DevOps Glossary


Application Security

Application security is a catch-all term that encompasses any security measures deployed at the application level of an organization's technology stack.

Attack Vector

An attack vector is a method or pathway used by a hacker to access or penetrate the target system. Attack vectors can be former employees or even hackers.


Business Analytics

Business analytics makes use of mathematics, statistics, predictive modeling, and other investigative tools to discover and interpret patterns in data.

Business Intelligence

Business intelligence (BI) describes the set of processes that business use to analyze operational data and create actionable insights that drive effective business decision-making.



Containers-as-a-service (CaaS) is a category of cloud services where the service provider offers customers the ability to manage and deploy containerized application and clusters.


A Cloud Access Security Broker (CASB) is a software application that mediates user access to cloud-based application. CASB tools can be hosted on-premises or in the cloud.

Cloud Application

A cloud application simply refers to any software application that is deployed in a cloud environment rather than being hosted on a local server or machine.

Cloud Computing

Cloud computing is the delivery of computer system resources, including applications, virtual machines, containers, data storage and processing power over the internet.

Cloud Computing Security

Cloud computing security refers to the technical discipline and processes that IT organizations use to secure their cloud-based infrastructure.

Cloud Management

Cloud management is the process of maintaining oversight and administrative control of cloud computing products and services.


A container is a virtualized environment whose contents are an application and all of the files, libraries, binaries and dependencies needed to execute that application.

Continuous Deployment

Continuous deployment (CD) is a strategy where any new code change is deployed directly into the live production environment where it will be visible to customers.

Continuous Integration

Continuous integration is a software engineering practice where all developers merge their working copies into a shared mainline several times a day.

Cyber Security

Cyber security refers to the set of processes, policies and techniques that work together to secure and organization against digital attacks.



DevOps is a collection of best practices for the software development process to shorten the development life cycle such as continuous integration, delivery and deployment.

Docker Swarm

Docker swarm is a container orchestration tool, meaning that it allows the user to manage multiple containers deployed across multiple host machines.


Endpoint Security

Endpoint security refers to an organization's overall approach to managing the security of network endpoint devices that remotely access the IT infrastructure.


Incident Response

Incident Response is a documented, formalized set of policies and procedures for managing cyber attacks, security breaches and other types of IT or security incidents.

Indicators of Compromise

Indicators of Compromise (IoC) is evidence which suggests that a data breach may have occurred and that further investigation of the incident response plan is necessary.

Information Security

Information security can be defined as the implementation and management of the set of tools and processes whose goal is to preserve security in the business.

Information Security Management

Information security management describes the set of policies and procedural controls that organizations implement to secure their informational assets against threats.

Infrastructure as Code

Infrastructure as Code (IaC) refers to the increasingly common practice of provisioning and managing IT infrastructure using coding.

Infrastructure as a Service

Infrastructure-as-a-Service (IaaS) is a delivery model for cloud services where customers purchase access to managed IT infrastructure from a cloud services provider.

IT Infrastructure

IT infrastructure includes all of the hardware, software, and network resources that are necessary to deliver IT services within the organization.

IT Infrastructure Management

IT infrastructure consists of physical components that support the activities and services that are required by users to support business functions.

IT Operations

IT Operations refers to the set of processes and services that are administered by an IT department within a larger organization or business.


IT operations management (ITOM) refers to the administration of all technology components and application requirements within an organization.


Log Analysis

Log analysis is the process of reviewing, interpreting and understand computer-generated records called logs.


Machine Learning

Machine learning is a programming technique used to automate the construction of analytical models and enable applications to perform specified tasks more efficiently.

Managed Detection and Response

Managed Detection and Response (MDR) is an outsourced security service that helps organizations detect malicious network activity and quickly respond to eliminate the threat.

Managed SIEM

Managed SIEM is an alternative to on-premise deployment, setup and monitoring of a SIEM software solution hosted by a third-party service provider.


Microservices are an important innovation in application development and deployment.



Platform-as-a-service (PaaS) is a model of cloud service delivery where a cloud service provider delivers some hardware and software tools to customers over the internet.


Real-Time Big Data Analytics

Real-time big data analytics is a software feature or tool capable of analyzing large volumes of incoming data at the moment that it is stored or created with the IT infrastructure.

Root Cause Analysis

Root cause analysis (RCA) is a method of problem solving used to investigate known problems and identify their antecedent and underlying causes.



Software-as-a-service (SaaS) is a model of software distribution where customers pay a fee and the application becomes available over the internet.

Security Intelligence

Security Intelligence describes the practice of collecting, standardizing and analyzing data that is generated by networks, applications, and other IT infrastructure in real-time.


SIEM (security information and event management) is an approach in cybersecurity that combines SIM and SEM.

SIEM vs Log Management

SIEM and Log Management are two examples of software tools that allow IT organizations to monitor their security posture using log files, detect and respond to IoCs.


Threat Intelligence

Threat Intelligence refers to the practice of collecting data, information and knowledge that keep an organization informed about potential cyber security threats.