Glossary
A
-
AI, Artificial Intelligence
A broad term that refers to computers being able to carry out “smart” tasks. See ML, machine... -
API Gateway
An application programming interface (API) gateway is a tool for API management. -
API Runtime Security
API Runtime Security provides protection to APIs during their normal running and handling of API... -
API Security
API Security involves the implementation of security best practices for Application Programming... -
API, Application Programming Interface
A software intermediary that allows two applications to talk to each other. Whenever you send an... -
Application Layer, Layer 7
Human-computer interaction layer, where applications can access network services. See OSI model,... -
Application Security
Security that protects applications and application-level APIs from threats such as authentication... -
Attack Vector
Website attack vectors are methods or pathways hackers use to gain illegal access.
D
-
DAST
Dynamic Application Security Testing (DAST) is a program which interacts with a running application... -
Data Link Layer, Layer 2
Defines the format of data on the network. See OSI model, Open Systems Interconnection model. -
Data Security
Data security encompasses every effort a company makes to keep the data it possess free from risk... -
DevOps
A set of practices that combines software development (Dev) and IT operations (Ops). Often... -
DevSecOps
A set of practices that combines Security (Sec) with DevOps. Like DevOps, often organized as a team...
G
-
GraphQL
An open-source data query and manipulation language for APIs, and a runtime for fulfilling queries... -
gRPC
An open source remote procedure call (RPC) system that uses HTTP/2 for transport that provides... -
Guid, Globally Unique Identifier
An implementation of the universally unique ID (see UUID) that is computed by Windows and Windows...
I
M
O
-
OpenAPI
The OpenAPI Specification (OAS), a technical specification that describes REST APIs. -
OSI model, Open Systems Interconnection model
A model that standardizes communication of a computing system to provide interoperability using... -
Out of Band
Something that runs outside the data flow. -
OWASP API Security Top 10
The Open Web Application Security Project creates a top 10 security threats for various categories...
P
-
Physical Layer, Layer 1
Transmits raw bit stream over physical medium. See OSI model, Open Systems Interconnection model. -
PII, Personally Identifiable Information
Any data that can be used to identify a specific individual, such as birthdate, mailing address,... -
Presentation Layer, Layer 6
Ensures that data is in a usable format and is where data encryption occurs. See OSI model, Open...
S
-
SAST
Static Application Security Testing (SAST) is a program which reads and reviews the source code of... -
SCA
Software Composition Analysis (SCA) is a program which reads and reviews the source code of an... -
Session Layer, Layer 5
Maintains connections and is responsible for controlling ports and sessions. See OSI model, Open... -
SOAP, Simple Object Access Protocol
A standard communication protocol system that permits processes using different operating systems... -
SSL, Secure Sockets Layer
Cryptographic protocols designed to provide communications security over a computer network....
T
-
TCP, Transmission Control Protocol
A standard that defines how to establish and maintain a network conversation through which... -
TCP/IP
A set of communications protocols used in the Internet and similar computer networks. It’s... -
TLS, Transport Layer Security
Cryptographic protocols designed to provide communications security over a computer network.... -
Transport Layer, Layer 4
Transports data using transmission protocols, including TCP and UDP. See OSI model, Open Systems...
W
-
Web Application Firewall
A web application firewall (WAF) guards web applications from a range of application-layer attacks... -
WebSocket API
An advanced technology that makes it possible to open a two-way interactive communication session... -
Wildcard SSL Certificate
An SSL certificate that helps server administrators save hundreds or even thousands of dollars on...