| rowID | PhrasePrimary | PhraseSecondary | Category | Description |
|---|---|---|---|---|
| 4 | ssh | secure shell | security | 1234 |
| 5 | HCI | hyper-converged infra. | systems | in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware |
| 6 | xampp | linux | Apache distribution containing MariaDB, PHP, and Perl | |
| 7 | exe | executable | files | a general executable file that can perform various actions, including installing software, |
| 8 | msi | files | a standardized database file specifically designed for software installations using the Windows Installer Service | |
| 9 | httpd | http daemon | web | the main software for the Apache HTTP Server |
| 10 | PIP | python | standard package manager for python | |
| 11 | Proxmox | Linux | is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |
| 12 | KVM | kernel-based VM | Linux | (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. |
| 13 | dkim | domain keys identified ma | is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |
| 14 | weakly typed | javascript | some types are implicitly cast, depending on the context. | |
| 35 | iframe | web | The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |
| 36 | JSON | JavaScript Object Notation | Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |
| 33 | Raster vs Vector | files | Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |
| 34 | jQuery | jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | ||
| 17 | AJAX | asynchronous Javascript and XML | web | Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. |
| 18 | mempool | blockchain | A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |
| 19 | GNU | Linux | is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |
| 20 | Paradigm | programming | A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |
| 21 | serialization | programming | the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |
| 22 | CI/CD | continuous integration/delivery | devops | a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. |
| 23 | devops | a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | ||
| 24 | compiled vs interpreted | languages | programming | Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. |
| 25 | Git | a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | ||
| 26 | React | front-end frameworks | programming | A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. |
| 27 | Angular | front-end frameworks | programming | A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. |
| 28 | Vue.js | front-end frameworks | programming | A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. |
| 29 | MySQL | |||
| 30 | PostgreSQL | |||
| 31 | MongoDB | |||
| 32 | NoSQL | designed to handle unstructured or semi-structured data and can be more flexible than relational databases | ||
| 40 | Apache | web | free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |
| 41 | chmod | shell command | linux | for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. |
| 42 | HTML5 | web | HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |
| 43 | HTML Living Standard | web | Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |
| 44 | S1ngularity incident | An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | ||
| 46 | npm | npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | ||
| 47 | git-secret | Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | ||
| 48 | QUIC | transport layer | IP Suite | QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. |
| 49 | CHF | cryptographic hash function | Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |
| 50 | IAM | identity and access management | a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |
| 51 | SAML | security assertion markup language | an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |
| 52 | Web3 | a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | ||
| 53 | pytype | python | A static type analyzer for Python code | |
| 54 | Markdown | .md, .markdown | a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |
| 55 | MAPI | message application programming interface | API for Microsoft Windows which allows programs to become email-aware. | |
| 56 | Samba | Linux | free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |
| 57 | SMB | server mesage block | communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |
| 58 | monorepo | aka- Build System | programming | is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" |
| 59 | node.JS | allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | ||
| 60 | Laravel | open-source PHP-based web framework for building web applications | ||
| 61 | package manager | Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | ||
| 62 | LCAP | link aggregation control protocol | networking | industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) |
| 63 | Sys Admin | manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | ||
| 64 | pyPI | A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | ||
| 65 | wikipediaAPI | Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | ||
| 66 | Wikimedia REST API | provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | ||
| 67 | curl | command-line utility | linux | for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. |
| 68 | Azure | Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | ||
| 69 | OSPF | networking | Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |
| 70 | MPLS | Mutliprotocol Label Switching | networking | a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. |
| 71 | DarkSide | Security | Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |
| 72 | BlackCat | aka ALHV aka Noberus | security | ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. |
| 73 | Scattered Spider | aka ALPHAV | security | Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. |
| 74 | GFW | Great Firewall of China | A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |
| 75 | iptables | command line program | linux | the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. |
| 76 | shell script | designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | ||
| 77 | DNS | Domain Name System | a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |
| 78 | Hypervisor | Virtualization | Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |
| 79 | PGP | pretty good privacy | Security | uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address |
| 80 | Post-quantum cryptography | Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | ||
| 81 | Quantum computing | Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | ||
| 82 | openSSL | Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | ||
| 83 | X.509 | Security | International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |
| 84 | Okta | provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | ||
| 85 | BeyondTrust | An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | ||
| 86 | ServiceNow | American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | ||
| 87 | AIOps | Artificial Intelligence for IT Operations | Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |
| 88 | REDCap | A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | ||
| 89 | SPSS | Statistical Package for the Social Sciences | Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |
| 90 | HPE Aruba Networking | Networking | a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |
| 91 | Fibre Channel (FC) topologies | 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | ||
| 92 | PowerBI | data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | ||
| 93 | SEO | search engine optimization | the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |
| 94 | robots.txt | the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | ||
| 95 | HPC | High-Performance Computing | Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |
| 96 | Burst buffer | In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | ||
| 97 | Penguin Solutions | designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | ||
| 98 | Switched fabric | a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | ||
| 99 | vishing | voice phishing | fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |
| 100 | SAASes | software a service, PLURAL | ||
| 101 | Wasm | WebAssembly | WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |
| 102 | asm.js | asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | ||
| 103 | Zero Trust | A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | ||
| 104 | TTP | tactics, techniques, procedures | The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |
| 105 | Akira | ransomware group | known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |
| 106 | OWASP | Open WorldWide Application Secuirty Project | works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |
| 107 | Kerberos | a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | ||
| 108 | Typosquatting | domains, package mangers | Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |
| 109 | Pixie Dust exploit | The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | ||
| 110 | SBOM | Software Bill of Materials | a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |
| 111 | Buffer overflow | A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | ||
| 112 | Binary-to-text encoding | Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | ||
| 113 | MIME | Multipurpose Internet Mail Extension | a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |
| 114 | WebSocket protocol | WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | ||
| 115 | localStorage | web | As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |
| 116 | regex | regular expressions | programming | Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." |
| 117 | POST | php method | programming | The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. |
| 118 | Idempotent | An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | ||
| 119 | Endianness | programming | describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |
| 120 | NTIA | National Telecommunicaitons and Information Administration | Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |
| 121 | PRL | protocol-relative URL | A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |
| 122 | V8 | JavaScript engine | Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |
| 123 | XCSSET | malware | The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |
| 124 | LockBit | ransomware attacker | a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |
| 125 | Cognex Corporation | American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | ||
| 126 | Jira | Project managmenet tool from Atlassian | ||
| 127 | Run-only | programming | Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |
| 128 | Xcode | programming | A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |
| 129 | AMSI | Antimalware Scan Interface | Microsoft | agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros |
| 130 | MITRE | The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | ||
| 131 | Reflective Code Loading | eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | ||
| 132 | XLAM | A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | ||
| 133 | XSS | cross-site scripting | XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |
| 134 | recursion | repeated application of a procedure or definition, Ex: nested folder structure | ||
| 135 | datacarry | ransomware attacker | 14 documented cases includes Miljodata hack | |
| 136 | Credential stuffing | a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | ||
| 137 | UNC threat actor | a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | ||
| 138 | GRUB | GRand Unified Boot Loader | linux | |
| 139 | bak | .bak file extension | A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |
| 140 | PAM | Pluggable Authentication Module | Proxmox | PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. |
| 141 | LVM | Storage pool type | Proxmox | LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. |
| 142 | LV | logical volume | Proxmox | A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start |
| 143 | EFI system partition | Extensible Firmware Interface | The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |
| 144 | Boot partition | Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | ||
| 145 | Mounted | In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | ||
| 146 | ZFS | file system | a file system with volume management capabilities | |
| 147 | ESXi | bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | ||
| 148 | UUID | univerally uniquie idenitifer | A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |
| 149 | noVNC | free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | ||
| 150 | circuit breaker | RPC design | When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |
| 151 | deadline propagation | RPC design | A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |
| 152 | Consul | devops | Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |
| 153 | Zookeeper | devops | ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. | |
| 154 | Coupling vs Cohesion | programming | Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. |
|
| 155 | Cluster | DevOps | A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |
| 156 | Archer | Governance Risk and Compliance platform | (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |
| 157 | GRC vs IRM | GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | ||
| 158 | Protocol Buffers | (Protobuf) | a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |
| 159 | BSR | Buf Schema Registry | a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |
| 160 | GlobalSign | a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | ||
| 161 | Curl | a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | ||
| 162 | netstat | a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | ||
| 163 | DLL sideloading | a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | ||
| 164 | WCAG | Web Content Accessibility Guidelines | standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |
| 165 | XSLT | eXtensible Stylesheet Language Transformations | a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |
| 166 | PEAR | PHP Extension and Application Repository | a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |
| 167 | XOR | Exclusive OR | a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |
| 168 | VLAN | networking | a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |
| 169 | runtime | a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | ||
| 170 | Monolithic architecture | In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | ||
| 171 | metadata | "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | ||
| 172 | Jaws | Job Access With Speech | accessibility | A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. |
| 173 | NVDA | NonVisual Desktop Access | accessibility | A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. |
| 174 | Narrator | Screen Reader | accessibility | The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. |
| 175 | VoiceOver | Screen Reader | accessibility | The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. |
| 176 | Talkback | Screen Reader | accessibility | The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. |
| 177 | Point of regard | POR | design | In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. |
| 178 | WCAG | Web Content Accessibility Guidelines | accessibility | A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. |
| 179 | ATAG | Authoring Tool Accessibility Guidelines | accessibility | A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. |
| 180 | UAAG | User Agent Accessibility Guidelines | accessibility | Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. |
| 181 | LDAP | Lightweight Directory Access Protocol | networking | An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. |
| 182 | WAI-ARIA | Accessible Rich Internet Applications | accessibility | A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. |
| 183 | CRM | Customer Relationship Management | data | A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. |
| 184 | SMIL | Synchronized Multimedia Integration Language | accessibility | Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. |
| 185 | Canvas | HTML5 Canvas Element | web development | An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. |
| 186 | SNS | Simple Notification Service | cloud | Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. |
| 187 | SEO link request | marketing | An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |
| 188 | Fetch API | web development | A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |
| 189 | QEMU | Quick Emulator | infrastructure | QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. |
| 190 | promise theory | architecture | A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |
| 191 | CIS | Center for Internet Security | infrastructure | A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. |
| 192 | Helm | The Kubernetes Package Manager | infrastructure | An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. |
| 193 | Cilium | infrastructure | An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |
| 194 | Rancher | infrastructure | An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |
| 195 | SAN | Subject Alternative Name | networking | An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. |
| 196 | systemd | infrastructure | A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |
| 197 | usr | Universal System Resources | infrastructure | A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. |
| 198 | ELF | Executable and Linkable Format | infrastructure | The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. |
| 199 | high vs low level analysis | architecture | A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. |
---end data---
Alphabetical order
Select rowID, PhrasePrimary, PhraseSecondary, Category, Description from Terminology ORDER BY PhrasePrimary
| rowID | PhrasePrimary | PhraseSecondary | Category | Description |
|---|---|---|---|---|
| 87 | AIOps | Artificial Intelligence for IT Operations | Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |
| 17 | AJAX | asynchronous Javascript and XML | web | Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. |
| 105 | Akira | ransomware group | known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |
| 129 | AMSI | Antimalware Scan Interface | Microsoft | agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros |
| 27 | Angular | front-end frameworks | programming | A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. |
| 40 | Apache | web | free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |
| 156 | Archer | Governance Risk and Compliance platform | (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |
| 102 | asm.js | asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | ||
| 179 | ATAG | Authoring Tool Accessibility Guidelines | accessibility | A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. |
| 68 | Azure | Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | ||
| 139 | bak | .bak file extension | A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |
| 85 | BeyondTrust | An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | ||
| 112 | Binary-to-text encoding | Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | ||
| 72 | BlackCat | aka ALHV aka Noberus | security | ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. |
| 144 | Boot partition | Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | ||
| 159 | BSR | Buf Schema Registry | a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |
| 111 | Buffer overflow | A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | ||
| 96 | Burst buffer | In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | ||
| 185 | Canvas | HTML5 Canvas Element | web development | An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. |
| 49 | CHF | cryptographic hash function | Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |
| 41 | chmod | shell command | linux | for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. |
| 22 | CI/CD | continuous integration/delivery | devops | a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. |
| 193 | Cilium | infrastructure | An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |
| 150 | circuit breaker | RPC design | When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |
| 191 | CIS | Center for Internet Security | infrastructure | A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. |
| 155 | Cluster | DevOps | A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |
| 125 | Cognex Corporation | American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | ||
| 24 | compiled vs interpreted | languages | programming | Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. |
| 152 | Consul | devops | Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |
| 154 | Coupling vs Cohesion | programming | Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. |
|
| 136 | Credential stuffing | a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | ||
| 183 | CRM | Customer Relationship Management | data | A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. |
| 67 | curl | command-line utility | linux | for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. |
| 161 | Curl | a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | ||
| 71 | DarkSide | Security | Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |
| 135 | datacarry | ransomware attacker | 14 documented cases includes Miljodata hack | |
| 151 | deadline propagation | RPC design | A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |
| 23 | devops | a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | ||
| 13 | dkim | domain keys identified ma | is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |
| 163 | DLL sideloading | a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | ||
| 77 | DNS | Domain Name System | a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |
| 143 | EFI system partition | Extensible Firmware Interface | The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |
| 198 | ELF | Executable and Linkable Format | infrastructure | The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. |
| 119 | Endianness | programming | describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |
| 147 | ESXi | bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | ||
| 7 | exe | executable | files | a general executable file that can perform various actions, including installing software, |
| 188 | Fetch API | web development | A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |
| 91 | Fibre Channel (FC) topologies | 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | ||
| 74 | GFW | Great Firewall of China | A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |
| 25 | Git | a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | ||
| 47 | git-secret | Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | ||
| 160 | GlobalSign | a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | ||
| 19 | GNU | Linux | is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |
| 157 | GRC vs IRM | GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | ||
| 138 | GRUB | GRand Unified Boot Loader | linux | |
| 5 | HCI | hyper-converged infra. | systems | in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware |
| 192 | Helm | The Kubernetes Package Manager | infrastructure | An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. |
| 199 | high vs low level analysis | architecture | A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | |
| 95 | HPC | High-Performance Computing | Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |
| 90 | HPE Aruba Networking | Networking | a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |
| 43 | HTML Living Standard | web | Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |
| 42 | HTML5 | web | HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |
| 9 | httpd | http daemon | web | the main software for the Apache HTTP Server |
| 78 | Hypervisor | Virtualization | Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |
| 50 | IAM | identity and access management | a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |
| 118 | Idempotent | An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | ||
| 35 | iframe | web | The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |
| 75 | iptables | command line program | linux | the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. |
| 172 | Jaws | Job Access With Speech | accessibility | A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. |
| 126 | Jira | Project managmenet tool from Atlassian | ||
| 34 | jQuery | jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | ||
| 36 | JSON | JavaScript Object Notation | Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |
| 107 | Kerberos | a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | ||
| 12 | KVM | kernel-based VM | Linux | (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. |
| 60 | Laravel | open-source PHP-based web framework for building web applications | ||
| 62 | LCAP | link aggregation control protocol | networking | industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) |
| 181 | LDAP | Lightweight Directory Access Protocol | networking | An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. |
| 115 | localStorage | web | As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |
| 124 | LockBit | ransomware attacker | a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |
| 142 | LV | logical volume | Proxmox | A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start |
| 141 | LVM | Storage pool type | Proxmox | LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. |
| 55 | MAPI | message application programming interface | API for Microsoft Windows which allows programs to become email-aware. | |
| 54 | Markdown | .md, .markdown | a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |
| 18 | mempool | blockchain | A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |
| 171 | metadata | "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | ||
| 113 | MIME | Multipurpose Internet Mail Extension | a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |
| 130 | MITRE | The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | ||
| 31 | MongoDB | |||
| 170 | Monolithic architecture | In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | ||
| 58 | monorepo | aka- Build System | programming | is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" |
| 145 | Mounted | In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | ||
| 70 | MPLS | Mutliprotocol Label Switching | networking | a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. |
| 8 | msi | files | a standardized database file specifically designed for software installations using the Windows Installer Service | |
| 29 | MySQL | |||
| 174 | Narrator | Screen Reader | accessibility | The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. |
| 162 | netstat | a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | ||
| 59 | node.JS | allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | ||
| 32 | NoSQL | designed to handle unstructured or semi-structured data and can be more flexible than relational databases | ||
| 149 | noVNC | free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | ||
| 46 | npm | npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | ||
| 120 | NTIA | National Telecommunicaitons and Information Administration | Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |
| 173 | NVDA | NonVisual Desktop Access | accessibility | A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. |
| 84 | Okta | provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | ||
| 82 | openSSL | Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | ||
| 69 | OSPF | networking | Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |
| 106 | OWASP | Open WorldWide Application Secuirty Project | works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |
| 61 | package manager | Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | ||
| 140 | PAM | Pluggable Authentication Module | Proxmox | PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. |
| 20 | Paradigm | programming | A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |
| 166 | PEAR | PHP Extension and Application Repository | a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |
| 97 | Penguin Solutions | designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | ||
| 79 | PGP | pretty good privacy | Security | uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address |
| 10 | PIP | python | standard package manager for python | |
| 109 | Pixie Dust exploit | The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | ||
| 177 | Point of regard | POR | design | In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. |
| 117 | POST | php method | programming | The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. |
| 80 | Post-quantum cryptography | Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | ||
| 30 | PostgreSQL | |||
| 92 | PowerBI | data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | ||
| 121 | PRL | protocol-relative URL | A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |
| 190 | promise theory | architecture | A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |
| 158 | Protocol Buffers | (Protobuf) | a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |
| 11 | Proxmox | Linux | is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |
| 64 | pyPI | A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | ||
| 53 | pytype | python | A static type analyzer for Python code | |
| 189 | QEMU | Quick Emulator | infrastructure | QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. |
| 81 | Quantum computing | Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | ||
| 48 | QUIC | transport layer | IP Suite | QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. |
| 194 | Rancher | infrastructure | An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |
| 33 | Raster vs Vector | files | Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |
| 26 | React | front-end frameworks | programming | A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. |
| 134 | recursion | repeated application of a procedure or definition, Ex: nested folder structure | ||
| 88 | REDCap | A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | ||
| 131 | Reflective Code Loading | eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | ||
| 116 | regex | regular expressions | programming | Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." |
| 94 | robots.txt | the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | ||
| 127 | Run-only | programming | Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |
| 169 | runtime | a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | ||
| 44 | S1ngularity incident | An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | ||
| 100 | SAASes | software a service, PLURAL | ||
| 56 | Samba | Linux | free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |
| 51 | SAML | security assertion markup language | an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |
| 195 | SAN | Subject Alternative Name | networking | An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. |
| 110 | SBOM | Software Bill of Materials | a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |
| 73 | Scattered Spider | aka ALPHAV | security | Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. |
| 93 | SEO | search engine optimization | the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |
| 187 | SEO link request | marketing | An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |
| 21 | serialization | programming | the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |
| 86 | ServiceNow | American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | ||
| 76 | shell script | designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | ||
| 57 | SMB | server mesage block | communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |
| 184 | SMIL | Synchronized Multimedia Integration Language | accessibility | Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. |
| 186 | SNS | Simple Notification Service | cloud | Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. |
| 89 | SPSS | Statistical Package for the Social Sciences | Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |
| 4 | ssh | secure shell | security | 1234 |
| 98 | Switched fabric | a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | ||
| 63 | Sys Admin | manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | ||
| 196 | systemd | infrastructure | A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |
| 176 | Talkback | Screen Reader | accessibility | The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. |
| 104 | TTP | tactics, techniques, procedures | The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |
| 108 | Typosquatting | domains, package mangers | Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |
| 180 | UAAG | User Agent Accessibility Guidelines | accessibility | Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. |
| 137 | UNC threat actor | a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | ||
| 197 | usr | Universal System Resources | infrastructure | A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. |
| 148 | UUID | univerally uniquie idenitifer | A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |
| 122 | V8 | JavaScript engine | Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |
| 99 | vishing | voice phishing | fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |
| 168 | VLAN | networking | a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |
| 175 | VoiceOver | Screen Reader | accessibility | The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. |
| 28 | Vue.js | front-end frameworks | programming | A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. |
| 182 | WAI-ARIA | Accessible Rich Internet Applications | accessibility | A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. |
| 101 | Wasm | WebAssembly | WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |
| 164 | WCAG | Web Content Accessibility Guidelines | standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |
| 178 | WCAG | Web Content Accessibility Guidelines | accessibility | A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. |
| 14 | weakly typed | javascript | some types are implicitly cast, depending on the context. | |
| 52 | Web3 | a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | ||
| 114 | WebSocket protocol | WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | ||
| 66 | Wikimedia REST API | provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | ||
| 65 | wikipediaAPI | Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | ||
| 83 | X.509 | Security | International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |
| 6 | xampp | linux | Apache distribution containing MariaDB, PHP, and Perl | |
| 128 | Xcode | programming | A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |
| 123 | XCSSET | malware | The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |
| 132 | XLAM | A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | ||
| 167 | XOR | Exclusive OR | a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |
| 165 | XSLT | eXtensible Stylesheet Language Transformations | a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |
| 133 | XSS | cross-site scripting | XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |
| 103 | Zero Trust | A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | ||
| 146 | ZFS | file system | a file system with volume management capabilities | |
| 153 | Zookeeper | devops | ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. |
---end data---
--Omitting the db row# from the output.
--Rearranging columns.
--The SQL query syntax stays the same, but HTML table headers and cells need reconfiguration:
#Query, unchanged. We can pull these from the db in any order, and output them in a different order later.
Select rowID, PhrasePrimary, PhraseSecondary, Category, Description from Terminology ORDER BY PhrasePrimary
#HTML before:
<th>rowID</th><th>PhrasePrimary</th><th>PhraseSecondary</th><th>Category</th><th>Description</th>
<tr>
<td> <?php echo $row['rowID']; ?> </td>
<td id="concept"> <?php echo $row['PhrasePrimary']; ?> </td>
<td> <?php echo $row['PhraseSecondary']; ?> </td>
<td> <?php echo $row['Category']; ?> </td>
<td> <?php echo $row['Description']; ?> </td>
</tr>
#HTML after:
<th>Category</th><th>PhrasePrimary</th><th>PhraseSecondary</th><th>Description</th>
<tr>
<td> <?php echo $row['Category']; ?> </td>
<td id="concept"> <?php echo $row['PhrasePrimary']; ?> </td>
<td> <?php echo $row['PhraseSecondary']; ?> </td>
<td> <?php echo $row['Description']; ?> </td>
</tr>
| Category | PhrasePrimary | PhraseSecondary | Description |
|---|---|---|---|
| AIOps | Artificial Intelligence for IT Operations | Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |
| web | AJAX | asynchronous Javascript and XML | Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. |
| Akira | ransomware group | known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |
| Microsoft | AMSI | Antimalware Scan Interface | agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros |
| programming | Angular | front-end frameworks | A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. |
| web | Apache | free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |
| Archer | Governance Risk and Compliance platform | (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |
| asm.js | asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | ||
| accessibility | ATAG | Authoring Tool Accessibility Guidelines | A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. |
| Azure | Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | ||
| bak | .bak file extension | A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |
| BeyondTrust | An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | ||
| Binary-to-text encoding | Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | ||
| security | BlackCat | aka ALHV aka Noberus | ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. |
| Boot partition | Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | ||
| BSR | Buf Schema Registry | a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |
| Buffer overflow | A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | ||
| Burst buffer | In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | ||
| web development | Canvas | HTML5 Canvas Element | An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. |
| CHF | cryptographic hash function | Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |
| linux | chmod | shell command | for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. |
| devops | CI/CD | continuous integration/delivery | a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. |
| infrastructure | Cilium | An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |
| RPC design | circuit breaker | When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |
| infrastructure | CIS | Center for Internet Security | A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. |
| Cluster | DevOps | A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |
| Cognex Corporation | American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | ||
| programming | compiled vs interpreted | languages | Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. |
| devops | Consul | Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |
| programming | Coupling vs Cohesion | Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. |
|
| Credential stuffing | a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | ||
| data | CRM | Customer Relationship Management | A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. |
| linux | curl | command-line utility | for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. |
| Curl | a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | ||
| Security | DarkSide | Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |
| ransomware attacker | datacarry | 14 documented cases includes Miljodata hack | |
| RPC design | deadline propagation | A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |
| devops | a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | ||
| dkim | domain keys identified ma | is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |
| DLL sideloading | a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | ||
| DNS | Domain Name System | a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |
| EFI system partition | Extensible Firmware Interface | The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |
| infrastructure | ELF | Executable and Linkable Format | The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. |
| programming | Endianness | describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |
| ESXi | bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | ||
| files | exe | executable | a general executable file that can perform various actions, including installing software, |
| web development | Fetch API | A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |
| Fibre Channel (FC) topologies | 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | ||
| GFW | Great Firewall of China | A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |
| Git | a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | ||
| git-secret | Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | ||
| GlobalSign | a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | ||
| Linux | GNU | is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |
| GRC vs IRM | GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | ||
| linux | GRUB | GRand Unified Boot Loader | |
| systems | HCI | hyper-converged infra. | in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware |
| infrastructure | Helm | The Kubernetes Package Manager | An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. |
| architecture | high vs low level analysis | A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | |
| HPC | High-Performance Computing | Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |
| Networking | HPE Aruba Networking | a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |
| web | HTML Living Standard | Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |
| web | HTML5 | HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |
| web | httpd | http daemon | the main software for the Apache HTTP Server |
| Virtualization | Hypervisor | Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |
| IAM | identity and access management | a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |
| Idempotent | An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | ||
| web | iframe | The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |
| linux | iptables | command line program | the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. |
| accessibility | Jaws | Job Access With Speech | A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. |
| Jira | Project managmenet tool from Atlassian | ||
| jQuery | jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | ||
| JSON | JavaScript Object Notation | Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |
| Kerberos | a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | ||
| Linux | KVM | kernel-based VM | (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. |
| Laravel | open-source PHP-based web framework for building web applications | ||
| networking | LCAP | link aggregation control protocol | industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) |
| networking | LDAP | Lightweight Directory Access Protocol | An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. |
| web | localStorage | As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |
| ransomware attacker | LockBit | a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |
| Proxmox | LV | logical volume | A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start |
| Proxmox | LVM | Storage pool type | LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. |
| MAPI | message application programming interface | API for Microsoft Windows which allows programs to become email-aware. | |
| Markdown | .md, .markdown | a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |
| blockchain | mempool | A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |
| metadata | "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | ||
| MIME | Multipurpose Internet Mail Extension | a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |
| MITRE | The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | ||
| MongoDB | |||
| Monolithic architecture | In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | ||
| programming | monorepo | aka- Build System | is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" |
| Mounted | In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | ||
| networking | MPLS | Mutliprotocol Label Switching | a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. |
| files | msi | a standardized database file specifically designed for software installations using the Windows Installer Service | |
| MySQL | |||
| accessibility | Narrator | Screen Reader | The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. |
| netstat | a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | ||
| node.JS | allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | ||
| NoSQL | designed to handle unstructured or semi-structured data and can be more flexible than relational databases | ||
| noVNC | free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | ||
| npm | npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | ||
| NTIA | National Telecommunicaitons and Information Administration | Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |
| accessibility | NVDA | NonVisual Desktop Access | A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. |
| Okta | provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | ||
| openSSL | Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | ||
| networking | OSPF | Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |
| OWASP | Open WorldWide Application Secuirty Project | works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |
| package manager | Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | ||
| Proxmox | PAM | Pluggable Authentication Module | PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. |
| programming | Paradigm | A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |
| PEAR | PHP Extension and Application Repository | a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |
| Penguin Solutions | designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | ||
| Security | PGP | pretty good privacy | uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address |
| python | PIP | standard package manager for python | |
| Pixie Dust exploit | The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | ||
| design | Point of regard | POR | In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. |
| programming | POST | php method | The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. |
| Post-quantum cryptography | Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | ||
| PostgreSQL | |||
| PowerBI | data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | ||
| PRL | protocol-relative URL | A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |
| architecture | promise theory | A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |
| Protocol Buffers | (Protobuf) | a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |
| Linux | Proxmox | is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |
| pyPI | A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | ||
| pytype | python | A static type analyzer for Python code | |
| infrastructure | QEMU | Quick Emulator | QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. |
| Quantum computing | Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | ||
| IP Suite | QUIC | transport layer | QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. |
| infrastructure | Rancher | An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |
| files | Raster vs Vector | Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |
| programming | React | front-end frameworks | A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. |
| recursion | repeated application of a procedure or definition, Ex: nested folder structure | ||
| REDCap | A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | ||
| Reflective Code Loading | eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | ||
| programming | regex | regular expressions | Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." |
| robots.txt | the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | ||
| programming | Run-only | Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |
| runtime | a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | ||
| S1ngularity incident | An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | ||
| SAASes | software a service, PLURAL | ||
| Linux | Samba | free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |
| SAML | security assertion markup language | an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |
| networking | SAN | Subject Alternative Name | An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. |
| SBOM | Software Bill of Materials | a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |
| security | Scattered Spider | aka ALPHAV | Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. |
| SEO | search engine optimization | the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |
| marketing | SEO link request | An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |
| programming | serialization | the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |
| ServiceNow | American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | ||
| shell script | designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | ||
| SMB | server mesage block | communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |
| accessibility | SMIL | Synchronized Multimedia Integration Language | Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. |
| cloud | SNS | Simple Notification Service | Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. |
| SPSS | Statistical Package for the Social Sciences | Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |
| security | ssh | secure shell | 1234 |
| Switched fabric | a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | ||
| Sys Admin | manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | ||
| infrastructure | systemd | A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |
| accessibility | Talkback | Screen Reader | The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. |
| TTP | tactics, techniques, procedures | The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |
| Typosquatting | domains, package mangers | Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |
| accessibility | UAAG | User Agent Accessibility Guidelines | Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. |
| UNC threat actor | a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | ||
| infrastructure | usr | Universal System Resources | A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. |
| UUID | univerally uniquie idenitifer | A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |
| V8 | JavaScript engine | Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |
| vishing | voice phishing | fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |
| networking | VLAN | a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |
| accessibility | VoiceOver | Screen Reader | The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. |
| programming | Vue.js | front-end frameworks | A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. |
| accessibility | WAI-ARIA | Accessible Rich Internet Applications | A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. |
| Wasm | WebAssembly | WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |
| WCAG | Web Content Accessibility Guidelines | standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |
| accessibility | WCAG | Web Content Accessibility Guidelines | A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. |
| javascript | weakly typed | some types are implicitly cast, depending on the context. | |
| Web3 | a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | ||
| WebSocket protocol | WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | ||
| Wikimedia REST API | provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | ||
| wikipediaAPI | Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | ||
| Security | X.509 | International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |
| linux | xampp | Apache distribution containing MariaDB, PHP, and Perl | |
| programming | Xcode | A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |
| malware | XCSSET | The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |
| XLAM | A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | ||
| XOR | Exclusive OR | a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |
| XSLT | eXtensible Stylesheet Language Transformations | a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |
| XSS | cross-site scripting | XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |
| Zero Trust | A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | ||
| ZFS | file system | a file system with volume management capabilities | |
| devops | Zookeeper | ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. |
---end data---
Moving the 'description' column into it's own row. Doesnt quite work, since the table header row didnt change.
| Category | PhrasePrimary | PhraseSecondary | Description |
|---|---|---|
| AIOps | Artificial Intelligence for IT Operations | |
| Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | ||
| web | AJAX | asynchronous Javascript and XML |
| Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. | ||
| Akira | ransomware group | |
| known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | ||
| Microsoft | AMSI | Antimalware Scan Interface |
| agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros | ||
| programming | Angular | front-end frameworks |
| A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. | ||
| web | Apache | |
| free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | ||
| Archer | Governance Risk and Compliance platform | |
| (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | ||
| asm.js | ||
| asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | ||
| accessibility | ATAG | Authoring Tool Accessibility Guidelines |
| A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. | ||
| Azure | ||
| Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | ||
| bak | .bak file extension | |
| A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | ||
| BeyondTrust | ||
| An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | ||
| Binary-to-text encoding | ||
| Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | ||
| security | BlackCat | aka ALHV aka Noberus |
| ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. | ||
| Boot partition | ||
| Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | ||
| BSR | Buf Schema Registry | |
| a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | ||
| Buffer overflow | ||
| A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | ||
| Burst buffer | ||
| In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | ||
| web development | Canvas | HTML5 Canvas Element |
| An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. | ||
| CHF | cryptographic hash function | |
| Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | ||
| linux | chmod | shell command |
| for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. | ||
| devops | CI/CD | continuous integration/delivery |
| a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. | ||
| infrastructure | Cilium | |
| An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | ||
| RPC design | circuit breaker | |
| When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | ||
| infrastructure | CIS | Center for Internet Security |
| A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. | ||
| Cluster | DevOps | |
| A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | ||
| Cognex Corporation | ||
| American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | ||
| programming | compiled vs interpreted | languages |
| Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. | ||
| devops | Consul | |
| Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | ||
| programming | Coupling vs Cohesion | |
| Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. |
||
| Credential stuffing | ||
| a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | ||
| data | CRM | Customer Relationship Management |
| A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. | ||
| linux | curl | command-line utility |
| for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. | ||
| Curl | ||
| a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | ||
| Security | DarkSide | |
| Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | ||
| ransomware attacker | datacarry | |
| 14 documented cases includes Miljodata hack | ||
| RPC design | deadline propagation | |
| A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | ||
| devops | ||
| a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | ||
| dkim | domain keys identified ma | |
| is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | ||
| DLL sideloading | ||
| a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | ||
| DNS | Domain Name System | |
| a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | ||
| EFI system partition | Extensible Firmware Interface | |
| The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | ||
| infrastructure | ELF | Executable and Linkable Format |
| The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. | ||
| programming | Endianness | |
| describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | ||
| ESXi | ||
| bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | ||
| files | exe | executable |
| a general executable file that can perform various actions, including installing software, | ||
| web development | Fetch API | |
| A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | ||
| Fibre Channel (FC) topologies | ||
| 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | ||
| GFW | Great Firewall of China | |
| A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | ||
| Git | ||
| a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | ||
| git-secret | ||
| Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | ||
| GlobalSign | ||
| a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | ||
| Linux | GNU | |
| is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | ||
| GRC vs IRM | ||
| GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | ||
| linux | GRUB | GRand Unified Boot Loader |
| systems | HCI | hyper-converged infra. |
| in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware | ||
| infrastructure | Helm | The Kubernetes Package Manager |
| An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. | ||
| architecture | high vs low level analysis | |
| A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | ||
| HPC | High-Performance Computing | |
| Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | ||
| Networking | HPE Aruba Networking | |
| a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | ||
| web | HTML Living Standard | |
| Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | ||
| web | HTML5 | |
| HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | ||
| web | httpd | http daemon |
| the main software for the Apache HTTP Server | ||
| Virtualization | Hypervisor | |
| Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | ||
| IAM | identity and access management | |
| a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | ||
| Idempotent | ||
| An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | ||
| web | iframe | |
| The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | ||
| linux | iptables | command line program |
| the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. | ||
| accessibility | Jaws | Job Access With Speech |
| A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. | ||
| Jira | ||
| Project managmenet tool from Atlassian | ||
| jQuery | ||
| jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | ||
| JSON | JavaScript Object Notation | |
| Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | ||
| Kerberos | ||
| a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | ||
| Linux | KVM | kernel-based VM |
| (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. | ||
| Laravel | ||
| open-source PHP-based web framework for building web applications | ||
| networking | LCAP | link aggregation control protocol |
| industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) | ||
| networking | LDAP | Lightweight Directory Access Protocol |
| An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. | ||
| web | localStorage | |
| As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | ||
| ransomware attacker | LockBit | |
| a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | ||
| Proxmox | LV | logical volume |
| A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start | ||
| Proxmox | LVM | Storage pool type |
| LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. | ||
| MAPI | message application programming interface | |
| API for Microsoft Windows which allows programs to become email-aware. | ||
| Markdown | .md, .markdown | |
| a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | ||
| blockchain | mempool | |
| A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | ||
| metadata | ||
| "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | ||
| MIME | Multipurpose Internet Mail Extension | |
| a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | ||
| MITRE | ||
| The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | ||
| MongoDB | ||
| Monolithic architecture | ||
| In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | ||
| programming | monorepo | aka- Build System |
| is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" | ||
| Mounted | ||
| In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | ||
| networking | MPLS | Mutliprotocol Label Switching |
| a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. | ||
| files | msi | |
| a standardized database file specifically designed for software installations using the Windows Installer Service | ||
| MySQL | ||
| accessibility | Narrator | Screen Reader |
| The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. | ||
| netstat | ||
| a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | ||
| node.JS | ||
| allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | ||
| NoSQL | ||
| designed to handle unstructured or semi-structured data and can be more flexible than relational databases | ||
| noVNC | ||
| free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | ||
| npm | ||
| npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | ||
| NTIA | National Telecommunicaitons and Information Administration | |
| Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | ||
| accessibility | NVDA | NonVisual Desktop Access |
| A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. | ||
| Okta | ||
| provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | ||
| openSSL | ||
| Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | ||
| networking | OSPF | |
| Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | ||
| OWASP | Open WorldWide Application Secuirty Project | |
| works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | ||
| package manager | ||
| Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | ||
| Proxmox | PAM | Pluggable Authentication Module |
| PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. | ||
| programming | Paradigm | |
| A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | ||
| PEAR | PHP Extension and Application Repository | |
| a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | ||
| Penguin Solutions | ||
| designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | ||
| Security | PGP | pretty good privacy |
| uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address | ||
| python | PIP | |
| standard package manager for python | ||
| Pixie Dust exploit | ||
| The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | ||
| design | Point of regard | POR |
| In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. | ||
| programming | POST | php method |
| The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. | ||
| Post-quantum cryptography | ||
| Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | ||
| PostgreSQL | ||
| PowerBI | ||
| data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | ||
| PRL | protocol-relative URL | |
| A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | ||
| architecture | promise theory | |
| A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | ||
| Protocol Buffers | (Protobuf) | |
| a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | ||
| Linux | Proxmox | |
| is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | ||
| pyPI | ||
| A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | ||
| pytype | python | |
| A static type analyzer for Python code | ||
| infrastructure | QEMU | Quick Emulator |
| QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. | ||
| Quantum computing | ||
| Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | ||
| IP Suite | QUIC | transport layer |
| QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. | ||
| infrastructure | Rancher | |
| An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | ||
| files | Raster vs Vector | |
| Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | ||
| programming | React | front-end frameworks |
| A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. | ||
| recursion | ||
| repeated application of a procedure or definition, Ex: nested folder structure | ||
| REDCap | ||
| A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | ||
| Reflective Code Loading | ||
| eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | ||
| programming | regex | regular expressions |
| Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." | ||
| robots.txt | ||
| the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | ||
| programming | Run-only | |
| Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | ||
| runtime | ||
| a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | ||
| S1ngularity incident | ||
| An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | ||
| SAASes | software a service, PLURAL | |
| Linux | Samba | |
| free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | ||
| SAML | security assertion markup language | |
| an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | ||
| networking | SAN | Subject Alternative Name |
| An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. | ||
| SBOM | Software Bill of Materials | |
| a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | ||
| security | Scattered Spider | aka ALPHAV |
| Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. | ||
| SEO | search engine optimization | |
| the process of improving the quality and quantity of website traffic to a website or a web page from search engines | ||
| marketing | SEO link request | |
| An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | ||
| programming | serialization | |
| the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | ||
| ServiceNow | ||
| American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | ||
| shell script | ||
| designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | ||
| SMB | server mesage block | |
| communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | ||
| accessibility | SMIL | Synchronized Multimedia Integration Language |
| Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. | ||
| cloud | SNS | Simple Notification Service |
| Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. | ||
| SPSS | Statistical Package for the Social Sciences | |
| Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | ||
| security | ssh | secure shell |
| 1234 | ||
| Switched fabric | ||
| a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | ||
| Sys Admin | ||
| manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | ||
| infrastructure | systemd | |
| A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | ||
| accessibility | Talkback | Screen Reader |
| The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. | ||
| TTP | tactics, techniques, procedures | |
| The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | ||
| Typosquatting | domains, package mangers | |
| Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | ||
| accessibility | UAAG | User Agent Accessibility Guidelines |
| Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. | ||
| UNC threat actor | ||
| a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | ||
| infrastructure | usr | Universal System Resources |
| A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. | ||
| UUID | univerally uniquie idenitifer | |
| A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | ||
| V8 | JavaScript engine | |
| Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | ||
| vishing | voice phishing | |
| fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | ||
| networking | VLAN | |
| a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | ||
| accessibility | VoiceOver | Screen Reader |
| The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. | ||
| programming | Vue.js | front-end frameworks |
| A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. | ||
| accessibility | WAI-ARIA | Accessible Rich Internet Applications |
| A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. | ||
| Wasm | WebAssembly | |
| WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | ||
| WCAG | Web Content Accessibility Guidelines | |
| standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | ||
| accessibility | WCAG | Web Content Accessibility Guidelines |
| A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. | ||
| javascript | weakly typed | |
| some types are implicitly cast, depending on the context. | ||
| Web3 | ||
| a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | ||
| WebSocket protocol | ||
| WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | ||
| Wikimedia REST API | ||
| provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | ||
| wikipediaAPI | ||
| Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | ||
| Security | X.509 | |
| International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | ||
| linux | xampp | |
| Apache distribution containing MariaDB, PHP, and Perl | ||
| programming | Xcode | |
| A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | ||
| malware | XCSSET | |
| The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | ||
| XLAM | ||
| A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | ||
| XOR | Exclusive OR | |
| a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | ||
| XSLT | eXtensible Stylesheet Language Transformations | |
| a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | ||
| XSS | cross-site scripting | |
| XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | ||
| Zero Trust | ||
| A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | ||
| ZFS | file system | |
| a file system with volume management capabilities | ||
| devops | Zookeeper | |
| ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. |
---end data---
--Re-arranging table headers
--omitting 'description' column
--using colspan for description
--each entry consists of two rows
<tr>
<td> <?php echo $row['Category']; ?> </td>
<td id="concept"> <?php echo $row['PhrasePrimary']; ?> </td>
<td> <?php echo $row['PhraseSecondary']; ?> </td>
</tr>
<tr>
<td colspan="4"> <?php echo $row['Description']; ?> </td>
</tr>
| PhrasePrimary | PhraseSecondary | Category | |
|---|---|---|---|
| AIOps | |||
| Artificial Intelligence for IT Operations | |||
| Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |||
| AJAX | |||
| asynchronous Javascript and XML | |||
| web | |||
| Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. | |||
| Akira | |||
| ransomware group | |||
| known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |||
| AMSI | |||
| Antimalware Scan Interface | |||
| Microsoft | |||
| agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros | |||
| Angular | |||
| front-end frameworks | |||
| programming | |||
| A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. | |||
| Apache | |||
| web | |||
| free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |||
| Archer | |||
| Governance Risk and Compliance platform | |||
| (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |||
| asm.js | |||
| asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | |||
| ATAG | |||
| Authoring Tool Accessibility Guidelines | |||
| accessibility | |||
| A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. | |||
| Azure | |||
| Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | |||
| bak | |||
| .bak file extension | |||
| A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |||
| BeyondTrust | |||
| An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | |||
| Binary-to-text encoding | |||
| Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | |||
| BlackCat | |||
| aka ALHV aka Noberus | |||
| security | |||
| ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. | |||
| Boot partition | |||
| Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | |||
| BSR | |||
| Buf Schema Registry | |||
| a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |||
| Buffer overflow | |||
| A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | |||
| Burst buffer | |||
| In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | |||
| Canvas | |||
| HTML5 Canvas Element | |||
| web development | |||
| An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. | |||
| CHF | |||
| cryptographic hash function | |||
| Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |||
| chmod | |||
| shell command | |||
| linux | |||
| for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. | |||
| CI/CD | |||
| continuous integration/delivery | |||
| devops | |||
| a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. | |||
| Cilium | |||
| infrastructure | |||
| An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |||
| circuit breaker | |||
| RPC design | |||
| When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |||
| CIS | |||
| Center for Internet Security | |||
| infrastructure | |||
| A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. | |||
| Cluster | |||
| DevOps | |||
| A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |||
| Cognex Corporation | |||
| American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | |||
| compiled vs interpreted | |||
| languages | |||
| programming | |||
| Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. | |||
| Consul | |||
| devops | |||
| Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |||
| Coupling vs Cohesion | |||
| programming | |||
| Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. | |||
| Credential stuffing | |||
| a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | |||
| CRM | |||
| Customer Relationship Management | |||
| data | |||
| A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. | |||
| curl | |||
| command-line utility | |||
| linux | |||
| for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. | |||
| Curl | |||
| a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | |||
| DarkSide | |||
| Security | |||
| Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |||
| datacarry | |||
| ransomware attacker | |||
| 14 documented cases includes Miljodata hack | |||
| deadline propagation | |||
| RPC design | |||
| A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |||
| devops | |||
| a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | |||
| dkim | |||
| domain keys identified ma | |||
| is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |||
| DLL sideloading | |||
| a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | |||
| DNS | |||
| Domain Name System | |||
| a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |||
| EFI system partition | |||
| Extensible Firmware Interface | |||
| The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |||
| ELF | |||
| Executable and Linkable Format | |||
| infrastructure | |||
| The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. | |||
| Endianness | |||
| programming | |||
| describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |||
| ESXi | |||
| bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | |||
| exe | |||
| executable | |||
| files | |||
| a general executable file that can perform various actions, including installing software, | |||
| Fetch API | |||
| web development | |||
| A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |||
| Fibre Channel (FC) topologies | |||
| 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | |||
| GFW | |||
| Great Firewall of China | |||
| A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |||
| Git | |||
| a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | |||
| git-secret | |||
| Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | |||
| GlobalSign | |||
| a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | |||
| GNU | |||
| Linux | |||
| is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |||
| GRC vs IRM | |||
| GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | |||
| GRUB | |||
| GRand Unified Boot Loader | |||
| linux | |||
| HCI | |||
| hyper-converged infra. | |||
| systems | |||
| in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware | |||
| Helm | |||
| The Kubernetes Package Manager | |||
| infrastructure | |||
| An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. | |||
| high vs low level analysis | |||
| architecture | |||
| A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | |||
| HPC | |||
| High-Performance Computing | |||
| Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |||
| HPE Aruba Networking | |||
| Networking | |||
| a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |||
| HTML Living Standard | |||
| web | |||
| Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |||
| HTML5 | |||
| web | |||
| HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |||
| httpd | |||
| http daemon | |||
| web | |||
| the main software for the Apache HTTP Server | |||
| Hypervisor | |||
| Virtualization | |||
| Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |||
| IAM | |||
| identity and access management | |||
| a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |||
| Idempotent | |||
| An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | |||
| iframe | |||
| web | |||
| The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |||
| iptables | |||
| command line program | |||
| linux | |||
| the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. | |||
| Jaws | |||
| Job Access With Speech | |||
| accessibility | |||
| A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. | |||
| Jira | |||
| Project managmenet tool from Atlassian | |||
| jQuery | |||
| jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | |||
| JSON | |||
| JavaScript Object Notation | |||
| Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |||
| Kerberos | |||
| a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | |||
| KVM | |||
| kernel-based VM | |||
| Linux | |||
| (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. | |||
| Laravel | |||
| open-source PHP-based web framework for building web applications | |||
| LCAP | |||
| link aggregation control protocol | |||
| networking | |||
| industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) | |||
| LDAP | |||
| Lightweight Directory Access Protocol | |||
| networking | |||
| An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. | |||
| localStorage | |||
| web | |||
| As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |||
| LockBit | |||
| ransomware attacker | |||
| a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |||
| LV | |||
| logical volume | |||
| Proxmox | |||
| A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start | |||
| LVM | |||
| Storage pool type | |||
| Proxmox | |||
| LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. | |||
| MAPI | |||
| message application programming interface | |||
| API for Microsoft Windows which allows programs to become email-aware. | |||
| Markdown | |||
| .md, .markdown | |||
| a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |||
| mempool | |||
| blockchain | |||
| A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |||
| metadata | |||
| "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | |||
| MIME | |||
| Multipurpose Internet Mail Extension | |||
| a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |||
| MITRE | |||
| The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | |||
| MongoDB | |||
| Monolithic architecture | |||
| In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | |||
| monorepo | |||
| aka- Build System | |||
| programming | |||
| is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" | |||
| Mounted | |||
| In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | |||
| MPLS | |||
| Mutliprotocol Label Switching | |||
| networking | |||
| a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. | |||
| msi | |||
| files | |||
| a standardized database file specifically designed for software installations using the Windows Installer Service | |||
| MySQL | |||
| Narrator | |||
| Screen Reader | |||
| accessibility | |||
| The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. | |||
| netstat | |||
| a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | |||
| node.JS | |||
| allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | |||
| NoSQL | |||
| designed to handle unstructured or semi-structured data and can be more flexible than relational databases | |||
| noVNC | |||
| free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | |||
| npm | |||
| npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | |||
| NTIA | |||
| National Telecommunicaitons and Information Administration | |||
| Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |||
| NVDA | |||
| NonVisual Desktop Access | |||
| accessibility | |||
| A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. | |||
| Okta | |||
| provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | |||
| openSSL | |||
| Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | |||
| OSPF | |||
| networking | |||
| Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |||
| OWASP | |||
| Open WorldWide Application Secuirty Project | |||
| works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |||
| package manager | |||
| Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | |||
| PAM | |||
| Pluggable Authentication Module | |||
| Proxmox | |||
| PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. | |||
| Paradigm | |||
| programming | |||
| A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |||
| PEAR | |||
| PHP Extension and Application Repository | |||
| a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |||
| Penguin Solutions | |||
| designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | |||
| PGP | |||
| pretty good privacy | |||
| Security | |||
| uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address | |||
| PIP | |||
| python | |||
| standard package manager for python | |||
| Pixie Dust exploit | |||
| The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | |||
| Point of regard | |||
| POR | |||
| design | |||
| In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. | |||
| POST | |||
| php method | |||
| programming | |||
| The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. | |||
| Post-quantum cryptography | |||
| Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | |||
| PostgreSQL | |||
| PowerBI | |||
| data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | |||
| PRL | |||
| protocol-relative URL | |||
| A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |||
| promise theory | |||
| architecture | |||
| A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |||
| Protocol Buffers | |||
| (Protobuf) | |||
| a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |||
| Proxmox | |||
| Linux | |||
| is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |||
| pyPI | |||
| A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | |||
| pytype | |||
| python | |||
| A static type analyzer for Python code | |||
| QEMU | |||
| Quick Emulator | |||
| infrastructure | |||
| QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. | |||
| Quantum computing | |||
| Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | |||
| QUIC | |||
| transport layer | |||
| IP Suite | |||
| QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. | |||
| Rancher | |||
| infrastructure | |||
| An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |||
| Raster vs Vector | |||
| files | |||
| Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |||
| React | |||
| front-end frameworks | |||
| programming | |||
| A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. | |||
| recursion | |||
| repeated application of a procedure or definition, Ex: nested folder structure | |||
| REDCap | |||
| A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | |||
| Reflective Code Loading | |||
| eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | |||
| regex | |||
| regular expressions | |||
| programming | |||
| Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." | |||
| robots.txt | |||
| the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | |||
| Run-only | |||
| programming | |||
| Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |||
| runtime | |||
| a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | |||
| S1ngularity incident | |||
| An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | |||
| SAASes | |||
| software a service, PLURAL | |||
| Samba | |||
| Linux | |||
| free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |||
| SAML | |||
| security assertion markup language | |||
| an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |||
| SAN | |||
| Subject Alternative Name | |||
| networking | |||
| An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. | |||
| SBOM | |||
| Software Bill of Materials | |||
| a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |||
| Scattered Spider | |||
| aka ALPHAV | |||
| security | |||
| Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. | |||
| SEO | |||
| search engine optimization | |||
| the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |||
| SEO link request | |||
| marketing | |||
| An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |||
| serialization | |||
| programming | |||
| the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |||
| ServiceNow | |||
| American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | |||
| shell script | |||
| designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | |||
| SMB | |||
| server mesage block | |||
| communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |||
| SMIL | |||
| Synchronized Multimedia Integration Language | |||
| accessibility | |||
| Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. | |||
| SNS | |||
| Simple Notification Service | |||
| cloud | |||
| Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. | |||
| SPSS | |||
| Statistical Package for the Social Sciences | |||
| Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |||
| ssh | |||
| secure shell | |||
| security | |||
| 1234 | |||
| Switched fabric | |||
| a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | |||
| Sys Admin | |||
| manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | |||
| systemd | |||
| infrastructure | |||
| A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |||
| Talkback | |||
| Screen Reader | |||
| accessibility | |||
| The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. | |||
| TTP | |||
| tactics, techniques, procedures | |||
| The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |||
| Typosquatting | |||
| domains, package mangers | |||
| Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |||
| UAAG | |||
| User Agent Accessibility Guidelines | |||
| accessibility | |||
| Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. | |||
| UNC threat actor | |||
| a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | |||
| usr | |||
| Universal System Resources | |||
| infrastructure | |||
| A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. | |||
| UUID | |||
| univerally uniquie idenitifer | |||
| A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |||
| V8 | |||
| JavaScript engine | |||
| Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |||
| vishing | |||
| voice phishing | |||
| fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |||
| VLAN | |||
| networking | |||
| a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |||
| VoiceOver | |||
| Screen Reader | |||
| accessibility | |||
| The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. | |||
| Vue.js | |||
| front-end frameworks | |||
| programming | |||
| A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. | |||
| WAI-ARIA | |||
| Accessible Rich Internet Applications | |||
| accessibility | |||
| A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. | |||
| Wasm | |||
| WebAssembly | |||
| WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |||
| WCAG | |||
| Web Content Accessibility Guidelines | |||
| standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |||
| WCAG | |||
| Web Content Accessibility Guidelines | |||
| accessibility | |||
| A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. | |||
| weakly typed | |||
| javascript | |||
| some types are implicitly cast, depending on the context. | |||
| Web3 | |||
| a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | |||
| WebSocket protocol | |||
| WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | |||
| Wikimedia REST API | |||
| provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | |||
| wikipediaAPI | |||
| Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | |||
| X.509 | |||
| Security | |||
| International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |||
| xampp | |||
| linux | |||
| Apache distribution containing MariaDB, PHP, and Perl | |||
| Xcode | |||
| programming | |||
| A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |||
| XCSSET | |||
| malware | |||
| The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |||
| XLAM | |||
| A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | |||
| XOR | |||
| Exclusive OR | |||
| a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |||
| XSLT | |||
| eXtensible Stylesheet Language Transformations | |||
| a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |||
| XSS | |||
| cross-site scripting | |||
| XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |||
| Zero Trust | |||
| A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | |||
| ZFS | |||
| file system | |||
| a file system with volume management capabilities | |||
| Zookeeper | |||
| devops | |||
| ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. | |||
---end data---
--Added sticky table header and scrolling, height-restricted table container. Rearranged columns into rows.. Need a gap at bottom of each section
| PhrasePrimary | PhraseSecondary | Category | |
|---|---|---|---|
| AIOps | |||
| Artificial Intelligence for IT Operations | |||
| Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |||
| gap | |||
| AJAX | |||
| asynchronous Javascript and XML | |||
| web | |||
| Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. | |||
| gap | |||
| Akira | |||
| ransomware group | |||
| known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |||
| gap | |||
| AMSI | |||
| Antimalware Scan Interface | |||
| Microsoft | |||
| agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros | |||
| gap | |||
| Angular | |||
| front-end frameworks | |||
| programming | |||
| A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. | |||
| gap | |||
| Apache | |||
| web | |||
| free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |||
| gap | |||
| Archer | |||
| Governance Risk and Compliance platform | |||
| (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |||
| gap | |||
| asm.js | |||
| asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | |||
| gap | |||
| ATAG | |||
| Authoring Tool Accessibility Guidelines | |||
| accessibility | |||
| A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. | |||
| gap | |||
| Azure | |||
| Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | |||
| gap | |||
| bak | |||
| .bak file extension | |||
| A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |||
| gap | |||
| BeyondTrust | |||
| An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | |||
| gap | |||
| Binary-to-text encoding | |||
| Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | |||
| gap | |||
| BlackCat | |||
| aka ALHV aka Noberus | |||
| security | |||
| ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. | |||
| gap | |||
| Boot partition | |||
| Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | |||
| gap | |||
| BSR | |||
| Buf Schema Registry | |||
| a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |||
| gap | |||
| Buffer overflow | |||
| A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | |||
| gap | |||
| Burst buffer | |||
| In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | |||
| gap | |||
| Canvas | |||
| HTML5 Canvas Element | |||
| web development | |||
| An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. | |||
| gap | |||
| CHF | |||
| cryptographic hash function | |||
| Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |||
| gap | |||
| chmod | |||
| shell command | |||
| linux | |||
| for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. | |||
| gap | |||
| CI/CD | |||
| continuous integration/delivery | |||
| devops | |||
| a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. | |||
| gap | |||
| Cilium | |||
| infrastructure | |||
| An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |||
| gap | |||
| circuit breaker | |||
| RPC design | |||
| When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |||
| gap | |||
| CIS | |||
| Center for Internet Security | |||
| infrastructure | |||
| A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. | |||
| gap | |||
| Cluster | |||
| DevOps | |||
| A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |||
| gap | |||
| Cognex Corporation | |||
| American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | |||
| gap | |||
| compiled vs interpreted | |||
| languages | |||
| programming | |||
| Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. | |||
| gap | |||
| Consul | |||
| devops | |||
| Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |||
| gap | |||
| Coupling vs Cohesion | |||
| programming | |||
| Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. | |||
| gap | |||
| Credential stuffing | |||
| a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | |||
| gap | |||
| CRM | |||
| Customer Relationship Management | |||
| data | |||
| A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. | |||
| gap | |||
| curl | |||
| command-line utility | |||
| linux | |||
| for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. | |||
| gap | |||
| Curl | |||
| a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | |||
| gap | |||
| DarkSide | |||
| Security | |||
| Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |||
| gap | |||
| datacarry | |||
| ransomware attacker | |||
| 14 documented cases includes Miljodata hack | |||
| gap | |||
| deadline propagation | |||
| RPC design | |||
| A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |||
| gap | |||
| devops | |||
| a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | |||
| gap | |||
| dkim | |||
| domain keys identified ma | |||
| is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |||
| gap | |||
| DLL sideloading | |||
| a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | |||
| gap | |||
| DNS | |||
| Domain Name System | |||
| a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |||
| gap | |||
| EFI system partition | |||
| Extensible Firmware Interface | |||
| The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |||
| gap | |||
| ELF | |||
| Executable and Linkable Format | |||
| infrastructure | |||
| The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. | |||
| gap | |||
| Endianness | |||
| programming | |||
| describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |||
| gap | |||
| ESXi | |||
| bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | |||
| gap | |||
| exe | |||
| executable | |||
| files | |||
| a general executable file that can perform various actions, including installing software, | |||
| gap | |||
| Fetch API | |||
| web development | |||
| A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |||
| gap | |||
| Fibre Channel (FC) topologies | |||
| 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | |||
| gap | |||
| GFW | |||
| Great Firewall of China | |||
| A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |||
| gap | |||
| Git | |||
| a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | |||
| gap | |||
| git-secret | |||
| Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | |||
| gap | |||
| GlobalSign | |||
| a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | |||
| gap | |||
| GNU | |||
| Linux | |||
| is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |||
| gap | |||
| GRC vs IRM | |||
| GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | |||
| gap | |||
| GRUB | |||
| GRand Unified Boot Loader | |||
| linux | |||
| gap | |||
| HCI | |||
| hyper-converged infra. | |||
| systems | |||
| in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware | |||
| gap | |||
| Helm | |||
| The Kubernetes Package Manager | |||
| infrastructure | |||
| An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. | |||
| gap | |||
| high vs low level analysis | |||
| architecture | |||
| A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | |||
| gap | |||
| HPC | |||
| High-Performance Computing | |||
| Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |||
| gap | |||
| HPE Aruba Networking | |||
| Networking | |||
| a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |||
| gap | |||
| HTML Living Standard | |||
| web | |||
| Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |||
| gap | |||
| HTML5 | |||
| web | |||
| HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |||
| gap | |||
| httpd | |||
| http daemon | |||
| web | |||
| the main software for the Apache HTTP Server | |||
| gap | |||
| Hypervisor | |||
| Virtualization | |||
| Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |||
| gap | |||
| IAM | |||
| identity and access management | |||
| a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |||
| gap | |||
| Idempotent | |||
| An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | |||
| gap | |||
| iframe | |||
| web | |||
| The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |||
| gap | |||
| iptables | |||
| command line program | |||
| linux | |||
| the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. | |||
| gap | |||
| Jaws | |||
| Job Access With Speech | |||
| accessibility | |||
| A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. | |||
| gap | |||
| Jira | |||
| Project managmenet tool from Atlassian | |||
| gap | |||
| jQuery | |||
| jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | |||
| gap | |||
| JSON | |||
| JavaScript Object Notation | |||
| Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |||
| gap | |||
| Kerberos | |||
| a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | |||
| gap | |||
| KVM | |||
| kernel-based VM | |||
| Linux | |||
| (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. | |||
| gap | |||
| Laravel | |||
| open-source PHP-based web framework for building web applications | |||
| gap | |||
| LCAP | |||
| link aggregation control protocol | |||
| networking | |||
| industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) | |||
| gap | |||
| LDAP | |||
| Lightweight Directory Access Protocol | |||
| networking | |||
| An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. | |||
| gap | |||
| localStorage | |||
| web | |||
| As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |||
| gap | |||
| LockBit | |||
| ransomware attacker | |||
| a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |||
| gap | |||
| LV | |||
| logical volume | |||
| Proxmox | |||
| A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start | |||
| gap | |||
| LVM | |||
| Storage pool type | |||
| Proxmox | |||
| LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. | |||
| gap | |||
| MAPI | |||
| message application programming interface | |||
| API for Microsoft Windows which allows programs to become email-aware. | |||
| gap | |||
| Markdown | |||
| .md, .markdown | |||
| a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |||
| gap | |||
| mempool | |||
| blockchain | |||
| A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |||
| gap | |||
| metadata | |||
| "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | |||
| gap | |||
| MIME | |||
| Multipurpose Internet Mail Extension | |||
| a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |||
| gap | |||
| MITRE | |||
| The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | |||
| gap | |||
| MongoDB | |||
| gap | |||
| Monolithic architecture | |||
| In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | |||
| gap | |||
| monorepo | |||
| aka- Build System | |||
| programming | |||
| is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" | |||
| gap | |||
| Mounted | |||
| In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | |||
| gap | |||
| MPLS | |||
| Mutliprotocol Label Switching | |||
| networking | |||
| a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. | |||
| gap | |||
| msi | |||
| files | |||
| a standardized database file specifically designed for software installations using the Windows Installer Service | |||
| gap | |||
| MySQL | |||
| gap | |||
| Narrator | |||
| Screen Reader | |||
| accessibility | |||
| The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. | |||
| gap | |||
| netstat | |||
| a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | |||
| gap | |||
| node.JS | |||
| allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | |||
| gap | |||
| NoSQL | |||
| designed to handle unstructured or semi-structured data and can be more flexible than relational databases | |||
| gap | |||
| noVNC | |||
| free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | |||
| gap | |||
| npm | |||
| npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | |||
| gap | |||
| NTIA | |||
| National Telecommunicaitons and Information Administration | |||
| Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |||
| gap | |||
| NVDA | |||
| NonVisual Desktop Access | |||
| accessibility | |||
| A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. | |||
| gap | |||
| Okta | |||
| provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | |||
| gap | |||
| openSSL | |||
| Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | |||
| gap | |||
| OSPF | |||
| networking | |||
| Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |||
| gap | |||
| OWASP | |||
| Open WorldWide Application Secuirty Project | |||
| works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |||
| gap | |||
| package manager | |||
| Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | |||
| gap | |||
| PAM | |||
| Pluggable Authentication Module | |||
| Proxmox | |||
| PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. | |||
| gap | |||
| Paradigm | |||
| programming | |||
| A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |||
| gap | |||
| PEAR | |||
| PHP Extension and Application Repository | |||
| a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |||
| gap | |||
| Penguin Solutions | |||
| designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | |||
| gap | |||
| PGP | |||
| pretty good privacy | |||
| Security | |||
| uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address | |||
| gap | |||
| PIP | |||
| python | |||
| standard package manager for python | |||
| gap | |||
| Pixie Dust exploit | |||
| The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | |||
| gap | |||
| Point of regard | |||
| POR | |||
| design | |||
| In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. | |||
| gap | |||
| POST | |||
| php method | |||
| programming | |||
| The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. | |||
| gap | |||
| Post-quantum cryptography | |||
| Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | |||
| gap | |||
| PostgreSQL | |||
| gap | |||
| PowerBI | |||
| data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | |||
| gap | |||
| PRL | |||
| protocol-relative URL | |||
| A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |||
| gap | |||
| promise theory | |||
| architecture | |||
| A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |||
| gap | |||
| Protocol Buffers | |||
| (Protobuf) | |||
| a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |||
| gap | |||
| Proxmox | |||
| Linux | |||
| is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |||
| gap | |||
| pyPI | |||
| A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | |||
| gap | |||
| pytype | |||
| python | |||
| A static type analyzer for Python code | |||
| gap | |||
| QEMU | |||
| Quick Emulator | |||
| infrastructure | |||
| QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. | |||
| gap | |||
| Quantum computing | |||
| Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | |||
| gap | |||
| QUIC | |||
| transport layer | |||
| IP Suite | |||
| QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. | |||
| gap | |||
| Rancher | |||
| infrastructure | |||
| An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |||
| gap | |||
| Raster vs Vector | |||
| files | |||
| Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |||
| gap | |||
| React | |||
| front-end frameworks | |||
| programming | |||
| A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. | |||
| gap | |||
| recursion | |||
| repeated application of a procedure or definition, Ex: nested folder structure | |||
| gap | |||
| REDCap | |||
| A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | |||
| gap | |||
| Reflective Code Loading | |||
| eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | |||
| gap | |||
| regex | |||
| regular expressions | |||
| programming | |||
| Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." | |||
| gap | |||
| robots.txt | |||
| the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | |||
| gap | |||
| Run-only | |||
| programming | |||
| Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |||
| gap | |||
| runtime | |||
| a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | |||
| gap | |||
| S1ngularity incident | |||
| An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | |||
| gap | |||
| SAASes | |||
| software a service, PLURAL | |||
| gap | |||
| Samba | |||
| Linux | |||
| free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |||
| gap | |||
| SAML | |||
| security assertion markup language | |||
| an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |||
| gap | |||
| SAN | |||
| Subject Alternative Name | |||
| networking | |||
| An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. | |||
| gap | |||
| SBOM | |||
| Software Bill of Materials | |||
| a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |||
| gap | |||
| Scattered Spider | |||
| aka ALPHAV | |||
| security | |||
| Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. | |||
| gap | |||
| SEO | |||
| search engine optimization | |||
| the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |||
| gap | |||
| SEO link request | |||
| marketing | |||
| An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |||
| gap | |||
| serialization | |||
| programming | |||
| the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |||
| gap | |||
| ServiceNow | |||
| American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | |||
| gap | |||
| shell script | |||
| designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | |||
| gap | |||
| SMB | |||
| server mesage block | |||
| communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |||
| gap | |||
| SMIL | |||
| Synchronized Multimedia Integration Language | |||
| accessibility | |||
| Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. | |||
| gap | |||
| SNS | |||
| Simple Notification Service | |||
| cloud | |||
| Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. | |||
| gap | |||
| SPSS | |||
| Statistical Package for the Social Sciences | |||
| Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |||
| gap | |||
| ssh | |||
| secure shell | |||
| security | |||
| 1234 | |||
| gap | |||
| Switched fabric | |||
| a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | |||
| gap | |||
| Sys Admin | |||
| manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | |||
| gap | |||
| systemd | |||
| infrastructure | |||
| A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |||
| gap | |||
| Talkback | |||
| Screen Reader | |||
| accessibility | |||
| The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. | |||
| gap | |||
| TTP | |||
| tactics, techniques, procedures | |||
| The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |||
| gap | |||
| Typosquatting | |||
| domains, package mangers | |||
| Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |||
| gap | |||
| UAAG | |||
| User Agent Accessibility Guidelines | |||
| accessibility | |||
| Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. | |||
| gap | |||
| UNC threat actor | |||
| a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | |||
| gap | |||
| usr | |||
| Universal System Resources | |||
| infrastructure | |||
| A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. | |||
| gap | |||
| UUID | |||
| univerally uniquie idenitifer | |||
| A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |||
| gap | |||
| V8 | |||
| JavaScript engine | |||
| Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |||
| gap | |||
| vishing | |||
| voice phishing | |||
| fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |||
| gap | |||
| VLAN | |||
| networking | |||
| a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |||
| gap | |||
| VoiceOver | |||
| Screen Reader | |||
| accessibility | |||
| The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. | |||
| gap | |||
| Vue.js | |||
| front-end frameworks | |||
| programming | |||
| A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. | |||
| gap | |||
| WAI-ARIA | |||
| Accessible Rich Internet Applications | |||
| accessibility | |||
| A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. | |||
| gap | |||
| Wasm | |||
| WebAssembly | |||
| WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |||
| gap | |||
| WCAG | |||
| Web Content Accessibility Guidelines | |||
| standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |||
| gap | |||
| WCAG | |||
| Web Content Accessibility Guidelines | |||
| accessibility | |||
| A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. | |||
| gap | |||
| weakly typed | |||
| javascript | |||
| some types are implicitly cast, depending on the context. | |||
| gap | |||
| Web3 | |||
| a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | |||
| gap | |||
| WebSocket protocol | |||
| WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | |||
| gap | |||
| Wikimedia REST API | |||
| provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | |||
| gap | |||
| wikipediaAPI | |||
| Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | |||
| gap | |||
| X.509 | |||
| Security | |||
| International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |||
| gap | |||
| xampp | |||
| linux | |||
| Apache distribution containing MariaDB, PHP, and Perl | |||
| gap | |||
| Xcode | |||
| programming | |||
| A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |||
| gap | |||
| XCSSET | |||
| malware | |||
| The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |||
| gap | |||
| XLAM | |||
| A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | |||
| gap | |||
| XOR | |||
| Exclusive OR | |||
| a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |||
| gap | |||
| XSLT | |||
| eXtensible Stylesheet Language Transformations | |||
| a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |||
| gap | |||
| XSS | |||
| cross-site scripting | |||
| XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |||
| gap | |||
| Zero Trust | |||
| A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | |||
| gap | |||
| ZFS | |||
| file system | |||
| a file system with volume management capabilities | |||
| gap | |||
| Zookeeper | |||
| devops | |||
| ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. | |||
| gap | |||
---end data---
--reconfig rows
| PhrasePrimary | PhraseSecondary | Category | |
|---|---|---|---|
| AIOps | |||
| Artificial Intelligence for IT Operations -- | |||
| Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods | |||
| gap | |||
| AJAX | |||
| asynchronous Javascript and XML -- web | |||
| Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way. | |||
| gap | |||
| Akira | |||
| ransomware group -- | |||
| known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems. | |||
| gap | |||
| AMSI | |||
| Antimalware Scan Interface -- Microsoft | |||
| agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications. The AMSI feature is integrated into these components of Windows 10. -User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation) -PowerShell (scripts, interactive use, and dynamic code evaluation) -Windows Script Host (wscript.exe and cscript.exe) -JavaScript and VBScript -Office VBA macros | |||
| gap | |||
| Angular | |||
| front-end frameworks -- programming | |||
| A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications. | |||
| gap | |||
| Apache | |||
| -- web | |||
| free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation. | |||
| gap | |||
| Archer | |||
| Governance Risk and Compliance platform -- | |||
| (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently | |||
| gap | |||
| asm.js | |||
| -- | |||
| asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly. | |||
| gap | |||
| ATAG | |||
| Authoring Tool Accessibility Guidelines -- accessibility | |||
| A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content. | |||
| gap | |||
| Azure | |||
| -- | |||
| Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions. | |||
| gap | |||
| bak | |||
| .bak file extension -- | |||
| A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it. Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped. | |||
| gap | |||
| BeyondTrust | |||
| -- | |||
| An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust. | |||
| gap | |||
| Binary-to-text encoding | |||
| -- | |||
| Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64. | |||
| gap | |||
| BlackCat | |||
| aka ALHV aka Noberus -- security | |||
| ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations. | |||
| gap | |||
| Boot partition | |||
| -- | |||
| Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly | |||
| gap | |||
| BSR | |||
| Buf Schema Registry -- | |||
| a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development | |||
| gap | |||
| Buffer overflow | |||
| -- | |||
| A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management. | |||
| gap | |||
| Burst buffer | |||
| -- | |||
| In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems. | |||
| gap | |||
| Canvas | |||
| HTML5 Canvas Element -- web development | |||
| An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box. | |||
| gap | |||
| CHF | |||
| cryptographic hash function -- | |||
| Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes. | |||
| gap | |||
| chmod | |||
| shell command -- linux | |||
| for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively. | |||
| gap | |||
| CI/CD | |||
| continuous integration/delivery -- devops | |||
| a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes. | |||
| gap | |||
| Cilium | |||
| -- infrastructure | |||
| An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level. | |||
| gap | |||
| circuit breaker | |||
| -- RPC design | |||
| When a service fails or slows down, sending it more requests will only make things worse. A circuit breaker is a smart pattern that prevents this from happening. If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network. | |||
| gap | |||
| CIS | |||
| Center for Internet Security -- infrastructure | |||
| A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications. | |||
| gap | |||
| Cluster | |||
| DevOps -- | |||
| A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing. Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability | |||
| gap | |||
| Cognex Corporation | |||
| -- | |||
| American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots. | |||
| gap | |||
| compiled vs interpreted | |||
| languages -- programming | |||
| Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser. Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent. From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features. | |||
| gap | |||
| Consul | |||
| -- devops | |||
| Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption. | |||
| gap | |||
| Coupling vs Cohesion | |||
| -- programming | |||
| Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability. Cohesion refers to the degree to which the elements inside a module belong together. | |||
| gap | |||
| Credential stuffing | |||
| -- | |||
| a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application | |||
| gap | |||
| CRM | |||
| Customer Relationship Management -- data | |||
| A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines. | |||
| gap | |||
| curl | |||
| command-line utility -- linux | |||
| for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros. | |||
| gap | |||
| Curl | |||
| -- | |||
| a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default. | |||
| gap | |||
| DarkSide | |||
| -- Security | |||
| Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021. They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp. | |||
| gap | |||
| datacarry | |||
| -- ransomware attacker | |||
| 14 documented cases includes Miljodata hack | |||
| gap | |||
| deadline propagation | |||
| -- RPC design | |||
| A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C. If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline. | |||
| gap | |||
| devops | |||
| -- | |||
| a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations. | |||
| gap | |||
| dkim | |||
| domain keys identified ma -- mail | |||
| is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks. | |||
| gap | |||
| DLL sideloading | |||
| -- | |||
| a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one . By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting. | |||
| gap | |||
| DNS | |||
| Domain Name System -- | |||
| a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. Record types A - IPv4 AAA- IPv6 CNAME- aliasing MX - mail server TXT - text PTR - reverse lookup, the opposite of an A or AAAA record SRV - service, host and port CAA - Which CA's are allowed to issue SSL certs | |||
| gap | |||
| EFI system partition | |||
| Extensible Firmware Interface -- | |||
| The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities. An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs | |||
| gap | |||
| ELF | |||
| Executable and Linkable Format -- infrastructure | |||
| The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute. | |||
| gap | |||
| Endianness | |||
| -- programming | |||
| describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark | |||
| gap | |||
| ESXi | |||
| -- | |||
| bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers | |||
| gap | |||
| exe | |||
| executable -- files | |||
| a general executable file that can perform various actions, including installing software, | |||
| gap | |||
| Fetch API | |||
| -- web development | |||
| A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object. | |||
| gap | |||
| Fibre Channel (FC) topologies | |||
| -- | |||
| 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network. | |||
| gap | |||
| GFW | |||
| Great Firewall of China -- | |||
| A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies. | |||
| gap | |||
| Git | |||
| -- | |||
| a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds. | |||
| gap | |||
| git-secret | |||
| -- | |||
| Encrypts files and stores them inside your git repository, providing a history of changes for every commit. | |||
| gap | |||
| GlobalSign | |||
| -- | |||
| a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption. | |||
| gap | |||
| GNU | |||
| -- Linux | |||
| is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language) | |||
| gap | |||
| GRC vs IRM | |||
| -- | |||
| GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented | |||
| gap | |||
| GRUB | |||
| GRand Unified Boot Loader -- linux | |||
| gap | |||
| HCI | |||
| hyper-converged infra. -- systems | |||
| in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware | |||
| gap | |||
| Helm | |||
| The Kubernetes Package Manager -- infrastructure | |||
| An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments. | |||
| gap | |||
| high vs low level analysis | |||
| -- architecture | |||
| A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance. | |||
| gap | |||
| HPC | |||
| High-Performance Computing -- | |||
| Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery | |||
| gap | |||
| HPE Aruba Networking | |||
| -- Networking | |||
| a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company. | |||
| gap | |||
| HTML Living Standard | |||
| -- web | |||
| Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft). | |||
| gap | |||
| HTML5 | |||
| -- web | |||
| HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind. | |||
| gap | |||
| httpd | |||
| http daemon -- web | |||
| the main software for the Apache HTTP Server | |||
| gap | |||
| Hypervisor | |||
| -- Virtualization | |||
| Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS. | |||
| gap | |||
| IAM | |||
| identity and access management -- | |||
| a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources | |||
| gap | |||
| Idempotent | |||
| -- | |||
| An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done. | |||
| gap | |||
| iframe | |||
| -- web | |||
| The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one. | |||
| gap | |||
| iptables | |||
| command line program -- linux | |||
| the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. | |||
| gap | |||
| Jaws | |||
| Job Access With Speech -- accessibility | |||
| A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific. | |||
| gap | |||
| Jira | |||
| -- | |||
| Project managmenet tool from Atlassian | |||
| gap | |||
| jQuery | |||
| -- | |||
| jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript. | |||
| gap | |||
| JSON | |||
| JavaScript Object Notation -- | |||
| Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only. Code for reading and generating JSON data can be written in any programming language. | |||
| gap | |||
| Kerberos | |||
| -- | |||
| a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business. | |||
| gap | |||
| KVM | |||
| kernel-based VM -- Linux | |||
| (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor. | |||
| gap | |||
| Laravel | |||
| -- | |||
| open-source PHP-based web framework for building web applications | |||
| gap | |||
| LCAP | |||
| link aggregation control protocol -- networking | |||
| industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol)) | |||
| gap | |||
| LDAP | |||
| Lightweight Directory Access Protocol -- networking | |||
| An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components. | |||
| gap | |||
| localStorage | |||
| -- web | |||
| As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased. Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle. You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site. | |||
| gap | |||
| LockBit | |||
| -- ransomware attacker | |||
| a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption. | |||
| gap | |||
| LV | |||
| logical volume -- Proxmox | |||
| A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs) the terminology works like this: PV (physical volume) is a block device or parts of it, it's where the data is actually stored VG (volume group) a grouping of one or more PVs LV (logical volume) a volume stored on a VG thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start | |||
| gap | |||
| LVM | |||
| Storage pool type -- Proxmox | |||
| LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes. Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation. | |||
| gap | |||
| MAPI | |||
| message application programming interface -- | |||
| API for Microsoft Windows which allows programs to become email-aware. | |||
| gap | |||
| Markdown | |||
| .md, .markdown -- | |||
| a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format. | |||
| gap | |||
| mempool | |||
| -- blockchain | |||
| A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked. | |||
| gap | |||
| metadata | |||
| -- | |||
| "data about data" - structured information that describes, explains, locates, or manages information resources. It provides context, such as content, format, creator, and creation date, making data easier to find, use, and manage. Key types include descriptive (title/author), structural (file organization), and administrative (rights/technical details). | |||
| gap | |||
| MIME | |||
| Multipurpose Internet Mail Extension -- | |||
| a standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets. Email messages with MIME formatting are typically transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP). A multipart/mixed MIME message is composed of a mix of different data types. Each body part is delineated by a boundary. The boundary parameter is a text string used to delineate one part of the message body from another. All boundaries start with two hyphens (--). The final boundary also concludes with two hyphens (--). The boundary can be made up of any ASCII character except for a space, a control character, or special characters. When Exchange Server sends MIME messages, the content-type depends on whether there are attachments to the message, and on the formatting of the message text. If there are attachments, the content-type is multipart/mixed. In this case, the message text and each attachment become a separate part of the message content, each with its own content-type. If there are no attachments, the content-type of the message is Text/Plain, and the message body is made up of only one part. | |||
| gap | |||
| MITRE | |||
| -- | |||
| The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others | |||
| gap | |||
| MongoDB | |||
| -- | |||
| gap | |||
| Monolithic architecture | |||
| -- | |||
| In monolithic software, all the code required for an application is kept in one central location. This provides an added simplifying benefit to developers because the system is geared to only accept communications in one format. The system is not taxed with the burden of translating communications from different services. This makes development processes like DevOps easier to execute. Drawbacks: Resistance to new technologies: Because monolithic applications are typically tightly coupled, it can be difficult to integrate new technologies into them. In fact, what usually happens is that the monolithic application must be retooled completely to accept the new addition. Reduced scalability: Scalability is the greatest challenge monolithic architectures face. Even if the amount of scaling needed is relatively minor (like adjusting a single function), you may have to effectively dismantle the system and rebuild it so it reflects the new change. That can prove time-consuming and labor-intensive. | |||
| gap | |||
| monorepo | |||
| aka- Build System -- programming | |||
| is a single repository containing multiple distinct projects, with well-defined relationships. Consider a repository with several projects in it. We definitely have “code colocation”, but if there are no well defined relationships among them, we would not call it a monorepo. "monolithic repository" | |||
| gap | |||
| Mounted | |||
| -- | |||
| In computing, to mount a storage device means to make its file system accessible to the operating system and user through the system's directory structure. It involves connecting the device to a specific directory, called a mount point, where its contents can be accessed as if they were part of the local file system. This process allows the computer to read and interpret the device's data | |||
| gap | |||
| MPLS | |||
| Mutliprotocol Label Switching -- networking | |||
| a data-forwarding technology in large networks that uses labels to route traffic more efficiently than traditional IP routing, enabling features like guaranteed Quality of Service (QoS) and reliable VPNs. | |||
| gap | |||
| msi | |||
| -- files | |||
| a standardized database file specifically designed for software installations using the Windows Installer Service | |||
| gap | |||
| MySQL | |||
| -- | |||
| gap | |||
| Narrator | |||
| Screen Reader -- accessibility | |||
| The built-in screen reader utility included natively with Microsoft Windows operating systems. It reads dialog boxes and window controls aloud, providing basic accessibility out of the box without requiring third-party software installations. | |||
| gap | |||
| netstat | |||
| -- | |||
| a command-line utility used to troubleshoot and monitor network connections, routing tables, and interface statistics on Windows, Linux, and Unix-like operating systems. It provides a real-time snapshot of active TCP/UDP connections, listening ports, and protocol statistics. | |||
| gap | |||
| node.JS | |||
| -- | |||
| allows JavaScript to be used for backend development, including building web servers, APIs (like RESTful and GraphQL), and microservices. node. JS frameworks include express, fastify, adonisJS | |||
| gap | |||
| NoSQL | |||
| -- | |||
| designed to handle unstructured or semi-structured data and can be more flexible than relational databases | |||
| gap | |||
| noVNC | |||
| -- | |||
| free, open-source HTML5 VNC client enabling browser-based access to remote desktops without client software installation | |||
| gap | |||
| npm | |||
| -- | |||
| npm is the worlds largest software registry, a package manager for the JavaScript programming language maintained by npm, Inc., a subsidiary of GitHub. npm is the default package manager for the JavaScript runtime environment Node.js and is included as a recommended feature in the Node.js installer. | |||
| gap | |||
| NTIA | |||
| National Telecommunicaitons and Information Administration -- | |||
| Formed 1978; 47 years ago - a bureau of the United States Department of Commerce that serves as the president's principal adviser on telecommunications policies pertaining to the United States' economic and technological advancement and to regulation of the telecommunications industry. The Office of Policy Analysis and Development (OPAD) is the domestic policy division of the NTIA. The Office of International Affairs (OIA) is responsible for developing and the implementation of policies to strengthen U.S. companies' ability to compete worldwide in both the Information Technology and Communications sectors. The Institute for Telecommunication Sciences (ITS) is the research and engineering laboratory of the NTIA. ITS provides technical support to NTIA by further advancing telecommunications and information infrastructure development, strengthening domestic competition, enhancing U.S. telecommunications trade deals, as well as promoting a more effective use of the radio spectrum. Additionally, ITS serves as a key federal appliance in investigating the current telecommunications’ challenges of other federal agencies, state and local governments, private corporations and associations, and international organizations. The Office of Internet Connectivity and Growth (OICG), formerly known as The Office of Telecommunications and Information Applications or OITA, collaborates public and non-profit entities in productively using telecommunications and information technologies to complete national goals in addition to adequately providing public services. The OICG is also currently administering programs that are helping people switch to digital television, the Broadband Technology Opportunity Program (BTOP), and Public Safety Interoperable Communications (PSIC) Grant Program. The NTIA's Office of Spectrum Management is in charge of regulating use of spectrum allocated to the federal government. It serves in a manner equivalent to the Federal Communications Commission for this purpose. | |||
| gap | |||
| NVDA | |||
| NonVisual Desktop Access -- accessibility | |||
| A free, open-source, portable screen reader for the Microsoft Windows operating system. Developed by NV Access, it allows blind and vision-impaired individuals to navigate computers without requiring a paid software license. | |||
| gap | |||
| Okta | |||
| -- | |||
| provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices. Okta's services are built on the Amazon Web Services cloud | |||
| gap | |||
| openSSL | |||
| -- | |||
| Open Source Toolkit for the TLS (formerly SSL), DTLS and QUIC protocols. | |||
| gap | |||
| OSPF | |||
| -- networking | |||
| Application layer, IP routing protocol utilizing LSR(link-state) algorithim. Operates within a single AS(autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the internet layer for routing packets by their destination IP address. | |||
| gap | |||
| OWASP | |||
| Open WorldWide Application Secuirty Project -- | |||
| works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences. | |||
| gap | |||
| package manager | |||
| -- | |||
| Windows- WinGet(command line), NuGet(.nupack,.nupkg | MacOS- Homebrew |Linux- APT,DNF,Pacman | |||
| gap | |||
| PAM | |||
| Pluggable Authentication Module -- Proxmox | |||
| PAM is how you authenticate with modern linux distro's there are modules for pam such like radius and google authenticator. | |||
| gap | |||
| Paradigm | |||
| -- programming | |||
| A programming paradigm is a relatively high-level way to conceptualize and structure the implementation of a computer program. A programming language can be classified as supporting one or more paradigms. Paradigms are separated along and described by different dimensions of programming. Some paradigms are about implications of the execution model, such as allowing side effects, or whether the sequence of operations is defined by the execution model. Other paradigms are about the way code is organized, such as grouping into units that include both state and behavior. Yet others are about syntax and grammar. | |||
| gap | |||
| PEAR | |||
| PHP Extension and Application Repository -- | |||
| a framework and distribution system for reusable PHP components, functioning as a package manager for PHP code written in PHP. | |||
| gap | |||
| Penguin Solutions | |||
| -- | |||
| designs, builds, deploys, and manages large, complex Al and high-performance computing (HPC) infrastructures at scale. | |||
| gap | |||
| PGP | |||
| pretty good privacy -- Security | |||
| uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address | |||
| gap | |||
| PIP | |||
| -- python | |||
| standard package manager for python | |||
| gap | |||
| Pixie Dust exploit | |||
| -- | |||
| The Pixie Dust exploit is not an isolated case but a symptom of systemic issues in firmware supply chains, from weak cryptography and poor entropy generation to opaque vendor patch practices The Pixie Dust exploit targets weaknesses in the Wi-Fi Protected Setup (WPS) protocol, exploiting poor entropy in key generation. An exploiter only needs to capture a single exchange while in wireless range. The brute force of the WPS PIN occurs offline and can be completed in 1–2 seconds. This bypasses password complexity entirely, making it a highly efficient exploit vector. | |||
| gap | |||
| Point of regard | |||
| POR -- design | |||
| In eye tracking and user interface design, the point of regard refers to the specific point in physical space or on a digital interface where a user's gaze is actively focused. It identifies exactly what a person is looking at at any given millisecond. | |||
| gap | |||
| POST | |||
| php method -- programming | |||
| The POST method is one of the fundamental HTTP request methods used in web communication. It is primarily designed for sending data to a server to create or update a resource. The core purpose of the POST method is to transmit data from a client (e.g., a web browser) to a server. This data is enclosed within the body of the HTTP request, rather than in the URL. | |||
| gap | |||
| Post-quantum cryptography | |||
| -- | |||
| Cryptography currently thought to be secure against possible attack by a quantum computer. If a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor's algorithm could be used to break public-key cryptography schemes, such as The RSA scheme The finite-field Diffie–Hellman key exchange The elliptic-curve Diffie–Hellman key exchange | |||
| gap | |||
| PostgreSQL | |||
| -- | |||
| gap | |||
| PowerBI | |||
| -- | |||
| data visualization software product developed by Microsoft with a primary focus on business intelligence (BI). Data may be input by reading directly from a database, webpage, PDF, or structured files such as spreadsheets, CSV, XML, JSON,[8] XLSX, and SharePoint | |||
| gap | |||
| PRL | |||
| protocol-relative URL -- | |||
| A protocol-relative URL (PRURL) is the method for linking to a website that offers both HTTP and HTTPS, while HTTPS links should be used for HTTPS-only websites and HTTP links should be used for sites that don't support HTTPS at all. Used Because of performance. Establishing of HTTPS connection takes much longer time than HTTP, TLS handshake adds latency delay up to 2 RTTs. You can notice it on mobile networks. So it is better not to use HTTPS asset URLs, if you don't need it. | |||
| gap | |||
| promise theory | |||
| -- architecture | |||
| A model of horizontal management in engineering and social systems proposed by Mark Burgess. Unlike traditional imperative control architectures where a central authority issues commands, promise theory relies on autonomous components (agents) publishing 'promises' about their own behavior, increasing stability and scalability in complex systems like configuration management tools. | |||
| gap | |||
| Protocol Buffers | |||
| (Protobuf) -- | |||
| a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data. Google developed Protocol Buffers for internal use and provided a code generator for multiple languages under an open-source license. The design goals for Protocol Buffers emphasized simplicity and performance. In particular, it was designed to be smaller and faster than XML. Protocol Buffers is widely used at Google for storing and interchanging all kinds of structured information. The method serves as a basis for a custom remote procedure call (RPC) system that is used for nearly all inter-machine communication at Google. Protocol Buffers is similar to the Apache Thrift, Amazon Ion, and Microsoft Bond protocols, offering a concrete RPC protocol stack to use for defined services called gRPC. See also: BSR | |||
| gap | |||
| Proxmox | |||
| -- Linux | |||
| is an open-source virtualization platform, allowing deployment and managment of vm’s and containers | |||
| gap | |||
| pyPI | |||
| -- | |||
| A repository for python. Package authors use it to distribute their code. Approx 1mil users and 15mil files | |||
| gap | |||
| pytype | |||
| python -- | |||
| A static type analyzer for Python code | |||
| gap | |||
| QEMU | |||
| Quick Emulator -- infrastructure | |||
| QEMU (Quick Emulator) is a free, open-source hypervisor and machine emulator that runs operating systems and applications designed for one hardware architecture (e.g., ARM) on another (e.g., x86). It achieves high-performance virtualization by using KVM (Kernel-based Virtual Machine) on Linux or other accelerators, enabling near-native speed for virtual machines. | |||
| gap | |||
| Quantum computing | |||
| -- | |||
| Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields). Researchers have claimed, and are widely believed to be correct, that certain quantum devices can outperform classical computers on narrowly defined tasks, a milestone referred to as quantum advantage or quantum supremacy. These tasks are not necessarily useful for real-world applications. | |||
| gap | |||
| QUIC | |||
| transport layer -- IP Suite | |||
| QUIC improves performance of connection-oriented web applications that previously relied on Transmission Control Protocol (TCP). [2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and it is designed to obsolete TCP at the transport layer for many applications. Although its name was initially proposed as an acronym for Quick UDP Internet Connections, in IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol. | |||
| gap | |||
| Rancher | |||
| -- infrastructure | |||
| An enterprise-grade, open-source Kubernetes management platform that simplifies the operation of multiple clusters across any infrastructure. It provides centralized administrative control, user authentication, security policies, and application catalogs for bare-metal, cloud, or hybrid container environments. | |||
| gap | |||
| Raster vs Vector | |||
| -- files | |||
| Vector images are built from mathematical paths, allowing them to be scaled infinitely without losing quality, making them ideal for logos and print designs, while raster images are made of pixels (like digital photos) and become pixelated when scaled up. Key differences include scalability, resolution dependency, file size, detail capabilities, and common file formats | |||
| gap | |||
| React | |||
| front-end frameworks -- programming | |||
| A JavaScript library for building user interfaces, maintained by Facebook. It allows developers to create reusable UI components. | |||
| gap | |||
| recursion | |||
| -- | |||
| repeated application of a procedure or definition, Ex: nested folder structure | |||
| gap | |||
| REDCap | |||
| -- | |||
| A secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data in any environment (including compliance with 21 CFR Part 11, FISMA, HIPAA, and GDPR), it is specifically geared to support online and offline data capture for research studies and operations. | |||
| gap | |||
| Reflective Code Loading | |||
| -- | |||
| eflectively loaded payloads may be compiled binaries, anonymous files (only present in RAM), or just snubs of fileless executable code (ex: position-independent shellcode).[1][2][3][4][5] For example, the Assembly.Load() method executed by PowerShell may be abused to load raw code into the running process. | |||
| gap | |||
| regex | |||
| regular expressions -- programming | |||
| Parses text to identify patterns. Very often you'll have formatted data in some manner. Things with predictable names. Coordinates like "(382.4, 9191)" or identifiers with meaningful parts like "us-server-382". You may want an application that can strip out the individual parts and validate that the input was what we expected. Doing this without regular expressions is certainly possible, but it takes more code. Then again, regex is tricky to get right. For example, I probably got mine at least somewhat wrong. That's the reason for this famous Jamie Zawinski quote: "Some people, when confronted with a problem, think 'I know, I'll use regular expressions.' Now they have two problems." | |||
| gap | |||
| robots.txt | |||
| -- | |||
| the filename used for implementing the Robots Exclusion Protocol, a standard used by websites to indicate to visiting web crawlers and other web robots which portions of the website they are allowed to visit | |||
| gap | |||
| Run-only | |||
| -- programming | |||
| Normally, when you open a script in Script Editor, it ignores the compiled version and just opens the source. When you save, it compiles the source and saves both versions. "Run-only" means that you are only saving the compiled version, so there's no human-readable version anymore. | |||
| gap | |||
| runtime | |||
| -- | |||
| a runtime system or just runtime is a sub-system that exists in the computer where a program is created, as well as in the computers where the program is intended to be run. The name comes from the compile time and runtime division from compiled languages, which similarly distinguishes the computer processes involved in the creation of a program (compilation) and its execution in the target machine (the runtime).[1] A runtime environment (RTE) is the context in which a runtime operates. | |||
| gap | |||
| S1ngularity incident | |||
| -- | |||
| An attacker compromised an npm publishing token for nx packages via a vulnerable GitHub Action. They abused that access to distribute new, malicious versions of a variety of Nx packages. The end result was thousands of corporate secrets leaked publicly across GitHub, enabling follow on attacks. The malware directly extracted environment variables, as well as GitHub and npm tokens, and published them in public s1ngularity-repository GitHub repositories. The malware also abused locally configured AI CLIs to identify additional files for exfiltration. While GitHub eventually disabled these repositories, there was a sufficient window to retrieve the files. | |||
| gap | |||
| SAASes | |||
| software a service, PLURAL -- | |||
| gap | |||
| Samba | |||
| -- Linux | |||
| free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains. | |||
| gap | |||
| SAML | |||
| security assertion markup language -- | |||
| an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability. In practice, SAML SSO is most commonly used for authentication into cloud-based business software. | |||
| gap | |||
| SAN | |||
| Subject Alternative Name -- networking | |||
| An extension to the X.509 specification for public key certificates that allows an administrator to specify additional hostnames, domain names, or IP addresses protected by a single SSL/TLS certificate. This eliminates the need to issue separate certificates for subdomains or distinct server targets. | |||
| gap | |||
| SBOM | |||
| Software Bill of Materials -- | |||
| a list of all the open source and third-party components present in a codebase. An SBOM also lists the licenses that govern those components, the versions of the components used in the codebase, and their patch status, which allows security teams to quickly identify any associated security or license risks. | |||
| gap | |||
| Scattered Spider | |||
| aka ALPHAV -- security | |||
| Attacked MGM and Ceasar's casinos in 2023. They encrypted approximately 100 ESXi hypervisors within MGM’s network. These servers hosted thousands of virtual machines that supported critical hospitality systems such as gaming machines, online reservation systems, digital room keys and websites. ALPHV also claims to have exfiltrated 6 TB of customer information during this time, upon which they initiated negotiations with MGM to prevent the public release of the stolen data. ALPHV also threatened to disclose the exfiltrated information if an agreement could not be reached. | |||
| gap | |||
| SEO | |||
| search engine optimization -- | |||
| the process of improving the quality and quantity of website traffic to a website or a web page from search engines | |||
| gap | |||
| SEO link request | |||
| -- marketing | |||
| An outreach strategy where a website administrator or SEO specialist contacts other site owners to request a hyperlink back to their platform. This is done to build domain authority, improve backlink profiles, and increase organic search engine rankings, though it is frequently targeted by low-quality automated spam campaigns. | |||
| gap | |||
| serialization | |||
| -- programming | |||
| the process of translating a data structure or object state into a format that can be stored (e.g. files in secondary storage devices, data buffers in primary storage devices) or transmitted (e.g. data streams over computer networks) and reconstructed later (possibly in a different computer environment) -- Uses of serialization include: serializing data for transfer across wires and networks (messaging). storing data (in databases, on hard disk drives). remote procedure calls, e.g., as in SOAP. distributing objects, especially in component-based software engineering such as COM, CORBA, etc. detecting changes in time-varying data. | |||
| gap | |||
| ServiceNow | |||
| -- | |||
| American software company based in Santa Clara, California, that supplies a cloud computing platform for the creation and management of automated business workflows. Designed to support IT service management and help desk functionality with automated workflows. Their fee model was based on a cost per user (seat) per month, with that cost ranging down from US$100 | |||
| gap | |||
| shell script | |||
| -- | |||
| designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be command languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. A script which sets up the environment, runs the program, and does any necessary cleanup or logging, is called a wrapper. | |||
| gap | |||
| SMB | |||
| server mesage block -- | |||
| communication protocol[1] used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. | |||
| gap | |||
| SMIL | |||
| Synchronized Multimedia Integration Language -- accessibility | |||
| Enables accessibility in multimedia by synchronizing captions, audio descriptions, and video, ensuring content is accessible to users with hearing or visual impairments. It allows for text streams to be displayed alongside video (SMIL 1.0/2.0) and supports extended audio descriptions. | |||
| gap | |||
| SNS | |||
| Simple Notification Service -- cloud | |||
| Enables businesses to send messages, notifications, and alerts to users via SMS, email, or mobile push, as well as between applications using a fully managed pub/sub messaging architecture. | |||
| gap | |||
| SPSS | |||
| Statistical Package for the Social Sciences -- | |||
| Application by IBM used for managing, analyzing, and visualizing data to uncover insights in fields like social sciences, healthcare, and business | |||
| gap | |||
| ssh | |||
| secure shell -- security | |||
| 1234 | |||
| gap | |||
| Switched fabric | |||
| -- | |||
| a network topology in which network nodes interconnect via one or more network switches[1] (particularly crossbar switches). It REQUIRES switches, unlike point-to-point or arbitrated loop, the other mehtods of FC. Multiple switches in a fabric usually form a mesh network, with devices being on the "edges" ("leaves") of the mesh. Most Fibre Channel network designs employ two separate fabrics for redundancy. The two fabrics share the edge nodes (devices), but are otherwise unconnected. The fabric topology allows the connection of up to the theoretical maximum of about 16 million devices, limited only by the available address space (2^24). | |||
| gap | |||
| Sys Admin | |||
| -- | |||
| manages IT infrastructure and daily operations, focusing on system uptime, stability, and maintenance. | |||
| gap | |||
| systemd | |||
| -- infrastructure | |||
| A comprehensive system and service manager for Linux operating systems. Run as the first process (PID 1), it acts as the initialization (init) system that bootstraps user space, manages system processes, tracks services via cgroups, and handles logs via journald, replacing older SysV init styles. | |||
| gap | |||
| Talkback | |||
| Screen Reader -- accessibility | |||
| The native Google screen reader service integrated into the Android operating system. It provides spoken feedback, vibration, and audible cues, allowing low-vision and blind users to interact with their mobile devices effectively. | |||
| gap | |||
| TTP | |||
| tactics, techniques, procedures -- | |||
| The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique. | |||
| gap | |||
| Typosquatting | |||
| domains, package mangers -- | |||
| Typosquatting in package managers is a sophisticated form of supply chain attack where cybercriminals create malicious packages with names that closely mimic popular, legitimate packages. The attack relies on a simple premise: developers will occasionally mistype package names when installing dependencies, inadvertently downloading malicious code instead of the intended library. The concept mirrors domain typosquatting, where attackers register misspelled versions of popular websites. However, in the context of package managers like npm (Node.js), PyPI (Python), and RubyGems (Ruby), the stakes are considerably higher. Unlike accidentally visiting a wrong website, installing a malicious package can grant attackers immediate access to your development environment, source code, and potentially your entire infrastructure. Common Typo Patterns: Research shows that certain typing errors are more common than others. Attackers exploit patterns like: - Transposed letters (teh instead of the) - Missing letters (nmap instead of nump) - Additional letters (requet instead of request) - Substituted characters (pupeteer instead of puppeteer) | |||
| gap | |||
| UAAG | |||
| User Agent Accessibility Guidelines -- accessibility | |||
| Guidelines produced by the W3C that explain how to make user agents—such as web browsers, media players, and browser extensions—accessible to people with disabilities, ensuring that these programs interact correctly with assistive technologies like screen readers. | |||
| gap | |||
| UNC threat actor | |||
| -- | |||
| a preliminary classification used by cybersecurity firms like Mandiant for groups of hackers whose activities are being tracked but have not yet been fully identified and attributed. Since cyber attribution is a long, laborious process during which things can quickly evolve on the threat side, several vendors use temporary codenames that allow them to publish their analyses on a given cluster of cyber intrusion without providing full disclosure of who is behind the incident. | |||
| gap | |||
| usr | |||
| Universal System Resources -- infrastructure | |||
| A primary directory syntax (/usr) in UNIX and Linux file systems. While historically standing for 'user', modern systems utilize it as a read-only repository for multi-user system utilities, application binaries, libraries, and documentation, keeping compiled software separate from core root system binaries. | |||
| gap | |||
| UUID | |||
| univerally uniquie idenitifer -- | |||
| A universally unique identifier (UUID) is a 128-bit number designed to be a unique identifier for objects in a computer systems that use the standard but being also unique and large enough as to avoid random collisions with external number comparisons. The term globally unique identifier (GUID) is also used, mostly in Microsoft-designed systems | |||
| gap | |||
| V8 | |||
| JavaScript engine -- | |||
| Google created V8 for its Chrome browser, and both were first released in 2008. The lead developer of V8 was Lars Bak, and it was named after the powerful car engine. For several years, Chrome was faster than other browsers at executing JavaScript | |||
| gap | |||
| vishing | |||
| voice phishing -- | |||
| fraudulent phone calls or voice messages designed to trick victims into providing sensitive information, like login credentials, credit card numbers, or bank details. These details can then be exploited for criminal activities such as fraud, identity theft, or financial theft. Phishing attacks are common and costly: In 2022, phishing was the second most-common cause of data breaches, costing organizations an average of US$4.91 million in breach expenses. In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations. However, these attacks aren't limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details. | |||
| gap | |||
| VLAN | |||
| -- networking | |||
| a local area network broadcast domain that is partitioned and isolated in a virtual network at the data link layer (OSI layer 2). A VLAN behaves like a virtual network switch or network link that can share the same physical structure with other VLANs while staying logically separate from them. | |||
| gap | |||
| VoiceOver | |||
| Screen Reader -- accessibility | |||
| The native, built-in screen reader application integrated into Apple platforms, including macOS, iOS, iPadOS, watchOS, and tvOS. It provides auditory descriptions of elements on the screen and allows users to navigate via keyboard or gesture-based commands. | |||
| gap | |||
| Vue.js | |||
| front-end frameworks -- programming | |||
| A progressive JavaScript framework that is approachable yet powerful, making it easy to integrate with other libraries or existing projects. | |||
| gap | |||
| WAI-ARIA | |||
| Accessible Rich Internet Applications -- accessibility | |||
| A specification written by the W3C that defines a set of additional HTML attributes (roles, states, and properties) that can be applied to elements. These attributes provide critical semantics to assistive technologies like screen readers when standard HTML drops short, particularly in dynamic web apps and complex interface components. | |||
| gap | |||
| Wasm | |||
| WebAssembly -- | |||
| WASM is binary code while JS is more high level text code. WASM directly runs on machine and can be twice as fast compared to JavaScript. WASM is pre-compiled. Was initially designed to permit near-native code execution speed in the web browser, it has been considered valuable outside of such, in more generalized contexts. Browsers can only run JavaScript, historically. Now they can run JavaScript and WASM*. JavaScript is a high level (more abstracted away from the "machine") language. This means browser engines have to go through steps to do anything with it (parse -> compile & optimize based on assumptions -> re-optimize if assumptions were wrong -> execute). WASM is not a language in itself, it's a bytecode format (not human readable), much like java, which is basically much more machine readable much more quickly. Instead of the client receiving javascript code and compiling it and optimizing it before it can be run, WASM is received in the format that it needs to run and in much less space, while also being significantly faster because it's not interpreted. I believe every browser is now shipped with a WASM Virtual Machine which runs this bytecode. | |||
| gap | |||
| WCAG | |||
| Web Content Accessibility Guidelines -- | |||
| standards for making web content, apps, and digital documents accessible to people with disabilities. Developed by the W3C's Web Accessibility Initiative (WAI), these guidelines focus on making content perceivable, operable, understandable, and robust (POUR), ensuring usability for everyone. | |||
| gap | |||
| WCAG | |||
| Web Content Accessibility Guidelines -- accessibility | |||
| A series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C). It defines the global technical standards required to make web content accessible to people with a wide range of disabilities. | |||
| gap | |||
| weakly typed | |||
| -- javascript | |||
| some types are implicitly cast, depending on the context. | |||
| gap | |||
| Web3 | |||
| -- | |||
| a proposed next stage of the internet that uses blockchain technology to create a decentralized, user-owned internet, shifting power from large tech companies to individuals. Key components include blockchains, smart contracts, and decentralized applications (dApps). | |||
| gap | |||
| WebSocket protocol | |||
| -- | |||
| WebSocket is distinct from HTTP used to serve most webpages. Although they are different, RFC 6455 states that WebSocket "is designed to work over HTTP ports 443 and 80 as well as to support HTTP proxies and intermediaries", making the WebSocket protocol compatible with HTTP. To achieve compatibility, the WebSocket handshake uses the HTTP Upgrade header to change from the HTTP protocol to the WebSocket protocol. The WebSocket protocol enables full-duplex interaction between a web browser (or other client application) and a web server with lower overhead than half-duplex alternatives such as HTTP polling, facilitating real-time data transfer from and to the server. This is achieved by providing a standardized way for the server to send content to the client without being first requested by the client, and allowing messages to be exchanged while keeping the connection open. In this way, a two-way ongoing conversation can take place between the client and the server. The communications are usually done over TCP port number 443 (or 80 in the case of unsecured connections), which is beneficial for environments that block non-web Internet connections using a firewall. | |||
| gap | |||
| Wikimedia REST API | |||
| -- | |||
| provides cacheable and straightforward access to Wikimedia content and data, in machine-readable formats. lets you interact with MediaWiki by sending HTTP requests to rest.php URLs | |||
| gap | |||
| wikipediaAPI | |||
| -- | |||
| Python library with methods for extracting texts, sections, links, categories, and translations from Wikipedia. | |||
| gap | |||
| X.509 | |||
| -- Security | |||
| International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are digital documents that represent a user, computer, service, or device. A certificate authority (CA), subordinate CA, or registration authority issues X.509 certificates. The certificates contain the public key of the certificate subject. They don't contain the subject's private key, which must be stored securely. | |||
| gap | |||
| xampp | |||
| -- linux | |||
| Apache distribution containing MariaDB, PHP, and Perl | |||
| gap | |||
| Xcode | |||
| -- programming | |||
| A suite of developer tools for MacOS applications. Supports source code for the programming languages: Swift, C++, Objective-C, Objective-C++, Java, AppleScript, Python, Ruby, ResEdit (Rez), and C. Xcode can build fat binary (universal binary) files containing code for multiple architectures with the Mach-O executable format. These helped ease the transitions from 32-bit PowerPC to 64-bit PowerPC, from PowerPC to Intel x86, from 32-bit to 64-bit Intel, and most recently from Intel x86 to Apple silicon by allowing developers to distribute a single application to users and letting the operating system automatically choose the appropriate architecture at runtime | |||
| gap | |||
| XCSSET | |||
| -- malware | |||
| The XCSSET Malware: Inserts Malicious Code Into Apple Xcode Projects, Performs UXSS Backdoor Planting in Safari,and Leverages Two Zero-day Exploits | |||
| gap | |||
| XLAM | |||
| -- | |||
| A file with the XLAM file extension is an Excel Macro-Enabled Add-In file that's used to add new functions to Excel. Similar to other spreadsheet file formats, XLAM files contain cells that are divided into rows and columns that can contain text, formulas, charts, images, and more. Like Excel's XLSM and XLSX file formats, XLAM files are XML-based and saved with ZIP compression to reduce the overall size. Along with cybercrime groups, APTs like transparent tribe have been found leveraging .xlam file types to target their victims. | |||
| gap | |||
| XOR | |||
| Exclusive OR -- | |||
| a logical operator whose negation is the logical biconditional. With two inputs, XOR is true if and only if the inputs differ (one is true, one is false). With multiple inputs, XOR is true if and only if the number of true inputs is odd. | |||
| gap | |||
| XSLT | |||
| eXtensible Stylesheet Language Transformations -- | |||
| a declarative, XML-based language used to transform XML documents into other formats, such as HTML, plain text, or a different XML structure. It is a core component of the broader Extensible Stylesheet Language (XSL) family of specifications developed by the W3C. | |||
| gap | |||
| XSS | |||
| cross-site scripting -- | |||
| XSS vulnerabilities have been historically more common than any other type of security threat. Describes a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords. | |||
| gap | |||
| Zero Trust | |||
| -- | |||
| A Zero Trust approach should extend throughout the entire organization and serve as an integrated security philosophy and end-to-end strategy. 'trust by exception' vs 'trust by default' - Verify Explicitly, always authenticate and authorise based on all available data points - Use leas privilege access vis JustIInTime and JustEnoughAccess - Assuume breach will occur, minimize segment access, verify end-to-end encryption. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to "never trust, always verify." | |||
| gap | |||
| ZFS | |||
| file system -- | |||
| a file system with volume management capabilities | |||
| gap | |||
| Zookeeper | |||
| -- devops | |||
| ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or another by distributed applications. Each time they are implemented there is a lot of work that goes into fixing the bugs and race conditions that are inevitable. Because of the difficulty of implementing these kinds of services, applications initially usually skimp on them, which make them brittle in the presence of change and difficult to manage. Even when done correctly, different implementations of these services lead to management complexity when the applications are deployed. | |||
| gap | |||
---end data---
--omit the table structure
AIOps Artificial Intelligence for IT Operations -- Helps organizations manage complex IT environments by detecting, diagnosing, and resolving issues more efficiently than traditional methods
AJAX asynchronous Javascript and XML -- web Ajax is not a technology, but rather a programming pattern. HTML and CSS can be used in combination to mark up and style information. The webpage can be modified by JavaScript to dynamically display (and allow the user to interact with) the new information. The built-in XMLHttpRequest object is used to execute Ajax on webpages, allowing websites to load content onto the screen without refreshing the page. Ajax is not a new technology, nor is it a new language. Instead, it is existing technologies used in a new way.
Akira ransomware group -- known to have very comparable links to the old Conti cybercrime organization, hey operate a double-extortion model, first stealing data, then encrypting it, demanding payment to prevent public leaks and restore systems.
AMSI Antimalware Scan Interface -- Microsoft agnostic of antimalware vendor; it's designed to allow for the most common malware scanning and protection techniques provided by today's antimalware products that can be integrated into applications.
The AMSI feature is integrated into these components of Windows 10.
-User Account Control, or UAC (elevation of EXE, COM, MSI, or ActiveX installation)
-PowerShell (scripts, interactive use, and dynamic code evaluation)
-Windows Script Host (wscript.exe and cscript.exe)
-JavaScript and VBScript
-Office VBA macros
Angular front-end frameworks -- programming A TypeScript-based front-end framework developed and maintained by Google. It provides a comprehensive solution for building dynamic single-page applications.
Apache -- web free and open-source cross-platform web server, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation.
Archer Governance Risk and Compliance platform -- (formerly RSA Archer) is a leading, highly customizable integrated risk management (IRM) platform designed to automate and streamline governance, risk, and compliance (GRC) processes. It centralizes data from various, often siloed, business units into a single dashboard, allowing organizations to manage risks, audit, and policies efficiently
asm.js -- asm.js code is valid JavaScript, but it adheres to a very restricted set of features. This strictness allows JavaScript engines to apply aggressive optimizations, often compiling it to highly efficient machine code. While asm.js offered significant performance improvements, it was primarily a text-based format. It paved the way for WebAssembly (Wasm), which is a binary instruction format designed for a similar purpose but offering even greater efficiency and a more compact representation. n essence, asm.js served as a crucial stepping stone in bringing high-performance, compiled code to the web, ultimately leading to the development and widespread adoption of WebAssembly.
ATAG Authoring Tool Accessibility Guidelines -- accessibility A set of global guidelines developed by the W3C that explains how to make the web content authoring tools themselves accessible (so people with disabilities can author content), and how those tools should enable, assist, and encourage web developers to create accessible web content.
Azure -- Microsoft cloud platform. Launched 2010. Services include Computing, Identity, Mobile, Storage, Database, Mesaging(event hubs, queues, topics, relays), CDN -has 118 point-of-presence locations across 100 cities worldwide (also known as Edge locations) as of January 2023 -- At fiscal year-end 2025, Microsoft reported that Azure surpassed US$75 billion in annual revenue and operated over 400 datacenters across 70 regions.
bak .bak file extension -- A .bak file is a generic backup file, used by various programs to store a copy of data before it is changed or overwritten. To open one, you typically need to remove the .bak extension to restore the original file, which can then be opened by the program that created it.
Database Applications like FoxPro and SQL Server use .bak files to back up their databases and other applications, like XML shell, create .bak files in their autosave process. They do not get automatically deleted, so they need to be manually deleted after the process using it is stopped.
BeyondTrust -- An American company that develops, markets, and supports a family of privileged identity management / access management (PIM/PAM), privileged remote access, and vulnerability management products. Founded in 2006, Acquired by Bomgar(old name) another developer of remote support tools. they use the name BeyondTrust.
Binary-to-text encoding -- Encoding of binary data in a sequence of printable characters. These encodings are necessary for transmission of data when the communication channel does not allow binary data (such as email or NNTP) or is not 8-bit clean. PGP documentation (RFC 9580) uses the term "ASCII armor" for binary-to-text encoding when referring to Base64.
BlackCat aka ALHV aka Noberus -- security ransomware family written in Rust. Operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments.
The group targeted hundreds of organizations worldwide, including Reddit in 2023 and Change Healthcare in 2024. Since its first appearance it was one of the most active ransomware operations.
Boot partition -- Boot partitions are needed to hold essential files that load the operating system, especially in complex setups or with modern UEFI systems that require a separate, small partition formatted with FAT32. Historically, separate boot partitions were created for older BIOS systems that had limitations on how much of the hard drive they could access at startup. Today, a separate /boot partition can still be useful for scenarios like encrypting the main root partition or using complex filesystems that the bootloader cannot read directly
BSR Buf Schema Registry -- a centralized SaaS platform for managing, versioning, and sharing Protocol Buffer (Protobuf) schemas. It acts as a package manager for APIs, enabling automatic documentation generation, remote code generation (SDKs), dependency management, and linting to ensure consistent, secure API development
Buffer overflow -- A vulnerability where a program writes data beyond a buffer's allocated memory, overwriting adjacent memory locations. The resulting corrupted memory can cause system crashes, lead to incorrect program behavior, or be exploited by attackers to execute malicious code. This vulnerability is particularly common in low-level programming languages like C and C++, which lack automatic memory and bounds management.
Burst buffer -- In high-performance computing, a fast intermediate storage layer positioned between the front-end computing processes and the back-end storage systems.
Canvas HTML5 Canvas Element -- web development An HTML element used to draw graphics on a web page on the fly via scripting (usually JavaScript). It can be leveraged for rendering graphs, making photo compositions, creating animations, or doing real-time video processing, though it requires explicit accessibility fallbacks since its contents are unreadable by screen readers out of the box.
CHF cryptographic hash function -- Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, (message) digests,[2] or just hash values, even though all these terms stand for more general functions with rather different properties and purposes.
chmod shell command -- linux for changing access permissions and special mode flags of files. The name is short for change mode where mode refers to the permissions and flags collectively.
CI/CD continuous integration/delivery -- devops a set of practices and tools in DevOps that automates the process of building, testing, and deploying software changes.
Cilium -- infrastructure An open-source networking, security, and observability software layer designed for container workloads like Kubernetes. It utilizes an advanced Linux kernel technology called eBPF (Extended Berkeley Packet Filter) to inject high-performance network routing, load balancing, and security policies directly at the kernel level.
circuit breaker -- RPC design When a service fails or slows down, sending it more requests will only make things worse.
A circuit breaker is a smart pattern that prevents this from happening.
If the client notices many failed calls to a service, the circuit breaker “trips” and stops sending requests to that service for a short time. During this period, any new calls fail instantly instead of being sent over the network.
CIS Center for Internet Security -- infrastructure A nonprofit entity that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. It is widely recognized for producing the CIS Controls and CIS Benchmarks—industry-standard, consensus-based best practices for hardening operating systems, cloud networks, and applications.
Cluster DevOps -- A computer cluster is a set of computers that work together so that they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same task, controlled and scheduled by software. The newest manifestation of cluster computing is cloud computing.
Clusters are usually deployed to improve performance and availability over that of a single computer, while typically being much more cost-effective than single computers of comparable speed or availability
Cognex Corporation -- American manufacturer of machine vision systems, software and sensors used in automated manufacturing to inspect and identify parts, detect defects, verify product assembly, and guide assembly robots.
compiled vs interpreted languages -- programming Most compiled languages read a source code file, process it into native machine code (called object code) and then can also sometimes link the object code with system libraries to create machine-dependent native executable program files. C, C++, and many other languages work this way. Interpreted languages do not have directly executable files, but have a language interpreter that loads the source file and executes the statements therein. Python is an example of an interpreted language. JavaScript is a scripting language, and is closer to an interpreted language, but isn''t quite, as it is not designed to be used on its own, but from within another environment equipped with a JavaScript scripting engine, such as a web browser.
Java is a little different yet. It is not interpreted, it is a compiled language. However, it is not compiled to native executable code like C or C++. Instead, it is compiled to a bytecode file that is used by the Java Virtual Machine to convert the bytecode into native executable code. It does this so that the Java program is platform agnostic and can run on any system that supports a JVM without needing modifications. You can compare this with running a game console emulator on your computer. The emulator creates a simulated gaming console that runs files containing compiled images of the games (ROM files) and converts that code to run on its host. The important takeaway is that the JVM is not an interpreter or translator; it creates an emulated environment that is always the same, regardless of its host machine or host operating system, so that it can be seemingly platform independent.
From a programmer''s perspective, there is little difference working with an interpreted language, a compiled language, or a scripting language. The process is the same. You write human-readable code, and it gets executed on a machine. It is only the parts in-between those two that differ. Historically, languages that compile to native code allow the programmer the most flexibility because they can take advantage of every aspect of the machine they are programming. Interpreted languages strip away some of that flexibility in order to have a ""least common denominator"" approach to running the programs, and scripting languages are the most restrictive still, usually removing any ability whatsoever to directly access the host machine or its operating system and/or working with a limited set of features.
Consul -- devops Consul is a service networking solution that enables teams to manage secure network connectivity between services, across on-prem, hybrid cloud, and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, identity-based authorization, L7 traffic management, and secure service-to-service encryption.
Coupling vs Cohesion -- programming Coupling is the degree of interdependence between software modules. Coupling is usually contrasted with cohesion. Low coupling often correlates with high cohesion, and vice versa. Low coupling is often thought to be a sign of a well-structured computer system and a good design, and when combined with high cohesion, supports the general goals of high readability and maintainability.
Cohesion refers to the degree to which the elements inside a module belong together.
Credential stuffing -- a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords (often from a data breach), and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application
CRM Customer Relationship Management -- data A category of software applications, tools, and strategies designed to manage, track, and analyze an organization's interactions with current and potential customers. It centralizes client communication data to streamline sales, marketing, and customer support pipelines.
curl command-line utility -- linux for transferring data to or from a server, employing a range of internet protocols such as HTTP, HTTPS, FTP, SCP, and SFTP, to download files, upload files, make API calls. It's installed by default on the majority of Linux distros.
Curl -- a command-line tool for getting or sending data, including files, using URL syntax. curl provides an interface to the libcurl library; it supports every protocol libcurl supports. curl supports HTTPS, and performs SSL or TLS certificate verification by default.
DarkSide -- Security Hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack of 2021.
They hit the IT managed services provider CompuCom in March 2021, costing over US$20 million in restoration expenses; it also attacked Canadian Discount Car and Truck Rentals and Toshiba Corp.
datacarry -- ransomware attacker 14 documented cases includes Miljodata hack
deadline propagation -- RPC design A single user request often triggers a chain of calls between several services. For example, Service A calls B, and B calls C.
If the original request has a total timeout of 500ms, and Service A already uses 300ms. Then there’s no point in Service C starting a task that takes another 400ms because the client would have already stopped waiting. Deadline propagation fixes this by passing the remaining time limit along with every call. So each service knows the remaining time and can decide whether it can finish its part before the deadline.
devops -- a set of practices, tools, and a cultural philosophy that integrates software development (Dev) and IT operations (Ops) to shorten the development lifecycle and deliver software faster and more reliably -- The DevOps lifecycle is often depicted as an infinity loop, illustrating the continuous nature of software development and operations.
dkim domain keys identified ma -- mail is an email authentication method that uses public-key cryptography to verify the sender's identity and ensure that an email message hasn't been tampered with during transit. It works by creating a digital signature on outgoing emails using a private key, which is then verified by the recipient's server using the corresponding public key stored in the sender's DNS. This cryptographic process confirms that the sender is authorized and prevents spoofing, spam, and phishing attacks.
DLL sideloading -- a cybersecurity attack technique where malicious actors trick a legitimate, often trusted, application into loading a malicious Dynamic Link Library (DLL) file instead of the authorized one
. By placing a forged DLL in a specific location where the application searches for dependencies, the malware executes within the context of the trusted program, often allowing it to bypass antivirus, Endpoint Detection and Response (EDR) solutions, and application whitelisting.
DNS Domain Name System -- a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.
Record types
A - IPv4
AAA- IPv6
CNAME- aliasing
MX - mail server
TXT - text
PTR - reverse lookup, the opposite of an A or AAAA record
SRV - service, host and port
CAA - Which CA's are allowed to issue SSL certs
EFI system partition Extensible Firmware Interface -- The EFI (Extensible Firmware Interface) system partition or ESP is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities.
An ESP contains the boot loaders, boot managers, or kernel images of installed operating systems (which are typically contained in other partitions), device driver files for hardware devices present in a computer and used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs
ELF Executable and Linkable Format -- infrastructure The standard, common binary file format for executables, object code, shared libraries, and core dumps on Linux and other UNIX-like operating systems. It organizes code, data, and debugging instructions in a structured layout that the kernel's program loader can easily interpret and execute.
Endianness -- programming describes how multi-byte data (like integers) is stored in computer memory and transmitted, with the two main types being big-endian, which stores the most significant byte first, and little-endian, which stores the least significant byte first. The choice of endianness is specific to a computer architecture or network protocol and can cause misinterpretation if data is not converted between different endian formats, requiring protocols to specify byte order or use a byte order mark
ESXi -- bare-metal hypervisor developed by VMware (now part of Broadcom) that is installed directly on physical servers
exe executable -- files a general executable file that can perform various actions, including installing software,
Fetch API -- web development A modern, native JavaScript interface provided by web browsers for accessing and manipulating parts of the HTTP pipeline, such as making asynchronous network requests and fetching resources over the web. It serves as a more powerful, flexible, and promise-based replacement for the older XMLHttpRequest object.
Fibre Channel (FC) topologies -- 3 primary types: Point-to-Point, Arbitrated Loop (FC-AL, up to 127 devices), and Fabric for large number of dvices in a high-performance network.
GFW Great Firewall of China -- A combination of legislative actions and technologies enforced by the People''s Republic of China to regulate the Internet domestically. Besides censorship, the Great Firewall has also influenced the development of China''s internal internet economy by giving preference to domestic companies[11] and reducing the effectiveness of products from foreign internet companies.
Git -- a distributed version control software system that is capable of managing versions of source code or data. -- The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model.
Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds.
git-secret -- Encrypts files and stores them inside your git repository, providing a history of changes for every commit.
GlobalSign -- a leading Certificate Authority (CA) and provider of identity and security solutions, operating since 1996. They secure online communications, digital identities, and IoT devices through SSL/TLS certificates, managed PKI services, and digital signing, helping businesses, cloud service providers, and enterprises automate authentication and encryption.
GNU -- Linux is an extensive collection of free software (387 packages as of June 2025),[5] which can be used as an operating system or can be used in parts with other operating systems. Written in various languages (notably C and assembly language)
GRC vs IRM -- GRC (Governance, Risk, and Compliance) is a broad organizational strategy focusing on policy, governance, and regulatory adherence, while Integrated Risk Management (IRM) is a more evolved, holistic approach that prioritizes risk itself, embedding it across all business functions for better, real-time decision-making beyond mere compliance. GRC often operates in silos (e.g., IT, Legal) focusing on checking compliance boxes, whereas IRM breaks down these silos, providing a unified, dynamic view of strategic, operational, and cyber risks for the entire enterprise, making it more proactive and business-oriented
GRUB GRand Unified Boot Loader -- linux
HCI hyper-converged infra. -- systems in HCI both the storage area network and the underlying storage abstractions[clarification needed] are implemented virtually in software (at or via the hypervisor) rather than physically in hardware
Helm The Kubernetes Package Manager -- infrastructure An open-source package manager for Kubernetes that simplifies the deployment and management of applications. It uses a packaging format called 'charts' to define, install, and upgrade even the most complex Kubernetes applications, acting as the equivalent of apt or yum for cluster environments.
high vs low level analysis -- architecture A division in technical evaluation methodologies. High-level analysis focuses on macro-systems, structural data flows, behavioral concepts, and overarching infrastructure topologies. Low-level analysis drills down into exact granular mechanics, compiled machine code execution, packet-level telemetry, and specific syntax performance.
HPC High-Performance Computing -- Combining powerful computer resources, like supercomputers and clusters, to solve complex, computationally intensive problems that a single computer cannot, by leveraging large numbers of processors and high-speed networking to run large-scale simulations, analyze massive datasets, and accelerate tasks such as artificial intelligence, weather forecasting, and drug discovery
HPE Aruba Networking -- Networking a Santa Clara, California-based security and networking subsidiary of Hewlett Packard Enterprise company.
HTML Living Standard -- web Maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors (Apple, Google, Mozilla, and Microsoft).
HTML5 -- web HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium recommendation. The current specification is known as the HTML Living Standard. HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves, and rationalizes the markup available for documents and introduces markup and application programming interfaces (APIs) for complex web applications.[8] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications because it includes features designed with low-powered devices in mind.
httpd http daemon -- web the main software for the Apache HTTP Server
Hypervisor -- Virtualization Can be just software or include firmware or hardware. Type 1 bare metal, serves as the 'hostOS', Type 2 hosted, runs as an application within another OS.
IAM identity and access management -- a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources
Idempotent -- An HTTP method is idempotent if the intended effect on the server of making a single request is the same as the effect of making several identical requests. A client can safely retry a request that uses an idempotent method, for example, in cases where there is doubt as to whether the request reached the server. If multiple identical requests happen to reach the server, as long as the method is idempotent, no harm is done.
iframe -- web The iframe HTML element represents a nested browsing context, embedding another HTML page into the current one.
iptables command line program -- linux the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset.
Jaws Job Access With Speech -- accessibility A robust computer screen reader program for Microsoft Windows that allows blind and visually impaired users to read the screen either with a text-to-speech output or by a refreshable Braille display. Originally created by Ted Henter, it is currently developed by Freedom Scientific.
Jira -- Project managmenet tool from Atlassian
jQuery -- jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript.
JSON JavaScript Object Notation -- Plain text format, used to send, receive, store, data, The syntax is derived from JavaScript object syntax, but JSON is text only.
Code for reading and generating JSON data can be written in any programming language.
Kerberos -- a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business.
KVM kernel-based VM -- Linux (Kernel-based VM) Is a virtualization module in the Linux kernel allowing the kernel to function as a hypervisor.
Laravel -- open-source PHP-based web framework for building web applications
LCAP link aggregation control protocol -- networking industry-standard protocol defined by the IEEE as part of the IEEE 802.3ad standard (now known as 802.1AX. Cisco's own proprietary protocol for link aggregation is called PAgP (Port Aggregation Protocol))
LDAP Lightweight Directory Access Protocol -- networking An open, vendor-neutral, industry-standard application protocol used for configuring, managing, and accessing directory services over an IP network. It is commonly used for centralized authentication and authorization, allowing user accounts to be shared across multiple applications and infrastructure components.
localStorage -- web As part of the web storage API in web browsers, localStorage works similarly to cookies. However, it can store a larger amount of data. The storage available in Google Chrome is 5 MB maximum per domain, while Opera’s localStorage holds 3 MB but can be increased.
Because the internet may not be consistently accessible everywhere, localStorage enables you to take your work offline, just like with Wordle.
You can also store the state of your web page, even though HTTP is stateless. Say you only wanted to use the Solarized Dark theme on the Alligator.io site. Using localStorage, you wouldn’t have to change the theme every time you reopen the browser and visit the site.
LockBit -- ransomware attacker a cybercriminal group proposing ransomware as a service (RaaS). According to a joint statement by various government agencies, LockBit was the world's most prolific ransomware in 2022. Following a law enforcement crackdown on the LockBit ransomware operation, cybercriminals recently announced the release of LockBit 5.0. Trend Micro researchers have analyzed LockBit 5.0, including the Windows, Linux and ESXi variants of the ransomware. The security firm noted that the new variants use randomized 16-character file extensions, are configured to avoid Russian-language systems, and clear event logs after encryption.
LV logical volume -- Proxmox A Proxmox LV is a Logical Volume created by Proxmox Virtual Environment's integration with Logical Volume Management (LVM). It is a storage block that is carved out of a larger storage pool (a Volume Group) and can be used to store data, such as the virtual disks for your virtual machines (VMs)
the terminology works like this:
PV (physical volume) is a block device or parts of it, it's where the data is actually stored
VG (volume group) a grouping of one or more PVs
LV (logical volume) a volume stored on a VG
thin pool - a special set of volumes that can store regular LVs without allocating the full size from the start
LVM Storage pool type -- Proxmox
LVM is a lightweight software layer that sits on top of hard disks and partitions. It can be used to divide available disk space into smaller logical volumes.
Another use case is placing LVM on top of a large iSCSI LUN (Logical Unit Number) or a SAN (Storage Area Network) connected via Fibre Channel. This allows you to easily manage the space on the iSCSI LUN, which would otherwise be impossible because the iSCSI specification does not define a management interface for space allocation.
MAPI message application programming interface -- API for Microsoft Windows which allows programs to become email-aware.
Markdown .md, .markdown -- a lightweight markup language for creating formatted text using a plain-text editor. People use it to create websites, documents, notes, books, presentations, email messages, and technical documentation. When you write in Markdown, the text is stored in a plaintext file that has an .md or .markdown extension. Markdown applications use something called a Markdown processor (also commonly referred to as a "parser" or an "implementation") to take the Markdown-formatted text and output it to HTML format.
mempool -- blockchain A mempool, an in-memory data structure within Ethereum or Bitcoin nodes, holds pending transactions awaiting inclusion in a block. This "waiting area" ensures transactions meet basic requirements and broadcasts them to other nodes. The mempool role is critical for transaction ordering, fee prioritization, and block construction, influencing blockchain operations. Though fundamental to blockchains, the mempool significance is often overlooked.