Dictionary
Technical terms and definitions to help you understand cybersecurity and technology concepts
Ai-agent
An autonomous AI system that can execute tasks, make decisions, and take actions across multiple systems without constant human intervention. Agents use language models to understand goals and interact with tools, APIs, and data sources to accomplish work.
Api
Application Programming Interface - A set of protocols, routines, and tools that allow different software applications to communicate with each other. APIs define the methods and data formats that applications can use to request and exchange information.
Aslr
Address Space Layout Randomization - A security technique that randomizes the memory addresses used by system and application processes. ASLR makes it harder for attackers to predict target addresses for exploitation.
Buffer-over-read
A memory safety vulnerability where a program reads data beyond the boundaries of an allocated buffer. This can leak sensitive information from adjacent memory, as seen in Heartbleed and Wallbleed vulnerabilities.
Context-graph
A living record of decision traces stitched across entities over time, capturing not just what happened but why it happened. Context graphs make decision lineage queryable, turning exceptions into precedent and enabling AI agents to understand how organizations actually operate beyond formal policies.
Context-window
The maximum amount of text (measured in tokens) that a language model can process in a single interaction. Think of it as the model's working memory - everything in the context window is available for the model to reference when generating a response.
Crm
Customer Relationship Management - Software that manages a company's interactions with customers and prospects. CRMs track sales pipelines, customer communications, deal stages, and revenue data, serving as the system of record for customer information.
Data-exfiltration
The unauthorized transfer of data from a computer or network. Attackers use various techniques to steal sensitive information, including exploiting vulnerabilities, malware, or social engineering to extract data without detection.
Decision-trace
A record of why a specific decision was made, including the context, inputs considered, exceptions granted, approvals obtained, and precedents followed. Decision traces capture the reasoning behind actions, not just the final outcome, and form the building blocks of context graphs.
Deep-packet-inspection
A network analysis technique that examines the full content of data packets as they pass through a checkpoint. DPI can filter, monitor, and block traffic based on packet contents, commonly used for censorship, security, and traffic management.
Dns-poisoning
A cyber attack that corrupts DNS cache data, causing DNS resolvers to return incorrect IP addresses. Attackers inject forged DNS responses to redirect users to malicious websites or block access to legitimate ones.
Domain-driven-design
A software development approach that focuses on modeling software around the business domain and its logic. DDD emphasizes collaboration between technical and domain experts to create a shared understanding and ubiquitous language.
Encryption
The process of converting readable data into coded form to prevent unauthorized access. Modern encryption uses mathematical algorithms to scramble data so that only those with the correct key can decrypt and read it.
Firewall
A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Firewalls act as a barrier between trusted internal networks and untrusted external networks.
Git-bisect
A Git command that uses binary search to help find the commit that introduced a bug. It automatically checks out commits between a known good and bad state, allowing developers to test and identify the problematic change efficiently.
Git-worktree
A Git feature that allows you to check out multiple branches simultaneously by creating additional working directories. Each worktree maintains its own working directory and index, enabling parallel development without constant branch switching.
Infrastructure-as-code
The practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than manual hardware configuration. IaC enables version control, automation, and reproducible deployments of infrastructure.
Jwt
JSON Web Token - A compact, URL-safe token format used to securely transmit information between parties as a JSON object. JWTs are digitally signed and can be verified and trusted, commonly used for authentication and authorization.
Knowledge-graph
A structured representation of knowledge using entities and their relationships, typically stored as a graph database. Knowledge graphs help AI systems understand connections between concepts, but they require predefined schemas unlike context graphs which emerge from agent execution traces.
Language-server-protocol
A protocol that defines the communication between development tools and language servers. LSP provides features like autocompletion, error highlighting, and go-to-definition across different editors and programming languages.
Linear-history
A Git repository history structure where commits form a straight line without merge commits or branching complexity. Linear history is easier to read, debug, and reason about, making it preferred for many development workflows.
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. This includes viruses, worms, trojans, ransomware, spyware, and other harmful programs.
Microservices
An architectural pattern where applications are built as a collection of small, independent services that communicate over well-defined APIs. Each microservice can be developed, deployed, and scaled independently.
Model-context-protocol
A standardized protocol that enables AI models to securely connect to external data sources and tools. MCP allows models to access real-time information, databases, and services while maintaining security and user control.
Monorepo
A software development strategy where code for multiple projects or components is stored in a single repository. Monorepos enable shared tooling, easier refactoring across projects, and simplified dependency management.
Oauth
Open Authorization - An open standard authorization framework that enables applications to obtain limited access to user accounts on an HTTP service without exposing user passwords. OAuth 2.0 is the current industry standard.
Openapi
A specification for describing REST APIs that allows both humans and computers to understand service capabilities without accessing source code. OpenAPI enables automatic documentation generation, client SDK creation, and API testing tools.
Osint
Open Source Intelligence - The collection and analysis of publicly available information from sources like websites, social media, public records, and news. OSINT is used in security research, investigations, and threat intelligence.
Phishing
A cyber attack method where attackers impersonate legitimate organizations to trick individuals into revealing sensitive information such as passwords, credit card numbers, or personal data through fake emails, websites, or messages.
Rag
Retrieval-Augmented Generation - A technique that enhances language models by retrieving relevant information from external sources before generating a response. RAG combines the knowledge stored in the model with fresh, specific data from databases or documents.
Rate-limiting
A technique used to control the amount of incoming and outgoing traffic to or from a network or service. It prevents abuse by limiting the number of requests a user can make within a specific time period, protecting against denial-of-service attacks.
Saml
Security Assertion Markup Language - An XML-based standard for exchanging authentication and authorization data between identity providers and service providers. SAML enables single sign-on (SSO) across multiple applications.
Scim
System for Cross-domain Identity Management - A standard for automating the exchange of user identity information between identity domains. SCIM simplifies user provisioning and management across different systems and applications.
Side-channel
An attack that exploits information gained from the physical implementation of a system rather than weaknesses in the algorithm itself. Side channels include timing information, power consumption, electromagnetic leaks, or even sound.
Sql-injection
A code injection attack where malicious SQL statements are inserted into application entry points to manipulate database queries. This can lead to unauthorized access to sensitive data, data corruption, or complete database compromise.
Squash-merge
A Git merge strategy that combines all commits from a feature branch into a single commit before merging to the target branch. This creates a cleaner, linear history while preserving the logical grouping of changes.
Systems-of-record
Enterprise software applications that serve as the authoritative source of truth for specific business data. Examples include CRMs for customer data, ERPs for financial data, and HRIS for employee information. These systems capture what happened but often miss why decisions were made.
Test-driven-development
A software development methodology where tests are written before the code that implements the functionality. The TDD cycle follows Red-Green-Refactor: write a failing test, make it pass with minimal code, then refactor for quality.
Two-factor-authentication
A security method that requires users to provide two different authentication factors to verify their identity. Typically combines something you know (password) with something you have (phone, hardware token) or something you are (biometric).
Vpn
Virtual Private Network - A secure connection method that creates an encrypted tunnel between your device and a remote server, hiding your internet activity and location while providing access to resources as if you were on a private network.