Dictionary
Technical terms and definitions to help you understand cybersecurity and technology concepts
Ai-agent
An autonomous AI system that can execute tasks, make decisions, and take actions across multiple systems without constant human intervention. Agents use language models to understand goals and interact with tools, APIs, and data sources to accomplish work.
Api
Application Programming Interface - A set of protocols, routines, and tools that allow different software applications to communicate with each other. APIs define the methods and data formats that applications can use to request and exchange information.
Aslr
Address Space Layout Randomization - A security technique that randomizes the memory addresses used by system and application processes. ASLR makes it harder for attackers to predict target addresses for exploitation.
Auto-regressive-model
A type of language model that generates text by predicting the next token based on all previous tokens in the sequence. Auto-regressive models like GPT and Claude process input sequentially, using the entire context history to inform each prediction.
Branch-prediction
A CPU optimization that guesses which path a conditional branch will take before the branch condition is evaluated. Modern processors achieve 95β99% prediction accuracy, allowing them to pre-execute instructions and avoid costly pipeline stalls when the guess is correct.
Buffer-over-read
A memory safety vulnerability where a program reads data beyond the boundaries of an allocated buffer. This can leak sensitive information from adjacent memory, as seen in Heartbleed and Wallbleed vulnerabilities.
Context-graph
A living record of decision traces stitched across entities over time, capturing not just what happened but why it happened. Context graphs make decision lineage queryable, turning exceptions into precedent and enabling AI agents to understand how organizations actually operate beyond formal policies.
Context-window
The maximum amount of text (measured in tokens) that a language model can process in a single interaction. Think of it as the model's working memory - everything in the context window is available for the model to reference when generating a response.
Crm
Customer Relationship Management - Software that manages a company's interactions with customers and prospects. CRMs track sales pipelines, customer communications, deal stages, and revenue data, serving as the system of record for customer information.
Data-exfiltration
The unauthorized transfer of data from a computer or network. Attackers use various techniques to steal sensitive information, including exploiting vulnerabilities, malware, or social engineering to extract data without detection.
Decision-trace
A record of why a specific decision was made, including the context, inputs considered, exceptions granted, approvals obtained, and precedents followed. Decision traces capture the reasoning behind actions, not just the final outcome, and form the building blocks of context graphs.
Deep-packet-inspection
A network analysis technique that examines the full content of data packets as they pass through a checkpoint. DPI can filter, monitor, and block traffic based on packet contents, commonly used for censorship, security, and traffic management.
Dns-poisoning
A cyber attack that corrupts DNS cache data, causing DNS resolvers to return incorrect IP addresses. Attackers inject forged DNS responses to redirect users to malicious websites or block access to legitimate ones.
Domain-driven-design
A software development approach that focuses on modeling software around the business domain and its logic. DDD emphasizes collaboration between technical and domain experts to create a shared understanding and ubiquitous language.
Drum-memory
A type of computer storage used in 1950sβ60s machines where data was recorded on a rotating magnetic cylinder. Programs ran by reading instructions off the drum as it spun, making the physical placement of code critical to performance β a well-placed program could run 50x faster than a naively arranged one.
Encryption
The process of converting readable data into coded form to prevent unauthorized access. Modern encryption uses mathematical algorithms to scramble data so that only those with the correct key can decrypt and read it.
Firewall
A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Firewalls act as a barrier between trusted internal networks and untrusted external networks.
Git-bisect
A Git command that uses binary search to help find the commit that introduced a bug. It automatically checks out commits between a known good and bad state, allowing developers to test and identify the problematic change efficiently.
Git-worktree
A Git feature that allows you to check out multiple branches simultaneously by creating additional working directories. Each worktree maintains its own working directory and index, enabling parallel development without constant branch switching.
Infrastructure-as-code
The practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than manual hardware configuration. IaC enables version control, automation, and reproducible deployments of infrastructure.
Instruction-word
A fixed-width binary value that encodes a single CPU operation. An instruction word packs the operation type (opcode), the memory address to act on, and modifier bits into one integer the processor decodes and executes. On early computers, instruction words and data words were the same size and lived in the same memory, making it possible to treat code as data.
Jwt
JSON Web Token - A compact, URL-safe token format used to securely transmit information between parties as a JSON object. JWTs are digitally signed and can be verified and trusted, commonly used for authentication and authorization.
Knowledge-graph
A structured representation of knowledge using entities and their relationships, typically stored as a graph database. Knowledge graphs help AI systems understand connections between concepts, but they require predefined schemas unlike context graphs which emerge from agent execution traces.
Kv-cache
Key-Value cache Β· A memory optimization technique in transformer models that stores previously computed attention key and value matrices. KV cache enables faster inference by avoiding redundant computations, but becomes a memory bandwidth bottleneck as context windows grow.
Language-server-protocol
A protocol that defines the communication between development tools and language servers. LSP provides features like autocompletion, error highlighting, and go-to-definition across different editors and programming languages.
Linear-history
A Git repository history structure where commits form a straight line without merge commits or branching complexity. Linear history is easier to read, debug, and reason about, making it preferred for many development workflows.
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. This includes viruses, worms, trojans, ransomware, spyware, and other harmful programs.
Mcp
Model Context Protocol Β· An open standard by Anthropic that enables AI applications to securely connect to external data sources and tools. MCP provides a standardized way for AI models to access databases, APIs, and local resources through server implementations.
Microservices
An architectural pattern where applications are built as a collection of small, independent services that communicate over well-defined APIs. Each microservice can be developed, deployed, and scaled independently.
Model-context-protocol
A standardized protocol that enables AI models to securely connect to external data sources and tools. MCP allows models to access real-time information, databases, and services while maintaining security and user control.
Monorepo
A software development strategy where code for multiple projects or components is stored in a single repository. Monorepos enable shared tooling, easier refactoring across projects, and simplified dependency management.
Oauth
Open Authorization - An open standard authorization framework that enables applications to obtain limited access to user accounts on an HTTP service without exposing user passwords. OAuth 2.0 is the current industry standard.
Opcode
The part of an instruction word that tells the processor which operation to perform β add, load, jump, compare, and so on. Opcodes are decoded by the CPU's control unit before the instruction executes. On early fixed-width instruction machines, arithmetic overflow could in principle corrupt the opcode field and change what an instruction meant.
Openapi
A specification for describing REST APIs that allows both humans and computers to understand service capabilities without accessing source code. OpenAPI enables automatic documentation generation, client SDK creation, and API testing tools.
Osint
Open Source Intelligence - The collection and analysis of publicly available information from sources like websites, social media, public records, and news. OSINT is used in security research, investigations, and threat intelligence.
Phishing
A cyber attack method where attackers impersonate legitimate organizations to trick individuals into revealing sensitive information such as passwords, credit card numbers, or personal data through fake emails, websites, or messages.
Rag
Retrieval-Augmented Generation - A technique that enhances language models by retrieving relevant information from external sources before generating a response. RAG combines the knowledge stored in the model with fresh, specific data from databases or documents.
Rate-limiting
A technique used to control the amount of incoming and outgoing traffic to or from a network or service. It prevents abuse by limiting the number of requests a user can make within a specific time period, protecting against denial-of-service attacks.
React-loop
The canonical Thought β Action β Observation loop used by tool-using LLM agents, formalized in the ReAct paper (ICLR 2023). Each reasoning step produces a tool call, which produces an observation that feeds the next reasoning step β creating a strictly sequential dependency chain that is the primary latency bottleneck in multi-step agents.
Saml
Security Assertion Markup Language - An XML-based standard for exchanging authentication and authorization data between identity providers and service providers. SAML enables single sign-on (SSO) across multiple applications.
Scim
System for Cross-domain Identity Management - A standard for automating the exchange of user identity information between identity domains. SCIM simplifies user provisioning and management across different systems and applications.
Self-modifying-code
Programs that alter their own instructions while running. Standard practice on early computers where loops were implemented by writing a new address directly into an instruction word β there was no other way to iterate over memory. On modern hardware, self-modifying code is rare and generally discouraged.
Side-channel
An attack that exploits information gained from the physical implementation of a system rather than weaknesses in the algorithm itself. Side channels include timing information, power consumption, electromagnetic leaks, or even sound.
Speculative-execution
A technique where a processor or system pre-executes future operations before knowing they are needed, then discards results if the prediction was wrong. Speculative execution trades occasional wasted work for reduced average latency, and is the foundation of both CPU branch prediction and LLM speculative decoding.
Sql-injection
A code injection attack where malicious SQL statements are inserted into application entry points to manipulate database queries. This can lead to unauthorized access to sensitive data, data corruption, or complete database compromise.
Squash-merge
A Git merge strategy that combines all commits from a feature branch into a single commit before merging to the target branch. This creates a cleaner, linear history while preserving the logical grouping of changes.
Systems-of-record
Enterprise software applications that serve as the authoritative source of truth for specific business data. Examples include CRMs for customer data, ERPs for financial data, and HRIS for employee information. These systems capture what happened but often miss why decisions were made.
Test-driven-development
A software development methodology where tests are written before the code that implements the functionality. The TDD cycle follows Red-Green-Refactor: write a failing test, make it pass with minimal code, then refactor for quality.
Transactional-memory
A CPU mechanism that allows concurrent read operations to proceed optimistically without locking, committing writes atomically only after validating no conflicts occurred. Hardware transactional memory (HTM), as in Intel's TSX extensions, applies this read/write asymmetry at the hardware level β the same asymmetry exploited by speculative agent action frameworks.
Two-factor-authentication
A security method that requires users to provide two different authentication factors to verify their identity. Typically combines something you know (password) with something you have (phone, hardware token) or something you are (biometric).
Vpn
Virtual Private Network - A secure connection method that creates an encrypted tunnel between your device and a remote server, hiding your internet activity and location while providing access to resources as if you were on a private network.