A structured approach to addressing and managing the aftermath of a security breach or cyberattack, including the preparation, detection, and response to security incidents.
Interactive Application Security Testing (IAST)
Interactive Application Security Testing - a security testing methodology that combines elements of static and dynamic application security testing by running in the application runtime environment.
ISO 27001
An international standard that provides requirements for establishing, implementing, maintaining, and improving an information security management system (ISMS) within the context of the organization.
Multi-Factor Authentication (MFA)
A security system that requires users to provide two or more verification factors to gain access to an application, online account, or VPN.
Next-Generation Firewall (NGFW)
Next-Generation Firewall - a security appliance that provides traditional firewall capabilities along with advanced features like application awareness, intrusion prevention, and threat intelligence.
NGAV (Next-Generation Antivirus)
An advanced antivirus solution that uses machine learning, behavioral analysis, and cloud-based intelligence to detect and prevent sophisticated threats.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire technology stack, including cloud infrastructure, microservices, and APIs.
OWASP
Open Web Application Security Project - an open-source community that provides tools, documentation, and education to improve software security.
Penetration Testing
A simulated cyberattack against a computer system, network, or web application to identify security vulnerabilities that could be exploited by attackers.
Phishing
A cyberattack that uses disguised email or other communication as a weapon to trick the recipient into revealing sensitive information or installing malware.
Post-Quantum Cryptography (PQC)
Cryptographic algorithms designed to be secure against attacks by both classical and quantum computers, intended to replace current public-key algorithms that could be broken by quantum computers.
Ransomware-as-a-Service (RaaS)
A cybercrime model where ransomware developers offer their malicious software to affiliates who carry out attacks in exchange for a percentage of the ransom payments.
Red Team
A group of security professionals who simulate adversarial attacks to test an organization's defenses, often using advanced tactics, techniques, and procedures (TTPs) to identify security weaknesses.
Resilience
The ability of a system, network, or organization to adapt, recover, and continue operating in the face of adverse conditions, including cyberattacks, natural disasters, or other disruptions.
Sandbox
A security mechanism for isolating and analyzing potentially malicious code in a secure, contained environment.
Secrets Management
The practice of securely storing, managing, and accessing sensitive information such as passwords, API keys, certificates, and other authentication credentials.
Secure Access Service Edge (SASE)
A cloud-delivered security model that combines network and security functions into a single service delivered from the cloud.
Secure by Design / Secure by Default
A security approach that involves considering security requirements during the design phase of systems, products, or services, ensuring that security features are built in from the beginning rather than added later.
Secure Web Gateway (SWG)
A security solution that filters traffic between users and the internet to prevent threats and enforce acceptable use policies.
Security as Code (SaC)
An approach that treats security controls and policies as code, enabling version control, automated testing, and continuous deployment of security measures.
Security Lifecycle Management
The continuous process of managing security controls and measures throughout the entire lifecycle of systems, applications, and data, from design through decommissioning.
Security Service Edge (SSE)
A framework that delivers network security capabilities as a cloud service, providing secure access to applications and services from any location.
Single Sign-On (SSO)
An authentication process that allows users to access multiple applications and services with one set of login credentials.
Smishing
A type of social engineering attack that uses SMS (text messages) to trick recipients into revealing personal information, installing malware, or visiting malicious websites.
SOC2
A security framework and compliance standard developed by the American Institute of CPAs (AICPA) that defines criteria for managing customer data based on five trust service principles: security, availability, processing integrity, confidentiality, and privacy.
Software Bill of Materials (SBOM)
A formal record containing the details and supply chain relationships of various components used in building software, similar to a list of ingredients in a recipe.
Software Composition Analysis (SCA)
Software Composition Analysis - a security testing methodology that identifies and manages open-source and third-party components in applications to detect vulnerabilities, licensing issues, and compliance risks.
Software-Defined Perimeter (SDP)
A security framework that uses software to dynamically define network perimeters around protected resources, creating encrypted connections based on identity and context.
Static Application Security Testing (SAST)
Static Application Security Testing - a security testing methodology that analyzes source code, bytecode, or binaries for security vulnerabilities without executing the application.
Supply Chain Attack
A type of cyberattack that targets less secure elements in the supply chain to gain access to the final target, often through compromised software or hardware components.
Threat Modeling
A structured approach for identifying, understanding, and addressing potential security threats to a system, application, or organization.
Trojans
A type of malware that appears legitimate but performs malicious functions, named after the Trojan Horse of Greek mythology.
Vishing
A type of social engineering attack that uses voice communication (phone calls) to trick individuals into revealing personal information, passwords, or financial details.
Vulnerability Assessment
A systematic review of security weaknesses in an information system, conducted to identify and quantify vulnerabilities in the system.
Vulnerability Management
A comprehensive approach to identifying, classifying, prioritizing, remediating, and mitigating security vulnerabilities in systems, applications, and networks.
Worms
A type of malicious software that replicates itself to spread to other computers, often without human interaction, and can consume network bandwidth and system resources.
Zero Trust
A security model that assumes no implicit trust and continuously validates every transaction and access request, regardless of location or network.
Zero Trust Architecture (ZTA)
A security framework that implements the Zero Trust model by requiring continuous verification of all users, devices, and applications before granting access to resources.
Zero Trust Network Access (ZTNA)
A security solution that provides secure remote access to applications and services based on identity and context, without extending network access.
Zero Trust Network Access 2.0 (ZTNA 2.0)
An evolved version of ZTNA that provides enhanced security capabilities with improved user experience and broader integration capabilities.
Zero-Day Vulnerability
A security flaw in software that is unknown to the vendor or users, leaving no time (zero days) for the vendor to address and patch the vulnerability before it can be exploited.
Methodology
10 itemsAI/MLOps
A set of practices that combines machine learning, DevOps, and data engineering to automate and streamline the process of developing, testing, deploying, and monitoring machine learning models in production.
Business Continuity Plan (BCP)
Business Continuity Plan - a comprehensive plan that outlines how an organization will continue operating during an unplanned disruption to business operations.
Business Impact Analysis (BIA)
Business Impact Analysis - a systematic process to evaluate and document the potential effects of disruption to critical business operations and processes.
CI/CD
Continuous Integration and Continuous Delivery/Deployment - a set of practices that automate the process of integrating code changes, testing them, and delivering/deploying them to production.
DevOps
A set of practices that combines software development and IT operations to shorten the development life cycle and provide continuous delivery with high software quality.
DevSecOps
An approach that integrates security practices into the DevOps process, emphasizing security as a shared responsibility throughout the application lifecycle.
Shift Left
A software development practice that emphasizes moving quality assurance, security, and testing activities earlier in the development lifecycle to identify and address issues sooner.
Simulation
A more realistic exercise than a tabletop exercise that tests specific functions or capabilities of an emergency response plan using simulated conditions without disrupting actual operations.
Software Development Life Cycle (SDLC)
Software Development Life Cycle - a systematic process for planning, creating, testing, and deploying software applications that defines phases and activities for developing high-quality software.
Tabletop Exercise
A discussion-based exercise that involves team members reviewing and discussing their roles, responsibilities, and procedures during emergency situations in an informal setting.
Cloud Provider
5 itemsAliyun
Alibaba Cloud - the cloud computing arm of Alibaba Group, providing a comprehensive suite of cloud services including computing, storage, networking, security, and big data solutions.
AWS
Amazon Web Services - a comprehensive, evolving cloud computing platform provided by Amazon that offers a mix of infrastructure as a service (IaaS), platform as a service (PaaS), and packaged software as a service (SaaS) offerings.
Azure
Microsoft Azure - a comprehensive cloud computing platform and infrastructure created by Microsoft for building, deploying, and managing applications and services through Microsoft-managed data centers.
DigitalOcean
A cloud infrastructure provider that focuses on simplifying cloud computing for developers and businesses with a developer-centric approach.
GCP
Google Cloud Platform - a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products.
Database
25 itemsAmazon DynamoDB
A fully managed NoSQL database service provided by AWS that offers fast and predictable performance with seamless scalability, supporting document and key-value data models.
Amazon Neptune
A fast, reliable, fully managed graph database service provided by AWS that makes it easy to build and run applications that work with highly connected datasets, supporting both property graph and RDF data models.
Apache Cassandra
An open-source, distributed NoSQL database management system designed to handle large amounts of data across many commodity servers, providing high availability with no single point of failure.
CockroachDB
A distributed SQL database designed for global cloud services, built on a transactional and strongly-consistent SQL API, with built-in horizontal scaling and survivability.
CouchDB
An open-source document-oriented NoSQL database that uses JSON to store data, JavaScript as its query language, and HTTP as its API, known for its multi-master replication and offline-first capabilities.
Database Management System (DBMS)
Software that provides an interface for users and applications to interact with databases, managing data storage, retrieval, security, and integrity while ensuring data consistency and availability.
Google Spanner
A globally distributed database service offered by Google Cloud that provides strong consistency, global distribution, and SQL semantics with horizontal scaling capabilities.
Graph Database
A type of NoSQL database that uses graph structures with nodes, edges, and properties to represent and store data, optimized for managing highly connected data and complex relationships.
In-Memory Database
A database management system that primarily relies on main memory for data storage, providing faster data access and processing compared to traditional disk-based databases.
Microsoft SQL Server
A relational database management system developed by Microsoft that supports a variety of transaction processing, business intelligence, and analytics applications in corporate environments.
Milvus
An open-source vector database built for scalable similarity search, designed to support diverse AI applications with high-performance vector search capabilities.
MongoDB
A source-available cross-platform document-oriented NoSQL database program that uses JSON-like documents with optional schemas, providing high performance, high availability, and easy scalability.
MySQL
An open-source relational database management system that uses SQL for managing and accessing data, widely used for web applications and known for its speed, reliability, and ease of use.
Neo4j
A graph database management system that provides ACID-compliant transactional capabilities and scales up for multi-billion node and relationship applications, using the Cypher query language.
NewSQL
A class of modern relational database management systems that seek to provide the same scalable performance of NoSQL systems while maintaining the ACID guarantees of traditional relational databases.
NoSQL Database
A type of database that provides a mechanism for storage and retrieval of data that is modeled differently than the traditional tabular relations used in relational databases, often used for large-scale distributed data systems.
Oracle Database
A multi-model database management system produced and marketed by Oracle Corporation, known for its comprehensive enterprise features, high performance, and scalability for large-scale applications.
Pinecone
A managed vector database service that enables developers to build and deploy vector search applications, providing fast similarity search for machine learning and AI applications.
PostgreSQL
A powerful, open-source object-relational database system known for its reliability, feature robustness, and performance, supporting complex queries, foreign keys, and various data types.
Redis
An open-source, in-memory data structure store used as a database, cache, and message broker, supporting various data structures such as strings, hashes, lists, sets, and more.
Relational Database
A type of database that stores and provides access to data points that are related to one another through tables, using structured query language (SQL) for data manipulation and management.
ScyllaDB
An open-source, distributed NoSQL database that is compatible with Apache Cassandra and Amazon DynamoDB, designed to deliver microsecond latency and high throughput on commodity hardware.
TiDB
An open-source, distributed SQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads, compatible with the MySQL protocol and ecosystem.
Vector Database
A specialized database designed to store and search vector embeddings, enabling efficient similarity search for machine learning, artificial intelligence, and semantic search applications.
Weaviate
An open-source vector database that allows developers to build vector search applications, featuring built-in machine learning models for automatic vectorization and semantic search capabilities.
DevOps Tools
7 itemsAnsible
An open-source automation tool that automates configuration management, application deployment, and task automation using simple YAML-based playbooks and agentless architecture.
AttuneOps
A hybrid IT automation platform that provides infrastructure automation, application deployment, and orchestration capabilities for complex enterprise environments with both on-premises and cloud resources.
Chef
An open-source configuration management tool that uses a pure-Ruby domain-specific language for writing system configuration recipes and manages infrastructure as code using a client-server architecture.
Jenkins
An open-source automation server that enables developers to build, test, and deploy software applications through a continuous integration and continuous delivery pipeline.
Puppet
An open-source configuration management tool that uses a declarative language to define system configurations and enforces those configurations across infrastructure using a master-agent architecture.
Rundeck
An open-source automation service that provides a web-based interface for running server commands and scripts, enabling teams to easily run complex tasks across large numbers of servers.
SaltStack (Salt)
An open-source configuration management and orchestration tool that uses a master-agent architecture and supports both push and pull-based approaches for infrastructure automation.
Technology
14 itemsAutomation
The use of technology to perform tasks with minimal human intervention, improving efficiency, reliability, and consistency in various processes.
Commvault
A data protection and information management software company that provides backup, recovery, and data management solutions for virtual, physical, and cloud environments.
Containerization
A lightweight virtualization technology that packages applications and their dependencies into standardized, executable containers that can run consistently across different computing environments.
Infrastructure as Code (IaC)
The process of managing and provisioning computing infrastructure through machine-readable configuration files rather than physical hardware configuration or interactive configuration tools.
Network
A collection of interconnected devices that communicate with each other to share resources, data, and services, following standardized protocols and communication rules.
Orchestration
The automated arrangement, coordination, and management of complex computer systems, middleware, and services to ensure they work together efficiently.
Proxmox
An open-source server virtualization management platform that provides a complete solution for virtualization and containerization with a web-based management interface.
SD-WAN
Software-Defined Wide Area Network - a technology that uses software-defined networking to manage and control WAN connections, providing improved performance and simplified management.
Server
A computer program or device that provides functionality for other programs or devices, called clients, in a client-server model, typically providing services such as file sharing, web hosting, or database management.
Serverless
A cloud computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers, allowing developers to focus on writing code without worrying about infrastructure management.
Veeam
A data protection and availability software provider that offers backup, recovery, and replication solutions for virtual, physical, and cloud environments.
Virtualization
The process of creating virtual versions of physical resources, such as servers, storage devices, networks, or operating systems, allowing multiple virtual machines to run on a single physical machine.
VMware
A virtualization and cloud computing software provider that offers a range of products for virtualizing computing environments and managing virtual machines.
Zerto
A disaster recovery and business continuity software provider that offers continuous data protection and replication solutions for virtual, physical, and cloud environments.
HashiCorp Tools
11 itemsBoundary
A HashiCorp secure remote access solution that provides secure access to applications and infrastructure without requiring VPNs, firewalls, or client software.
Consul
A HashiCorp service networking solution that provides service discovery, configuration, and segmentation capabilities to connect and secure services across dynamic and distributed infrastructure environments.
HashiCorp Cloud Platform (HCP)
A fully managed service offering from HashiCorp that provides hosted versions of HashiCorp tools including Consul, Vault, Nomad, and Packer with simplified operations and reduced management overhead.
HCP Vault Radar
A HashiCorp Cloud Platform (HCP) service that provides continuous monitoring and alerting for secrets rotation, policy compliance, and security posture assessment in Vault environments.
Nomad
A HashiCorp workload orchestrator that enables users to deploy and manage containers and non-containerized applications across on-premises and cloud environments at scale.
Packer
A HashiCorp tool that enables users to create identical machine images for multiple platforms from a single source configuration, supporting automated machine image creation for various cloud and virtualization platforms.
Project Infragraph
A HashiCorp initiative that aims to provide a unified view and management of infrastructure across different tools and platforms, enabling better visualization and understanding of infrastructure relationships.
Sentinel
A HashiCorp policy engine that enables organizations to create, manage, and enforce policies across their infrastructure as code and cloud resources using a purpose-built policy language.
Vagrant
A HashiCorp tool that enables users to create and configure lightweight, reproducible, and portable development environments using virtual machines, containers, or cloud providers.
Vault
A HashiCorp tool for secrets management that provides secure storage, access, and lifecycle management for sensitive data including passwords, API keys, certificates, and other secrets.
Waypoint
A HashiCorp tool that provides a modern workflow for deploying applications across cloud providers and deployment targets, offering a simple command-line interface for complex deployment operations.
Programming Languages
12 itemsC / C++
C and C++ are closely related, general-purpose programming languages where C is a procedural language and C++ is an extension of C with object-oriented programming features.
C# (C-Sharp)
A modern, object-oriented programming language developed by Microsoft that runs on the .NET framework, designed for building a variety of applications including web, mobile, desktop, and cloud applications.
Go (Golang)
An open-source programming language developed by Google that makes it easy to build simple, reliable, and efficient software, particularly well-suited for building network services and distributed systems.
JavaScript
A versatile, high-level programming language primarily used for web development, enabling interactive web pages and dynamic content, and increasingly used for server-side development and mobile applications.
Kotlin
A cross-platform, statically typed programming language developed by JetBrains that runs on the Java Virtual Machine (JVM) and can also be compiled to JavaScript or native code.
Node.js
An open-source, cross-platform JavaScript runtime environment that executes JavaScript code outside of a web browser, enabling server-side and networking applications.
PHP
A popular general-purpose scripting language that is especially suited for web development and can be embedded into HTML, powering many websites and web applications.
Python
A high-level, interpreted programming language known for its simplicity, readability, and versatility, widely used in web development, data science, artificial intelligence, automation, and scientific computing.
Rust
A systems programming language focused on safety, speed, and concurrency, with memory safety enforced at compile time without requiring garbage collection.
SQL
Structured Query Language, a domain-specific language used for managing and manipulating relational databases, allowing users to query, insert, update, and delete data.
Swift
A powerful and intuitive programming language developed by Apple for building apps on iOS, macOS, watchOS, and tvOS, designed to be safe, fast, and expressive.
TypeScript
A strongly typed programming language that builds on JavaScript, providing optional static typing and other features that help developers write more reliable and maintainable code.
DevSecOps
3 itemsCI/CD/CS Pipeline
An integrated pipeline that combines Continuous Integration (CI), Continuous Delivery/Deployment (CD), and Continuous Security (CS) practices to deliver software with built-in security checks throughout the development lifecycle.
GitOps Security
The practice of applying security controls and policies to GitOps workflows, ensuring that infrastructure and application deployments are secure, auditable, and compliant through version-controlled declarative configurations.
Policy as Code (PaC)
An approach to infrastructure and security governance that involves defining and managing policies using code and automated tools, enabling version control, testing, and integration with CI/CD pipelines.
Cloud Management
1 itemsCloud Services
4 itemsCloudFormation
Amazon's infrastructure as code service that allows users to model and provision AWS resources using declarative templates in JSON or YAML format.
Containers as a Service (CaaS)
A cloud service model that provides container orchestration and management capabilities, allowing users to deploy, manage, and scale containerized applications without managing the underlying infrastructure.
Function as a Service (FaaS)
A cloud computing service that allows developers to execute code in response to events without managing server infrastructure, billing only for the actual compute time consumed.
Terraform
An open-source infrastructure as code software tool that provides a consistent CLI workflow to manage cloud services across multiple providers using declarative configuration files.
Infrastructure
18 itemsCold Site
A backup facility that provides only basic infrastructure such as space, power, and cooling, requiring significant setup time and equipment installation to become operational after a primary site failure.
Data Center Disaster Recovery (DC-DR)
Data Center Disaster Recovery - the processes, procedures, and technologies used to recover data center operations after a significant disruption or disaster.
Disaster Recovery
A comprehensive plan and process to recover IT infrastructure and systems following a natural or human-induced disaster, ensuring business continuity and minimizing downtime.
Disaster Recovery as a Service (DRaaS)
Disaster Recovery as a Service - a cloud-based service model that provides disaster recovery capabilities to organizations without requiring them to build and maintain their own disaster recovery infrastructure.
Failback
The process of returning operations from a backup or standby system to the original primary system after the primary system has been restored or fixed.
Failover
The automatic or manual process of switching to a redundant or standby system, server, or network upon the failure or abnormal termination of the previously active system.
High Availability
A system design approach that ensures applications and services remain operational with minimal downtime, typically achieved through redundancy and failover mechanisms.
Hot Site
A fully equipped backup facility that is always ready to take over operations immediately in case of a primary site failure, with all necessary equipment, systems, and data available.
Infrastructure Lifecycle Management
The process of managing infrastructure from creation through retirement, including provisioning, configuration, maintenance, monitoring, scaling, and decommissioning of infrastructure resources.
NAS
Network Attached Storage - a file-level storage device connected to a network that provides data access to multiple clients, enabling centralized file sharing and storage management.
Offsite Backup
A backup strategy that involves storing copies of data at a location separate from the primary data center, providing protection against site-specific disasters.
Recovery Point Objective (RPO)
Recovery Point Objective - the maximum acceptable amount of data loss measured in time that an organization can tolerate during a disaster or system failure.
Recovery Time Objective (RTO)
Recovery Time Objective - the maximum acceptable time an organization can tolerate for systems to be unavailable after a disaster or system failure.
Replication
The process of copying and maintaining data across multiple locations or systems to ensure availability, improve performance, and provide disaster recovery capabilities.
SAN
Storage Area Network - a dedicated high-speed network that connects servers to storage devices, providing block-level access to shared storage resources.
Snapshot
A point-in-time copy of data that captures the state of a system, file, or storage volume at a specific moment, allowing for quick recovery and backup.
Warm Site
A partially equipped backup facility that contains some infrastructure and systems, requiring some setup time to become fully operational after a primary site failure.
Work Recovery Time (WRT)
Work Recovery Time - the time required to verify that the system is fully functional and all business processes are operating normally after a disaster recovery event.
DevOps
2 itemsConfiguration Management
A systems engineering discipline that involves tracking and controlling changes in hardware, software, firmware, documentation, and test results throughout the development and operational lifecycle.
Runbook Automation
The practice of automating operational procedures and tasks that are typically documented in runbooks, enabling consistent and efficient execution of routine IT operations without manual intervention.
Business Software
2 itemsCRM
Customer Relationship Management, a technology for managing all company's relationships and interactions with current and potential customers to improve business relationships, assist in customer retention, and drive sales growth.
ERP
Enterprise Resource Planning, a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management, and compliance.
Infrastructure as Code
3 itemsCrossplane
An open-source control plane that enables teams to build and manage cloud-native platforms by composing infrastructure and services from multiple vendors using Kubernetes-style APIs.
OpenTofu
An open-source infrastructure as code tool that enables users to define and provision infrastructure using a declarative configuration language, forked from Terraform to maintain an open-source approach.
Pulumi
An infrastructure as code platform that allows developers to use familiar programming languages to define and manage cloud infrastructure, supporting multiple cloud providers with a unified approach.
Containerization
1 itemsDevelopment Tool
1 itemsDevelopment Platform
2 itemsGitHub
A web-based hosting service for version control using Git, providing collaboration features such as bug tracking, feature requests, task management, and wikis for every project.
GitLab
A web-based DevOps lifecycle tool that provides a Git repository manager providing wiki, issue-tracking, and CI/CD pipeline features, using an open-source license.
Company
4 itemsHashiCorp
An American software company that provides open source tools for provisioning, securing, connecting, and running infrastructure, including Terraform, Vault, Consul, and Nomad.
IBM
International Business Machines Corporation - a multinational technology company that provides hardware, software, and consulting services, with a focus on artificial intelligence, cloud computing, and enterprise solutions.
Oracle
Oracle Corporation - a multinational computer technology corporation that specializes in developing and marketing database software and technology, cloud-engineered systems, and enterprise software products.
Sangfor
A Chinese technology company that specializes in internet solutions, including application delivery, information security, and cloud computing services.
Cloud Model
3 itemsInfrastructure as a Service - (IaaS)
Infrastructure as a Service - a cloud computing model that provides virtualized computing resources over the internet.
Platform as a Service (PaaS)
Platform as a Service - a cloud computing model that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining infrastructure.
Software as a Service (SaaS)
Software as a Service - a software distribution model in which applications are hosted by a cloud provider and made available to customers over the internet.