Glossary

A tree representation of the source code of a computer program.

Agile software development refers to the methodology of delivering incremental improvements continuously to adapt to market demand.

Alpha testing is the process where developers and QA teams within the organization test the app to identify bugs and missing features.

An API is a well-defined interface through which two software applications can communicate with each other and abstract the inner workings.

Asynchronous programming is a programming model where operations take place in a non-sequential fashion.

Backtracking is a method solving constraint-based problems incrementally while abandoning paths that verifiably fail to satisfy constraints.

Behavior-driven development (BDD) is a methodology to bridge the gap between the business needs of the software and its real features.

Beta testing is the second level of testing in which users outside the organization test the application and report bugs or request features before releasing it to a broad audience.

The process of testing a software without knowing the internal structure of code or program.

Refactoring is the process of editing code to reduce or eliminate technical debt, generally undertaken to reduce code smells.

A code smell is an occurrence of poor patterns that indicate more profound issues with the system design and necessitate refactoring.

A command-line interface, often abbreviated as CLI, is a computer interface where the primary form of input and output is text.

Container security encompasses the tools, policies, and practices for protecting containerized applications and infrastructure throughout the entire container lifecycle.

A software development practice of ensuring that latest changes to software are deployable at any time.

A development practice in which changes to code are integrated in a shared repository frequently, multiples times a day preferably.

Software engineering practice in which isolated code changes are immediately analyzed to detect defects before they are added to the code base.

Cross browser testing is the process of testing a web app frontend on different browsers and versions to ensure it works as intended.

Cyclomatic complexity is the maximum number of linearly independent paths through which control may flow in a program.

Data abstraction is a principle of data modeling theory emphasizing separation between the external interface and internal implementation.

A dependency graph is a directed graph that describes the dependency of an entity in the system on the other entities of the same system.

Dependency hell refers to the challenges and complications that arise when dealing with multiple software dependencies and their conflicting version requirements.

Domain name system (DNS) maps a human-friendly domain name to the corresponding IP address and stores other domain-related info.

The process of analyzing a computer software by executing the program in real-time.

Dynamic programming improves recursive algorithms with approaches like memoization (top-down) or tabulation (bottom-up).

Exception handling is the process of dealing with error conditions in a program when they occur to prevent the app from crashing.

A declarative programming style that treats computation as the evaluation of mathematical functions.

Git is a free and open-source, secure, distributed version control system designed to achieve speed and efficiency even in large projects.

An IDE (integrated development environment) is a kind of application that facilitates software developers in writing code.

A method of software development where the product is designed, implemented and tested incrementally until the product is finished.

Infrastructure as Code (IaC) security focuses on identifying and preventing security risks in infrastructure automation scripts and templates.

The process of taking individual units of code and testing it as a group.

A method of software development where a rudimentary version of the entire product is iterated on multiple times to get the final product.

JSON (JavaScript Object Notation) is a standard data interchange format used to transmit and store serialized data as text.

Machine learning (ML) is the study of algorithms and models that learn from large data sets and make predictions or decisions on new data.

Memory safety refers to preventing programming errors that can lead to undefined behavior or security vulnerabilities due to improper memory management.

Object-oriented programming is a programming paradigm built on the concept of objects that contain both data and code to modify the data.

Pair programming is a technique in which two programmers, a driver, and an observer, write code in collaboration on the same workstation.

Performance testing is a form of testing that tests the speed, response time, and resource usage of software under a particular workload.

Procedural programming is a programming paradigm built around the idea that programs are sequences of instructions to be executed.

Pseudocode is a plain language description of a computer program intended to be understood by a human rather than executed by a computer.

Rapid prototyping is the process of iterating prototypes from low to high fidelity in fast feedback loops involving extensive user reviews.

Reachability analysis is a technique that determines if vulnerable code in dependencies is actually accessible through execution paths in an application, helping prioritize and reduce false positives in security scanning.

Reactive programming is a declarative paradigm that is primarily concerned with the propagation of change in data to all its consumers.

The process of re-running functional and non-functional tests to verify the correctness of a software after a change.

SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) are complementary approaches to identifying security vulnerabilities in applications.

Shift Left Security is the practice of integrating security testing and controls earlier in the software development lifecycle to catch and fix issues sooner.

The process of testing to cover major functions of the software but none in depth.

Slow deterioration of software performance over time leading to software becoming buggy and unusable.

Spaghetti code is a pejorative term for unstructured code that is difficult to understand and maintain.

The process of analyzing a computer program to find problems in it without actually executing it.

Structured programming is composing programs as sequences of blocks with a single entry and exit points, making them easier to understand.

Supply chain security focuses on protecting software development and delivery processes from security threats that can occur through third-party dependencies and tools.

Synchronous programming is a programming model where operations take place sequentially.

Taint analysis is an information security process used to trace the flow of user input through a system to see the security implications.

Quantification of the implied cost of additional maintenance work in future caused by making trade-offs now to deliver software faster.

Test coverage is a measure of the degree to which the test suite executes the source code of a program.

Test-driven development is the practice of writing tests before the code, where the test suite acts as the specification of requirements.

The process of breaking down a program into pieces, and subjecting each piece to a series of tests.

Usability testing is a test of whether users can accomplish their target actions by finding and accessing the features in the software.

User acceptance testing, one of the testing steps, checks whether a software application serves the end users' requirements.

Version control systems are software used to manage changes to a codebase over time to recall specific versions later.

Vulnerability Management is the systematic, ongoing process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems, software, and infrastructure to reduce organizational risk.

Waterfall development refers to the methodology of delivering large-scale improvements after more extended development periods.

A web framework is a software library that enables developers to write software that runs on the web.

The process of testing a software based on an analysis of the internal structure of the component or system.

XML (Extensible Markup Language) is a markup language for encoding documents and transmitting and storing serialized data.

YAML (YAML Ain't Markup Language) is a human-readable and human-writable data interchange format for storing and transmitting the information.

Zero Trust Security is a cybersecurity paradigm that eliminates implicit trust and requires continuous validation of every stage of digital interaction.