FeedExploreAsk AIAlertsSavedProfile

Categories

AICybersecurityInfrastructureDatabaseTech Updates

Tech news that matters.

Reference

Tech glossary

Plain-English definitions for the terms that show up in Notifire reporting. Updated as the news cycle adds new ones.

190 terms defined

ABCDEFGHIJKLMNOPQRSTUVWXYZ
A

ABAC· also: Attribute-Based Access Control

Authorization decided by evaluating attributes of the user, resource, action, and context (department, sensitivity, time, location) against policy, rather than fixed roles. More expressive than RBAC for fine-grained rules; tools like OPA and Cedar express ABAC policies as code.

RBAC

ACID

The four guarantees a transactional database provides: Atomicity (all-or-nothing), Consistency (valid state transitions), Isolation (concurrent transactions don't interfere), and Durability (committed data survives crashes). The contract that lets applications reason about correctness under concurrency.

Database news

Agent· also: AI Agent, LLM Agent, Autonomous Agent

In the context of AI, an agent is an autonomous system that leverages a large language model (LLM) as a reasoning engine to achieve a specific goal. It can decompose tasks, interact with external tools like APIs and code interpreters, and self-correct its plan to complete complex objectives without direct human intervention for each step.

Agent memory

Mechanisms that let an AI agent persist information across turns or sessions beyond the context window — short-term scratchpads, long-term vector stores of past interactions, or structured fact stores. Memory quality is a leading differentiator for production agents in 2026.

Agentic AI

Agentic AI

AI systems that can autonomously plan, reason, and execute multi-step tasks rather than respond to one prompt at a time. The defining capability is tool use — calling APIs, reading files, writing code, and recovering from errors without a human in the loop for each step.

AI news

Agents· also: AI Agents, LLM Agents

In the context of AI, an agent is an autonomous system that uses a core reasoning engine, typically a Large Language Model (LLM), to achieve a specified goal. It perceives its environment, breaks down the goal into a sequence of tasks, and utilizes a set of tools (e.g., APIs, code interpreters, web browsers) to execute those tasks. This allows agents to handle complex, multi-step problems by dynamically planning and acting based on intermediate results.

AI· also: Artificial Intelligence

A discipline of computer science for creating systems that perform tasks by learning patterns from data instead of executing explicitly programmed logic. In contemporary practice, AI is nearly synonymous with machine learning, where models like deep neural networks and transformers are trained on vast datasets to perform classification, prediction, and generation. Engineers integrate these models to build features such as natural language processing, anomaly detection, and recommendation systems.

AI Agent· also: Autonomous Agent

An AI agent is an autonomous software system that perceives an environment, plans a sequence of actions, and uses external tools to achieve a specified goal. It leverages a reasoning model, such as an LLM, to break down complex tasks into executable steps like making API calls or running code, and adapts its plan based on the outcomes. This distinguishes it from simpler models by enabling it to complete multi-step workflows independently.

AI Agents· also: Autonomous Agents

An AI Agent is an autonomous software system that perceives its environment, makes decisions, and takes actions to achieve specific goals. These systems are designed to operate independently, and modern agents often leverage Large Language Models (LLMs) for complex reasoning, planning, and interacting with external tools or APIs.

AI Model· also: Machine Learning Model, ML Model

An AI model is a computational system, typically a mathematical function with learned parameters (weights), that has been trained on data to perform a specific task like classification or generation. It makes predictions or decisions by processing new input data, a process known as inference, without being explicitly programmed with task-specific rules. Examples range from simple linear regression models to complex systems like large language models (LLMs).

AI Models· also: Machine Learning Models, ML Models

An AI model is a file or program containing a mathematical representation, typically with learned parameters (weights), that has been trained on data to perform a specific cognitive task. These tasks include recognizing patterns, making predictions, or generating new content, effectively encoding the "knowledge" gained from the training process. Models are the artifacts produced by the machine learning training process and are used for inference.

Android· also: Android OS

Android is a mobile operating system developed by Google, based on a modified version of the Linux kernel and other open-source software. It is primarily designed for touchscreen devices such as smartphones and tablets, with specialized versions for Android TV, Android Auto, and Wear OS. Native applications are typically developed using Kotlin or Java with the Android SDK and the Jetpack Compose UI toolkit.

Anthropic· also: anthropic

Anthropic is an AI safety and research company that builds large language models (LLMs). It is known for its Claude family of models, which are designed with a focus on safety and helpfulness through techniques like Constitutional AI. The company provides commercial API access to its models, making it a prominent provider of foundational AI systems for developers.

Apache· also: Apache Software Foundation, ASF

The Apache Software Foundation (ASF) is a non-profit corporation that supports and incubates open-source software projects developed by a community of volunteers. The term "Apache" is often used as a shorthand for its most famous project, the Apache HTTP Server, but the foundation oversees hundreds of widely-used projects like Kafka, Spark, and Maven. All projects are governed by a meritocratic process known as "The Apache Way" and released under the permissive Apache License 2.0.

API· also: Application Programming Interface

An API is a contract that defines the rules and specifications for how software components interact, allowing different applications to communicate without needing to know each other's internal implementation. It specifies the types of requests that can be made, how to make them, the data formats to use, and the conventions to follow. This abstraction enables modularity and integration, forming the backbone of microservices architectures and third-party service integrations.

API gateway

A reverse proxy that sits in front of one or more backend services and provides authentication, rate limiting, request routing, response shaping, and observability as a centralised concern. Kong, Apigee, AWS API Gateway, and Envoy-based gateways like Tetrate dominate.

Argo CD· also: GitOps continuous delivery

A Kubernetes-native continuous-delivery tool that syncs cluster state from a Git repository. The repo is the source of truth; Argo CD detects drift and either auto-corrects or alerts. Argo CD + Argo Rollouts is the modern default for progressive Kubernetes deployments.

Infrastructure news

Autoscaling· also: HPA / VPA

Automatically adjusting capacity to match load. The Horizontal Pod Autoscaler adds or removes pod replicas on CPU/memory or custom metrics; the Vertical Pod Autoscaler resizes a pod's requests; Cluster Autoscaler and Karpenter add or remove nodes. KEDA extends this to event-driven scaling.

Kubernetes

AWS· also: Amazon Web Services

Amazon Web Services (AWS) is a comprehensive cloud computing platform offering a vast suite of on-demand services, from infrastructure as a service (IaaS) to platform as a service (PaaS) and managed application services. It provides core building blocks like virtual servers (EC2), object storage (S3), and managed databases (RDS), enabling developers to build and scale applications on a pay-as-you-go basis without managing physical hardware.

Azure· also: Microsoft Azure

Microsoft Azure is a public cloud computing platform offering a comprehensive suite of services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Engineers use its global network of data centers to build, test, deploy, and manage applications, leveraging resources for compute, storage, networking, and AI/ML. It is one of the three dominant hyperscale cloud providers, alongside Amazon Web Services (AWS) and Google Cloud Platform (GCP).

B

Backpressure

A flow-control signal a downstream component sends to slow its producer when overloaded. Without backpressure, a fast producer overruns a slow consumer, causing memory exhaustion or dropped messages. Reactive streams, gRPC, and Kafka all expose first-class backpressure mechanisms.

BGP· also: Border Gateway Protocol

The routing protocol that decides how packets traverse the internet between autonomous systems (ASes). BGP route leaks and hijacks cause real-world outages — Facebook's 2021 global outage was a BGP misconfiguration. RPKI signing is the deployed defense.

Blue-green deployment

Running two identical production environments — blue (live) and green (new) — and switching all traffic to green once it is verified, with instant rollback by switching back. Simpler than canary but doubles infrastructure during the cutover.

Canary deployment
C

Canary deployment

A release strategy where a new version is rolled out to a small percentage of traffic first, then progressively increased if metrics stay healthy. Argo Rollouts, Flagger, and most managed Kubernetes platforms ship native canary support with automated rollback on SLO regression.

CAP theorem

The principle that a distributed data store can guarantee at most two of Consistency, Availability, and Partition tolerance simultaneously. Since network partitions are unavoidable, the real choice under partition is between consistency and availability — the basis for the CP-vs-AP database split.

Eventual consistency

CDC· also: Change Data Capture

Streaming a database's row-level changes (inserts, updates, deletes) to other systems by tailing its write-ahead log, rather than polling. Debezium with Kafka is the standard open-source stack; CDC powers cache invalidation, search indexing, and warehouse syncing in near real time.

Write-ahead log

CDN· also: Content Delivery Network

A distributed network of edge servers that cache content close to users to reduce latency and origin load. Cloudflare, Fastly, AWS CloudFront, and Akamai are the major providers. Modern CDNs also run edge compute (Workers, Lambda@Edge) and bot-filtering layers.

Chain-of-thought· also: CoT

Prompting or training a model to produce intermediate reasoning steps before its final answer, which improves accuracy on math, logic, and multi-step tasks. 2026 reasoning models bake extended CoT into a dedicated thinking phase whose length scales with problem difficulty.

AI news

Chaos engineering

Deliberately injecting failures — killing instances, adding latency, partitioning networks — into production-like systems to verify they degrade gracefully and to find weaknesses before real outages do. Popularised by Netflix's Chaos Monkey; modern tooling includes Gremlin and LitmusChaos.

Infrastructure news

CI/CD· also: Continuous Integration / Continuous Delivery

CI/CD is a method of frequently delivering software by automating the development lifecycle. The process is implemented as a "pipeline" that automatically builds, tests, and deploys code changes from a version control repository upon commit. This practice allows development teams to catch defects early, reduce manual release overhead, and increase the velocity of deployments.

CIO· also: Chief Information Officer

The Chief Information Officer is the C-suite executive responsible for an organization's information technology (IT) strategy and implementation. This role oversees IT infrastructure, data governance, and security, and sets the high-level technical direction and budget that directly impacts software engineering teams and their choice of tools and platforms.

Circuit breaker

A resilience pattern that stops sending requests to a failing dependency after errors cross a threshold, returning fast failures instead of piling up timeouts, then periodically probing to see if it has recovered. It prevents one slow service from cascading into a system-wide outage.

Backpressure

cisa· also: Cybersecurity and Infrastructure Security Agency

CISA is a U.S. federal agency that provides cybersecurity guidance and threat intelligence to protect critical infrastructure. The agency maintains the Known Exploited Vulnerabilities (KEV) catalog, a definitive list of vulnerabilities observed to be actively exploited in the wild. This catalog serves as a key resource for prioritizing software patching and remediation efforts.

Claude· also: Anthropic Claude

Claude is a family of large language models (LLMs) developed by the AI safety and research company Anthropic. The models are trained using a "Constitutional AI" approach to ensure helpfulness and harmlessness, and are accessible to developers via a commercial API. Claude is known for its strong performance on complex reasoning, coding, and enterprise-focused tasks, positioning it as a primary alternative to other leading foundation models.

ClickHouse

ClickHouse is an open-source, column-oriented database management system (DBMS) designed for online analytical processing (OLAP). It enables real-time analytical queries on petabyte-scale datasets by leveraging features like columnar storage, vectorized query execution, and advanced data compression. Unlike transactional databases, it is optimized for high-throughput read and aggregation operations rather than frequent, small updates.

Cloud· also: Cloud Computing

The Cloud is a model for delivering on-demand computing services—from applications to storage and processing power—over the internet, typically on a pay-as-you-go basis. It abstracts the underlying physical hardware, allowing engineers to programmatically provision and scale resources like virtual machines, containers, and serverless functions managed by a third-party provider. This approach replaces the need for organizations to own and operate their own data center infrastructure.

code generation· also: codegen

Code generation is the automated process of creating source code using a program based on a formal model, such as an API specification or a database schema. It is used to produce boilerplate code like API clients, data transfer objects (DTOs), or object-relational mappers (ORMs), which reduces repetitive manual coding and enforces consistency. This deterministic, model-driven approach is distinct from the probabilistic, context-based code synthesis provided by AI assistants.

Cold start

The latency penalty when a serverless function or container must be initialised from scratch because no warm instance is available — loading the runtime, dependencies, and code. A central trade-off in serverless and edge platforms; mitigated with provisioned concurrency or lightweight runtimes.

Serverless

Columnar storage

Storing table data by column rather than by row, so analytical queries that scan a few columns over many rows read far less data and compress better. The foundation of analytics engines and formats like Parquet, ClickHouse, DuckDB, and most cloud warehouses.

OLTP vs OLAP

Confidential computing

Protecting data while it is in use by running computation inside hardware-encrypted enclaves or trusted execution environments (Intel TDX, AMD SEV-SNP, AWS Nitro) where even the host operator cannot read memory. Used for multi-party data sharing and processing regulated data in the cloud.

Security news

Connection pooling

Reusing a managed set of open database connections across requests instead of opening one per request, since connections are expensive to establish and databases cap them. PgBouncer and built-in pools are standard; serverless apps especially need pooling to avoid exhausting connection limits.

Database news

Container runtime

The low-level software that actually runs containers from images. containerd and CRI-O are the standard high-level runtimes Kubernetes talks to; runc executes the container, with sandboxed alternatives like gVisor and Kata Containers for stronger isolation.

Kubernetes

Context window

The maximum number of tokens an LLM can attend to in a single request — input plus output combined. 2026 frontier models run 200K to 1M+ token windows, but effective recall degrades toward the middle of very long contexts, so retrieval still matters.

AI news

CPU· also: Central Processing Unit

The CPU is the primary component of a computer that executes program instructions by performing arithmetic, logic, and I/O operations. Modern CPUs typically contain multiple cores, each capable of running one or more threads of execution simultaneously, which is a critical factor for application performance and concurrency. A CPU's instruction set architecture (e.g., x86, ARM) defines the machine code it can execute, directly impacting software compatibility and performance characteristics.

CQRS· also: Command Query Responsibility Segregation

An architecture that separates the write model (commands that change state) from the read model (queries), letting each be optimised and scaled independently. Frequently paired with event sourcing, but useful on its own when read and write workloads diverge sharply.

Event sourcing

CSP· also: Content Security Policy

A response header that tells browsers which sources are allowed to load scripts, styles, fonts, and other resources. CSP is the strongest in-browser defence against XSS injection. Strict-dynamic with nonces is the modern recommended configuration.

CVE· also: Common Vulnerabilities and Exposures

A unique identifier assigned to a publicly disclosed security vulnerability, in the form CVE-YYYY-NNNNN. The CVE is administered by MITRE and is the canonical reference used by vendors, scanners, and patch advisories.

Cybersecurity news

CVSS· also: Common Vulnerability Scoring System

A standard 0–10 severity score for vulnerabilities based on exploitability and impact. CVSS v4.0 is current. The base score is widely cited but should be adjusted for your environment — a critical CVE in an unreachable component may not be your top priority.

CVE

cybersecurity· also: Information Security, InfoSec

Cybersecurity is the practice of protecting computer systems, networks, programs, and data from digital attacks, unauthorized access, or damage. It encompasses a wide range of disciplines, including application security (AppSec), cloud security, cryptography, and identity and access management (IAM). For software engineers, this involves implementing secure coding practices, managing vulnerabilities, and designing systems resilient to common threats like injection attacks and data breaches.

D

Data Leak· also: Data Exposure

A data leak is the unintentional exposure of sensitive data to an unauthorized party, often due to internal misconfigurations or human error. Common causes include publicly accessible cloud storage buckets, insecure APIs, or credentials committed to public code repositories. This differs from a data breach, which typically involves a deliberate intrusion by an external attacker to exfiltrate data.

Database· also: DB

A database is an organized collection of structured data, stored electronically and managed by a Database Management System (DBMS). The DBMS provides an interface for creating, reading, updating, and deleting (CRUD) data, typically through a query language like SQL for relational databases or specific APIs for NoSQL types. This structure enables efficient data retrieval, storage, and management for software applications.

DDoS· also: Distributed Denial of Service

An attack that floods a target with traffic from many distributed sources to exhaust resources. Modern DDoS attacks peak at 5+ Tbps. Mitigation is layered: cloud scrubbing (Cloudflare, AWS Shield), rate limiting, anycast routing, and application-level slow-loris guards.

Security news

Developer Tools· also: dev tools

Developer tools are a class of software programs used by engineers to create, debug, maintain, and support other applications and systems. This broad category includes integrated development environments (IDEs), compilers, debuggers, version control systems like Git, and profilers. Modern web browsers also feature a built-in suite of "DevTools" for inspecting and debugging web pages and applications.

development· also: software development, coding, programming

Development is the end-to-end process of creating and maintaining software, encompassing activities from requirements analysis and system design to programming, automated testing, and deployment. This iterative process typically relies on version control systems like Git and is automated via Continuous Integration/Continuous Delivery (CI/CD) pipelines to facilitate rapid, reliable releases.

DevOps· also: Development and Operations

DevOps is a cultural philosophy and set of practices that combines software development (Dev) and IT operations (Ops) to shorten the systems development life cycle and enable continuous delivery. It emphasizes automation, collaboration, and shared ownership to build, test, and release software more rapidly and reliably. Key practices include continuous integration/continuous delivery (CI/CD) pipelines, infrastructure as code (IaC), and extensive monitoring.

Distillation

Training a smaller "student" model to mimic the outputs of a larger "teacher" model, transferring capability at a fraction of the inference cost. Most small fast models shipped in 2026 (Haiku, GPT mini tiers, Gemini Flash) are distilled from their larger siblings.

AI news

Domain· also: Business domain, Problem domain

In software engineering, a domain is the specific subject area or problem space that a software system is designed to address. It encompasses the business logic, rules, entities, and processes that are central to the application's purpose. This concept is a core tenet of Domain-Driven Design (DDD), where a deep understanding of the domain is used to model the software and manage complexity.

E

eBPF· also: Extended Berkeley Packet Filter

A Linux kernel technology that lets sandboxed programs run inside the kernel at runtime, without writing kernel modules. eBPF underpins modern Linux observability (Cilium, Pixie, Datadog Agent), networking (kube-proxy replacement), and runtime security tools.

Infrastructure news

Edge computing

Running application logic at points-of-presence close to users rather than in a central region. Cloudflare Workers, Fastly Compute, AWS Lambda@Edge, and Deno Deploy are the established platforms. The trade-off is sub-50ms latency at the cost of cold starts on first request per region and limited compute envelopes.

Electric Vehicles· also: EV

An Electric Vehicle (EV) is a vehicle propelled by electric motors using energy from a rechargeable battery pack. For software engineers, EVs represent a complex, connected platform characterized by embedded systems like the Battery Management System (BMS), extensive use of APIs for charging and diagnostics, and reliance on Over-the-Air (OTA) updates for core functionality. Their architecture integrates vehicle control, energy management, and data telemetry, making them a key domain in the Internet of Things (IoT).

Elon Musk

An engineer and technology entrepreneur known for leading companies including SpaceX, Tesla, and X (formerly Twitter). His management style emphasizes aggressive engineering timelines, first-principles problem-solving, and deep vertical integration of hardware and software stacks. His direct involvement in product decisions and public technical discourse often sets engineering priorities and influences industry trends, such as the development of reusable rockets and the push for an "everything app".

Embedding

A high-dimensional vector representation of text, image, or audio that captures semantic meaning. Two semantically similar inputs produce vectors close to each other in space. Embeddings power semantic search, RAG retrieval, clustering, and recommendation systems.

Vector database

Encryption at rest

Encrypting data stored on disk (databases, file systems, backups) so it remains unreadable if the storage medium is compromised. Standard in all major cloud providers (KMS-managed keys); the operational question is who controls the keys — customer-managed (CMK), bring-your-own (BYOK), or hold-your-own (HYOK).

enterprise· also: enterprise-grade

In a software context, "enterprise" describes systems designed to meet the complex needs of large organizations, as opposed to individual consumers or small businesses. This designation implies a focus on non-functional requirements such as high scalability, robust security, reliability for mission-critical operations, and extensive integration capabilities. Enterprise solutions are characterized by their ability to support complex workflows, adhere to strict compliance standards, and offer long-term support and maintainability.

Error budget

The amount of unreliability an SLO permits — the gap between 100% and your target, such as 0.1% over 30 days for a 99.9% SLO. Spending it slows feature velocity in favour of reliability work; staying under it frees teams to ship. It turns reliability into a shared, measurable currency.

SLO

Evals· also: Evaluations

Repeatable test suites that measure an LLM system's quality on representative tasks — accuracy, format adherence, safety, regression. Evals are to AI systems what unit tests are to code; without them, prompt and model changes are flying blind. Tools include Braintrust, LangSmith, and OpenAI Evals.

AI news

Event sourcing

Persisting state as an append-only log of immutable events rather than overwriting current values, so the full history is preserved and state is derived by replaying events. It gives a perfect audit trail and time-travel debugging, at the cost of added complexity and eventual-consistency reads.

CQRS

Eventual consistency

A consistency model where replicas may temporarily disagree but converge to the same value if no new writes occur. It trades immediate correctness for availability and low latency, and is the default in distributed stores like DynamoDB and Cassandra. Applications must tolerate stale reads.

CAP theorem

Exploit

A piece of code, a sequence of commands, or a technique that takes advantage of a specific bug or vulnerability in a software or hardware system. An exploit's purpose is to trigger unintended behavior, such as gaining unauthorized access, executing arbitrary code, or elevating privileges to compromise a system's security.

F

Feature flag· also: Feature toggle

Conditional code paths controlled by runtime configuration so features can be rolled out, A/B tested, or killed without redeploying. LaunchDarkly, Flagsmith, and Unleash are the dominant managed platforms; open-source alternatives include GrowthBook and PostHog.

FIDO2 / WebAuthn

The web standards for phishing-resistant multi-factor authentication. Instead of one-time codes (which can be replayed by phishing sites), FIDO2 uses public-key cryptography bound to the origin — a phishing site requesting authentication gets a cryptographic mismatch and fails.

MFA bypass campaign

Fine-tuning

Continuing to train a pretrained model on a smaller domain-specific dataset to specialise its behaviour. Full fine-tuning updates all weights; parameter-efficient methods like LoRA update a tiny fraction. Often unnecessary now that long context plus RAG covers most customisation needs.

LoRA

Fintech· also: Financial Technology

Fintech is a broad industry category for software, infrastructure, and business models that use technology to create, deliver, or enhance financial services. For engineers, this domain encompasses building everything from consumer-facing mobile payment apps and algorithmic trading platforms to backend infrastructure like payment processing APIs and blockchain-based decentralized finance (DeFi) protocols. Key technical challenges often involve security, regulatory compliance, data analysis for risk management, and high-availability systems.

FSD· also: Full Self-Driving

Tesla's branding for its assisted-driving system. Despite the name, FSD is not autonomous in the regulatory sense — it requires driver supervision. Tesla's commercial Robotaxi service in 2026 is the first fully driverless deployment.

Tesla Robotaxi launch

Function calling· also: Tool use

An LLM capability where the model emits a structured request to invoke an external tool (an API, code execution, file operation) instead of free-form text. The application runs the tool and feeds the result back. Function calling is the foundation of agent architectures.

AI news
G

Gateway

A gateway is a network node or server that acts as a single entry point for traffic destined for another network or a group of backend services. It is responsible for routing requests and can also handle tasks like protocol translation, authentication, and load balancing, with API Gateways being a common implementation in microservice architectures.

GitOps

An operational model where a Git repository is the single source of truth for system state, and reconciliation agents (Argo CD, Flux) make the running system match the repo. Pull requests become the unit of operational change, with audit trail and review built in.

GPU· also: Graphics Processing Unit

A specialized processor with thousands of cores designed to handle massively parallel computations. While originally built for rendering graphics, its architecture is now essential for accelerating general-purpose workloads like training machine learning models and running complex scientific simulations. This parallel design allows it to dramatically outperform a CPU on tasks that can be broken down into many simultaneous, independent operations.

GraphQL

A query language for APIs where the client specifies exactly which fields it needs in a single request. Solves the over-fetching and N+1 problems of REST. Apollo and Hasura dominate the production stack; persisted queries and DataLoader are operational essentials.

gRPC

A high-performance RPC framework from Google that uses HTTP/2 for transport and Protocol Buffers for serialization, supporting streaming and code generation across many languages. It is the default for internal service-to-service communication where latency and strong contracts matter more than browser reach.

Protocol Buffers

Guardrails

Programmatic checks wrapped around an LLM that filter or constrain inputs and outputs — blocking unsafe content, enforcing output schemas, redacting PII, or rejecting off-policy requests. Implemented with libraries like NeMo Guardrails and Guardrails AI, or via a smaller classifier model.

Prompt injection
H

Hallucination

When an LLM generates fluent, confident output that is factually wrong or fabricated. It stems from next-token prediction having no built-in truth check. Grounding via RAG, citation requirements, and evals reduce but do not eliminate it.

RAG

Helm

The de facto package manager for Kubernetes. A Helm chart templates a set of manifests with configurable values, so the same application can be installed across environments with different settings. Helm and Kustomize are the two dominant manifest-management approaches.

Kubernetes

HNSW index· also: Hierarchical Navigable Small World

The dominant index structure for approximate nearest-neighbour search in vector databases. It builds a multi-layer navigable graph that finds close vectors in logarithmic time, trading a small recall loss for huge speedups over brute-force scanning. Used by pgvector, Qdrant, Weaviate, and Milvus.

Vector database

HSTS· also: HTTP Strict Transport Security

A response header that tells browsers to only ever connect to a site over HTTPS, even if the user types http:// or follows an http link. Combined with HSTS preload (a Chromium-shipped list), HSTS makes the first-visit downgrade attack impossible.

Hybrid search

Combining lexical search (BM25 keyword matching) with semantic vector search and fusing the rankings, usually via reciprocal rank fusion. It captures both exact-term matches and conceptual similarity, and consistently outperforms either method alone in RAG retrieval.

Reranker
I

IaC· also: Infrastructure as Code

The practice of defining cloud infrastructure in version-controlled declarative files (Terraform, Pulumi, CloudFormation, Bicep) rather than via console clicks. IaC enables review, rollback, environment parity, and reproducibility. Drift detection is the operational challenge.

Idempotency

A property where performing an operation multiple times has the same effect as performing it once. Critical for safe retries in distributed systems — payment and webhook APIs accept an idempotency key so a retried request after a timeout doesn't charge or process twice.

Webhook

Immutable infrastructure

A model where servers are never modified after deployment — to change anything you build a new image and replace the instance, rather than patching in place. It eliminates configuration drift and makes rollbacks trivial. Containers and golden AMIs are the common implementations.

IaC

Inference

Running a trained model to produce outputs, as opposed to training it. Inference cost — measured in tokens, latency, and GPU memory — is the dominant operational expense for most production LLM systems, which is why quantization, batching, and KV caching matter.

Quantization

infrastructure· also: infra

In software engineering, infrastructure refers to the foundational set of hardware and software components required to develop, deploy, and manage applications. This includes physical or virtual servers, networking equipment, storage systems, and the cloud-based services (like IaaS or PaaS) that provide these resources. It forms the platform on which all software services run.

Ingress controller

A component that routes external HTTP/HTTPS traffic into a Kubernetes cluster based on host and path rules, handling TLS termination and load balancing. NGINX Ingress is the historical default; the Gateway API is the standards-track successor gaining adoption in 2026.

Kubernetes
J

Java

Java is a high-level, class-based, object-oriented programming language designed for platform independence. Applications are compiled to bytecode that runs on a Java Virtual Machine (JVM), enabling the "write once, run anywhere" principle. It remains a dominant language for enterprise-scale back-end services, Android development, and large data processing systems.

June· also: June.so

June is a product analytics platform designed for B2B SaaS companies that automatically generates reports from user event data. It typically connects to event-tracking tools like Segment to provide insights into metrics such as user activation, feature adoption, and retention without requiring manual query writing.

JWT· also: JSON Web Token

A compact URL-safe token format encoding claims as JSON, cryptographically signed (sometimes encrypted). Used for stateless authentication and authorisation. Common gotchas: never trust the alg header, always validate exp/nbf, and rotate signing keys.

K

KEV catalog· also: Known Exploited Vulnerabilities

CISA's authoritative list of CVEs confirmed to be exploited in the wild. Because it filters the tens of thousands of yearly CVEs down to what attackers actually use, the KEV catalog is the best signal for prioritising patching, ahead of raw CVSS scores.

CVE

Kubernetes· also: K8s

The dominant open-source container orchestration platform — it schedules containers across a cluster, handles networking, scaling, self-healing, and rollouts. By 2026 most teams consume it as a managed service (EKS, GKE, AKS) rather than running the control plane themselves.

Infrastructure news

Kubernetes operator

A custom controller that encodes operational knowledge for running a specific application on Kubernetes (Postgres, Kafka, Cassandra, etc.). Operators reconcile a CRD against actual state and handle complex lifecycle events like backups, upgrades, and failover.

Infrastructure news

KV cache· also: Key-Value cache

The stored attention keys and values from already-processed tokens, reused so the model doesn't recompute them for each new generated token. The KV cache dominates GPU memory during long-context inference, driving techniques like paged attention and KV-cache quantization.

Inference
L

Lateral movement

The phase of an attack where an intruder, having gained an initial foothold, pivots through the internal network to reach higher-value systems. Zero-trust segmentation, mTLS, and least-privilege access are the primary controls that contain it.

Zero-trust

Linux· also: GNU/Linux

Linux is an open-source, monolithic, Unix-like operating system kernel that serves as the core for a vast ecosystem of operating systems called distributions (e.g., Ubuntu, Fedora, Arch). It manages hardware resources, process scheduling, and provides essential system services for all other software on the device. Due to its stability and portability, Linux is the dominant kernel for servers, cloud infrastructure, embedded systems, and mobile devices via Android.

LLM· also: Large Language Model

A neural network trained on a large text corpus to predict the next token, which produces capable open-ended text generation. The frontier-tier examples in 2026 are Claude (Anthropic), GPT (OpenAI), Gemini (Google), and Llama (Meta open-weight).

AI news

Load balancer

A component that distributes incoming requests across multiple backend instances for availability and scale. Layer 4 balancers route by IP/port; Layer 7 balancers route on HTTP attributes like path and host. Health checks remove failing backends from rotation automatically.

Reverse proxy

LoRA· also: Low-Rank Adaptation

A parameter-efficient fine-tuning technique that injects small low-rank matrices alongside frozen base model weights. Cuts fine-tuning compute and storage by orders of magnitude — LoRA adapters are 1–10 MB for a 7B-parameter base model. The default fine-tuning approach in 2026.

M

Malware· also: Malicious software

Malware is a catch-all term for any intrusive software intentionally designed by an attacker to disrupt operations, steal data, or gain unauthorized access to a system. It encompasses a wide range of threats, including viruses, worms, trojans, ransomware, and spyware, which exploit vulnerabilities to execute their malicious code. Modern variants often employ sophisticated evasion techniques like polymorphism and fileless execution to bypass security controls in environments ranging from endpoints to cloud infrastructure.

Materialized view

A query result stored physically and reused, so expensive joins or aggregations are computed once instead of on every read. Unlike a plain view, it must be refreshed when underlying data changes — periodically, on demand, or incrementally. A common analytics performance lever.

Database news

MCP· also: Model Context Protocol

A protocol for AI assistants to communicate with external tools and data sources. Originated at Anthropic and increasingly multi-vendor — Claude, OpenAI, and several frameworks support MCP servers as a tool-integration standard.

Claude 4 release

Message queue

Middleware that decouples producers from consumers by buffering messages for asynchronous processing, smoothing load spikes and surviving consumer downtime. RabbitMQ and SQS handle task queues; Kafka and Pulsar handle high-throughput event streams with replay.

Backpressure

meta

A prefix indicating a concept is an abstraction of another concept of the same type, signifying a higher level of indirection. In software engineering, this commonly refers to metadata (data that describes other data, like a file's last-modified timestamp) or metaprogramming (code that operates on other code as its data, such as macros or reflection APIs). The core idea is an entity that provides information about or manipulates the structure, type, or behavior of its own kind.

MFA· also: Multi-Factor Authentication

Requiring at least two of: something you know (password), something you have (phone, token, passkey), something you are (biometric). 2026 best practice is phishing-resistant MFA via FIDO2/WebAuthn passkeys; SMS and TOTP are still common but bypassable via SIM swap or real-time phishing.

Microsoft· also: MS, MSFT

Microsoft is a multinational technology corporation that develops widely-used software, cloud services, and developer tools. Its key offerings for engineers include the Windows operating system, the Azure cloud platform, the .NET framework, Visual Studio Code, and the TypeScript programming language. Microsoft is also the parent company of GitHub and a significant contributor to open-source projects.

Mixture of experts· also: MoE

An architecture where each token is routed to a small subset of specialised sub-networks (experts) rather than the whole network, so a model can have huge total parameter counts while only activating a fraction per token. The dominant design for frontier open-weight models like DeepSeek and Llama 4.

AI news

Monorepo

Storing many projects or services in a single version-controlled repository, enabling atomic cross-project changes, shared tooling, and unified dependency versions. Scaling it requires purpose-built build systems like Bazel, Nx, or Turborepo to avoid rebuilding everything on each change.

Tech news

mTLS· also: Mutual TLS

TLS where both client and server present and verify certificates, so each side cryptographically proves its identity. It is the standard mechanism for service-to-service authentication inside a zero-trust network and is automated by service meshes like Istio and Linkerd.

Service mesh

Multimodal model

A model that natively processes more than one input or output type — text, images, audio, and increasingly video — in a shared representation. 2026 frontier models (Gemini, GPT, Claude) are multimodal by default, enabling document understanding, screenshot reasoning, and voice interaction.

AI news

MVCC· also: Multi-Version Concurrency Control

A concurrency mechanism where writes create new versions of rows instead of overwriting, so readers see a consistent snapshot without blocking writers and vice versa. It underpins PostgreSQL, MySQL InnoDB, and Oracle; the cost is bloat from old versions needing cleanup (vacuum).

ACID
N

Netlify

Netlify is a cloud platform that provides a Git-based workflow for building, deploying, and hosting web applications and static sites. It combines a global edge network for high-performance delivery with integrated backend services, including serverless functions, authentication, and a key-value store. The platform is designed to automate and simplify the deployment of modern, scalable web projects, particularly those following the "Jamstack" architecture.

npm· also: Node Package Manager

npm is the default package manager for the JavaScript runtime environment Node.js, consisting of a command-line interface (CLI) client and the npm Registry, the world's largest public software registry. The CLI is used to install, share, and manage project dependencies, which are defined in a "package.json" file. The registry hosts the open-source packages that developers share and consume.

O

OAuth 2.1

The consolidated successor to OAuth 2.0, published in 2024 to mandate the modern security best practices that had accumulated as separate RFCs: PKCE for all clients, no implicit flow, no resource owner password grant, and refresh-token rotation. New systems should implement 2.1 directly.

Observability

The ability to ask new questions about a system's behaviour without shipping new code. Observability rests on three signals — logs, metrics, traces — increasingly unified via OpenTelemetry. Distinguished from monitoring, which alerts on known failure modes.

Infrastructure news

OIDC· also: OpenID Connect

An identity layer on top of OAuth 2.0 that adds a standard ID token (a JWT) and userinfo endpoint. The modern default for application authentication. Major IdPs (Okta, Azure AD, Auth0, Google) all support OIDC; new applications should choose OIDC over SAML when possible.

SSO vs SCIM

OLTP vs OLAP

OLTP (Online Transaction Processing) handles many small, fast read/write transactions — the operational database behind an app. OLAP (Online Analytical Processing) runs large aggregating queries over historical data for analytics. The split drives the use of separate transactional and warehouse systems.

Columnar storage

OONI· also: Open Observatory of Network Interference

OONI (Open Observatory of Network Interference) is a free software project and global observation network for detecting internet censorship and surveillance. Volunteers run the OONI Probe software to test for blocked websites, tampered traffic, and the presence of middleboxes. The collected network measurement data is published openly to increase transparency and support research into internet interference.

open source· also: OSS

Open source refers to a software development model where the source code is made publicly available for anyone to view, modify, and distribute. This approach fosters transparency and collaborative improvement, with all rights and obligations defined by an accompanying open-source license such as MIT, Apache 2.0, or GPL.

OpenAPI· also: Swagger

A standard machine-readable specification for describing REST APIs — endpoints, parameters, schemas, and auth. From one spec you generate client SDKs, server stubs, interactive docs, and contract tests. The dominant way to define and document HTTP APIs in 2026.

API gateway

OpenTelemetry· also: OTel

The CNCF-graduated standard for emitting traces, metrics, and logs from applications. Vendor-neutral SDKs in every major language; collectors fan output to any backend (Datadog, Grafana, Honeycomb, Jaeger). OTel is the de facto observability protocol.

P

Passkey

A FIDO2/WebAuthn credential — a cryptographic key pair bound to a site — that replaces passwords entirely and syncs across a user's devices via their platform (Apple, Google, Microsoft). Phishing-resistant by design and, by 2026, the default consumer login on major platforms.

FIDO2

PeopleSoft· also: PSFT

PeopleSoft is a suite of enterprise software applications from Oracle, providing solutions for Human Capital Management (HCM), Financial Management, and other ERP functions. The platform is built on a proprietary technology layer called PeopleTools, which uses the PeopleCode language for extensive application customization. It is a widely deployed system in large organizations, often serving as a core system of record that requires integration with other services.

Privilege escalation

An attacker increasing their access level beyond what was granted — from a normal user to root, or from one tenant to another. Vertical escalation gains higher privileges; horizontal escalation accesses peers' data. A core objective in nearly every breach chain.

Lateral movement

Product Launch· also: Go-live, General Availability (GA)

A product launch is the coordinated process of making a new product or a significant feature set generally available to its target audience. This event encompasses not just the final code deployment, but also the alignment of marketing, sales, and customer support operations. Modern launches often utilize phased rollouts with feature flags or canary releases to mitigate risk, rather than a single "big bang" deployment.

Productivity· also: Developer productivity

In software engineering, productivity is a measure of a team's efficiency in delivering high-quality, valuable software. It is typically assessed using outcome-oriented frameworks like DORA and SPACE, which analyze system-level flow, feedback loops, and developer satisfaction, rather than individual output metrics like lines of code or tickets closed.

Prompt injection

A class of attack against LLM-powered applications where malicious instructions are smuggled into model input (via documents, URLs, or other untrusted data) to override the system prompt. Indirect prompt injection — instructions embedded in data the LLM is asked to read — is the harder variant to defend against.

Security news

Protocol Buffers· also: Protobuf

Google's language-neutral binary serialization format defined by a schema, far more compact and faster to parse than JSON. The default payload format for gRPC and a common choice for event schemas where size and forward/backward compatibility matter.

gRPC

Python· also: py

Python is a high-level, dynamically-typed programming language renowned for its emphasis on code readability and a simple, clean syntax. It supports multiple programming paradigms, including object-oriented and functional, and features automatic memory management via garbage collection. Its extensive standard library and a vast ecosystem of third-party packages make it a dominant choice for web development, data science, machine learning, and scripting.

Q

Quantization

Reducing the precision of an LLM's weights (from 16-bit float to 8-bit, 4-bit, or lower) to shrink memory footprint and speed up inference. Modern 4-bit quantization (GPTQ, AWQ) preserves most capability while making large models runnable on consumer hardware.

Quantum Computing

Quantum computing is a computational paradigm that leverages quantum-mechanical principles like superposition and entanglement to process information. Unlike classical computers that use bits (0 or 1), quantum computers use qubits, which can exist in a combination of states simultaneously. This allows them to solve specific classes of problems, such as molecular simulation and integer factorization for cryptography, exponentially faster than any known classical algorithm.

Query planner· also: Query optimizer

The database component that turns a declarative SQL query into an efficient execution plan — choosing join order, index usage, and scan strategy based on table statistics. Most performance problems trace to the planner picking a bad plan from stale statistics; EXPLAIN is how you inspect its choices.

Database news
R

RAG· also: Retrieval-Augmented Generation

A pattern where an LLM is given relevant context at query time (usually retrieved from a vector database) rather than relying solely on its training data. RAG is the standard architecture for grounding model output in proprietary data.

RAM· also: Random-Access Memory

RAM (Random-Access Memory) is a computer's primary volatile memory, used to store data and machine code that are currently in use. It provides fast, random access to any memory location, which is critical for application performance and overall system responsiveness. Unlike persistent storage like an SSD, RAM loses its contents when power is removed.

Ransomware

Ransomware is a type of malicious software that encrypts a victim's files or entire systems, rendering them inaccessible. Attackers then demand a ransom payment, typically in cryptocurrency, in exchange for the decryption key. Many modern ransomware variants also practice "double extortion" by exfiltrating sensitive data before encryption and threatening to publish it if the ransom is not paid.

Rate limiting

Capping the number of requests a client can make over a time window. Implemented at the edge (Cloudflare, Fastly), at the API gateway (Kong, Envoy), or per-application (sliding window, token bucket). Essential against abuse and accidental client retries amplifying outages.

RBAC· also: Role-Based Access Control

Granting permissions to named roles and assigning users to roles, rather than to individuals directly. It is the default authorization model in Kubernetes, cloud IAM, and most SaaS. Simple to reason about, but role explosion is the common failure mode at scale.

ABAC

Replication

Maintaining copies of data across multiple nodes for availability and read scaling. Synchronous replication guarantees no data loss on failover but adds write latency; asynchronous is faster but risks losing recent writes. Most production databases run a primary with one or more replicas.

Sharding

Reranker

A second-stage model in a retrieval pipeline that reorders the top-k candidates from a vector search using a more expensive but accurate scoring function. Cohere Rerank, BGE-Reranker, and ColBERT are common choices. Reranking typically lifts RAG quality by 10–20% at modest extra latency.

Research: RAG

Reverse proxy

A server that sits in front of backend services and forwards client requests to them, often adding TLS termination, caching, compression, and routing. NGINX, Envoy, HAProxy, and Caddy are common choices; an API gateway is a feature-rich reverse proxy.

API gateway

RLHF· also: Reinforcement Learning from Human Feedback

A training stage where human preference rankings teach a reward model, which then tunes the LLM to produce outputs people prefer. RLHF is what turns a raw next-token predictor into a helpful, aligned assistant. Variants like RLAIF and DPO reduce the human-labelling cost.

AI news

robotics

Robotics is the interdisciplinary field involving the design, construction, operation, and use of robots. For software engineers, it focuses on developing the computer systems for a robot's control, sensory feedback, and information processing. This includes creating software for perception, motion planning, control systems, and applying machine learning for autonomous behavior.

Roku

Roku is a line of digital media players and a software platform that runs the proprietary Roku OS. Developers build streaming applications, called "channels," for the platform using the BrightScript scripting language and the SceneGraph XML framework for creating the user interface.

S

SAML· also: Security Assertion Markup Language

An older XML-based SSO protocol still dominant in enterprise (Okta, Azure AD, Ping). New applications target OIDC first; SAML is a must-have for selling into Microsoft-shop Fortune 500 customers. Implementation pitfalls cluster around XML canonicalisation and signature verification.

SSO vs SCIM

SBOM· also: Software Bill of Materials

A machine-readable inventory of every component, library, and dependency in a software artifact. SBOMs let you answer "are any of my running workloads affected by CVE-X?" in seconds. SPDX and CycloneDX are the dominant SBOM formats. Required by US federal procurement (EO 14028).

Supply chain security

SCIM· also: System for Cross-domain Identity Management

A standard REST API for provisioning and deprovisioning user accounts across applications from a central directory. Where SSO handles login, SCIM handles lifecycle — auto-creating accounts on hire and, critically, revoking them on termination.

SSO vs SCIM

Secrets management

Securely storing, rotating, and distributing credentials — API keys, DB passwords, certificates — so they never live in source code or plaintext config. HashiCorp Vault, AWS Secrets Manager, and cloud KMS are standard; the modern goal is short-lived, dynamically issued secrets over static ones.

Security news

Security Breach· also: Data Breach

A security breach is an incident where an unauthorized party successfully bypasses security measures to gain access to a system, network, or private data. These events can result in the exposure, theft, or alteration of sensitive information, which is often specifically termed a data breach.

Semantic search

Searching by meaning rather than keyword overlap, by embedding the query and documents into a shared vector space and ranking by similarity. It surfaces relevant results even when no words match, and is the retrieval backbone of most RAG systems.

Embedding

Semantic versioning· also: SemVer

A version numbering convention, MAJOR.MINOR.PATCH, where major signals breaking changes, minor adds backward-compatible features, and patch fixes bugs. It lets dependency managers safely auto-upgrade within compatible ranges. Honoured in spirit more than letter across many ecosystems.

Tech news

Serverless

A model where you deploy functions or containers and the platform handles provisioning, scaling to zero, and per-invocation billing. AWS Lambda, Google Cloud Run, and Cloudflare Workers are leading platforms. You trade infrastructure control for operational simplicity and pay-per-use economics.

Cold start

Service mesh

A dedicated infrastructure layer that handles service-to-service communication, including mTLS, retries, circuit breaking, and observability. Istio (Envoy-based), Linkerd (Rust-based), and Cilium Service Mesh (eBPF-based) are the dominant choices. Most teams under 100 services don't need one.

Sharding

Partitioning a dataset horizontally across multiple database instances so each holds a subset, enabling scale beyond a single machine. The shard key choice is critical — a poor one creates hotspots and cross-shard queries. Vitess, Citus, and most NoSQL stores automate it.

Replication

Sidecar container

A container that runs alongside an application container in the same Kubernetes pod, sharing its network and lifecycle. Common uses: service mesh proxies (Envoy, Linkerd), log shippers, metrics scrapers. Kubernetes 1.30 graduated sidecar containers to GA with proper lifecycle ordering.

Kubernetes 1.30

Sigstore

An open-source stack (Cosign, Fulcio, Rekor) for signing software artifacts using short-lived keys tied to OIDC identity, with signatures recorded in a public transparency log. It removes the key-management burden that historically blocked widespread artifact signing.

Supply chain security

SLI· also: Service Level Indicator

A quantitative measure of a service's behaviour — request latency, error rate, availability — that an SLO sets a target for. Good SLIs reflect user experience directly. The chain runs SLI (the measurement) to SLO (the target) to error budget (the allowed shortfall).

SLO

SLO· also: Service Level Objective

An internal reliability target — for example, "99.9% of API requests return in under 200ms over a rolling 30 days." SLOs sit between SLAs (contractual, customer-facing) and SLIs (raw metrics). The gap between SLO and SLA is the error budget.

SLSA· also: Supply-chain Levels for Software Artifacts

A framework that scores how trustworthy a build pipeline is. Level 1 produces provenance metadata; Level 4 means the build is hermetic, reproducible, and signed by a trusted builder. Most projects target Level 2 or 3.

Supply chain security

SocGholish-infected· also: FakeUpdates

Describes a system or website compromised by the SocGholish malware framework, a JavaScript-based threat also known as FakeUpdates. The infection typically occurs when a user is tricked by a fake software update prompt on a compromised website, leading to the download of a malicious payload. SocGholish often serves as an initial access broker, deploying further malware like ransomware onto the compromised system.

Software· also: SW, S/W

Software is the set of non-physical instructions, data, and programs that direct a computer's hardware to perform tasks. It is typically written as human-readable source code, then compiled or interpreted into a machine-executable form. The term encompasses a wide spectrum, including firmware, operating systems, libraries, and end-user applications.

Solar· also: Apache Solr

Solar is an open-source enterprise-search platform from the Apache Lucene project. It provides full-text search, hit highlighting, faceted navigation, and near real-time indexing capabilities through a REST-like HTTP API. It is widely used for building search and navigation features into websites and applications.

Source Code· also: Code

Source code is the collection of human-readable instructions, written in a programming language, that defines a computer program's logic and behavior. It serves as the primary blueprint for software and is transformed by a compiler or interpreter into a machine-executable form. This text-based asset is the fundamental artifact managed and versioned within a repository.

Speculative decoding

An inference speedup where a small fast "draft" model proposes several tokens ahead and the large model verifies them in one pass, accepting the matches. It cuts latency 2–3x with no change to output quality, and ships in most production serving stacks like vLLM and TensorRT-LLM.

Inference

SSO· also: Single Sign-On

Letting users authenticate once with a central identity provider and access many applications without re-entering credentials. Implemented via OIDC or SAML. SSO is table stakes for enterprise sales and a prerequisite for centralised offboarding and access policy.

SSO vs SCIM

SSPL· also: Server Side Public License

A source-available license created by MongoDB and adopted by Redis, Elastic, and others. SSPL requires anyone offering the software as a service to open-source their entire service stack — a deliberate barrier for cloud providers (AWS, GCP, Azure). The OSI considers SSPL non-open-source.

Redis source-available

Streaming· also: Data streaming

Streaming is a data transfer technique where information is sent as a continuous, sequential flow of small packets. This model allows applications to process or consume data in near real-time as it is generated, rather than waiting for an entire file or dataset to be downloaded first. It is a foundational paradigm for use cases like live video, real-time analytics, and event-driven architectures.

Supabase

Supabase is an open-source Firebase alternative that provides a suite of backend tools built around a PostgreSQL database. It automatically generates REST and GraphQL APIs for database access and includes integrated services for authentication, file storage, and serverless edge functions. This platform-as-a-service (PaaS) enables developers to build scalable backends without managing the underlying infrastructure.

supply chain· also: software supply chain

In software engineering, the supply chain refers to every component, process, and dependency involved in the development, build, and delivery of an application. This includes source code, third-party libraries, build tools, container images, and the CI/CD pipelines that orchestrate them. Securing the supply chain involves verifying the integrity and provenance of these assets, often using tools like Software Bills of Materials (SBOMs) and cryptographic attestations to mitigate tampering and vulnerabilities.

Supply chain attack

Compromising software by attacking an upstream dependency, build system, or update channel rather than the target directly. SolarWinds, the 2024 XZ Utils backdoor, and recurring malicious npm/PyPI packages are canonical examples. Defences include SBOMs, SLSA provenance, and Sigstore signing.

Supply chain security
T

Temperature

A sampling parameter that controls randomness in an LLM's output. Low temperature (near 0) makes responses deterministic and focused; higher values increase diversity and creativity at the cost of consistency. Use low temperature for extraction and code, higher for brainstorming.

AI news

Threat model

A structured analysis of what could go wrong in a system — identifying assets, adversaries, attack surfaces, and mitigations before building. Frameworks like STRIDE and attack trees guide the process. The point is to make security decisions deliberate rather than reactive.

Security news

TLS termination

Decrypting HTTPS traffic at a reverse proxy or load balancer before forwarding plaintext to backend services. Centralises certificate management and offloads CPU from application servers. Modern best practice is to also re-encrypt service-to-service (mTLS via service mesh) to maintain end-to-end encryption.

Token

The unit an LLM reads and generates — typically a word fragment of about four English characters. Pricing, context limits, and rate limits are all denominated in tokens. Tokenisation differences mean the same text costs different amounts across model families.

AI news
V

Vector database

A database that stores high-dimensional embedding vectors and supports nearest-neighbour search. Used for semantic search, RAG, recommendation systems. Examples: pgvector (PostgreSQL extension), Pinecone, Weaviate, Qdrant, Milvus.

Vercel· also: ZEIT

Vercel is a cloud platform for deploying and scaling frontend web applications, created by the team behind the Next.js framework. It provides a developer-focused workflow with Git integration for continuous deployment, instant preview environments for every push, and a global edge network for high performance. The platform enables server-side logic through serverless functions, abstracting away traditional server management.

Vulnerability· also: Security flaw

A vulnerability is a flaw or weakness in a system's design, implementation, or configuration that can be exploited by an attacker to compromise its security. Successful exploitation can result in negative impacts such as unauthorized data access, privilege escalation, or denial of service. Vulnerabilities are often publicly disclosed and tracked with identifiers like a CVE (Common Vulnerabilities and Exposures) number.

W

WASM· also: WebAssembly

A portable binary instruction format that runs sandboxed at near-native speed, originally for the browser but now widely used server-side for plugins, edge compute, and untrusted code isolation. The WASI standard gives WASM modules a portable system interface outside the browser.

Edge computing

web hosting

Web hosting is a service that provides the online infrastructure and technologies required to make a website or web application accessible on the internet. It involves allocating resources on a server—such as storage for files, compute for server-side logic, and network bandwidth—to serve content to end-users. Hosting models range from traditional shared, VPS, and dedicated servers to modern cloud platforms offering IaaS, PaaS, and serverless architectures.

Web3· also: Web 3.0

Web3 describes an iteration of the internet built upon decentralized technologies, primarily public blockchains. It aims to shift control from centralized corporations to individual users by enabling verifiable ownership of data and digital assets through mechanisms like smart contracts and cryptographic wallets. Applications built on this stack are often called "dApps" (decentralized applications) and operate on peer-to-peer networks rather than traditional client-server models.

Webhook

A user-defined HTTP callback fired when an event happens in a third-party system. The receiving server exposes a public endpoint; the sending service POSTs to it. Modern best practice: idempotency keys, signature verification (HMAC), retry-with-backoff, and dead-letter queues for failed deliveries.

WebSocket

A protocol providing full-duplex, persistent communication over a single TCP connection. Used for real-time features (chat, live dashboards, collaboration). Modern alternatives — Server-Sent Events for one-way push, WebTransport for stream-multiplexed connections — are gaining traction.

Windows· also: Microsoft Windows

A family of proprietary, graphical operating systems developed by Microsoft that holds a dominant share of the global desktop market. For developers, the platform is defined by its native Win64 API, the .NET ecosystem, and the integrated Windows Subsystem for Linux (WSL) for running native Linux environments. It is known for its extensive backward compatibility and broad hardware support.

Write-ahead log· also: WAL

A durability technique where changes are appended to a sequential log on disk before being applied to the main data files, so the database can recover committed transactions after a crash by replaying the log. The WAL also feeds replication and change data capture.

CDC
Z

Zero-day

A vulnerability with no available patch at the time of disclosure (or exploitation). The "zero" refers to the number of days defenders have had to prepare. Zero-day-class disclosures usually trigger emergency patching cycles across the industry.

OpenSSL CVE

Zero-trust

A security model where every request is authenticated and authorized regardless of network position — no implicit trust based on being "inside the firewall." In practice this means strong identity (SSO + MFA), per-request authorization, encrypted transport everywhere, and continuous monitoring.

Security news
Missing a term? Email [email protected] — we add entries as they come up in reporting.

Tech intelligence for engineering teams

Short, verified briefings on AI, cybersecurity, infrastructure, and data — with the analysis and action steps that matter. Every briefing is sourced, fact-checked, and bylined to a named editor.

[email protected]Story tips & corrections welcomeHow we report →

The Notifire briefing

Verified tech intelligence in your inbox — AI, security, infra, and data.

The day's most important tech briefings. No spam, unsubscribe anytime.

Sections

  • AI
  • Cybersecurity
  • Infrastructure
  • Database
  • Tech Updates
  • Web3 & Chains

Newsroom

  • About Notifire
  • Editorial team
  • Editorial standards
  • Methodology
  • AI disclosure
  • Corrections

Resources

  • Explore
  • Research hubs
  • Comparisons
  • Tech glossary
  • FAQ
  • Alerts & watchlists

Follow

  • RSS feed
  • Atom feed
  • LinkedIn
  • X / Twitter
  • Facebook
  • Instagram
  • YouTube
© 2026 NotifirePrivacyTermsCorrections
An independent, AI-assisted publication. Built at </Alpheric>
IntelligenceLive panel
Live

Top trending

Last 24h

    Popular tags

    Add to watchlist

    +OpenAI+Claude+PostgreSQL+Kubernetes+Cloudflare+AWS+CVE Critical

    Notifire score

    0–100 priority signal — combines impact, freshness, trending velocity, and source credibility.

    FeedExploreAskAlertsSavedProfile