IT Glossary

The application of machine learning and analytics to IT operations data to automate monitoring, event correlation, and root cause analysis. AIOps platforms ingest logs, metrics, and alerts from across the IT environment to reduce noise, predict outages, and accelerate incident resolution.

A set of protocols and tools that allows different software applications to communicate with each other. APIs enable integrations between business systems such as CRM platforms, phone systems, and cloud services.

A continuous process of discovering, inventorying, classifying, and monitoring an organization's external-facing digital assets for security exposures. ASM tools automatically map internet-facing infrastructure including domains, IPs, cloud instances, and APIs to identify vulnerabilities before attackers do.

An automated security testing approach that continuously simulates real-world cyberattacks against an organization's production environment to validate security controls. BAS platforms test defenses across the kill chain, identifying gaps in detection, prevention, and response without the risk of manual penetration testing.

A set of strategies, processes, and technologies designed to keep a business operational during and after a disruption. BCDR combines preventive measures with recovery plans to minimize downtime from events like cyberattacks, hardware failures, or natural disasters.

A policy that allows employees to use their personal devices (smartphones, laptops, tablets) for work purposes. BYOD policies typically include security requirements such as mobile device management (MDM) and acceptable use guidelines.

A security tool that sits between an organization's users and cloud service providers to enforce security policies, monitor activity, and prevent data loss. CASBs provide visibility into shadow IT and control over SaaS application usage.

A cloud-based contact center platform that provides omnichannel customer communication capabilities including voice, chat, email, SMS, and social media. CCaaS replaces on-premises contact center hardware with a subscription-based service.

A distributed network of servers that delivers web content and media to users based on their geographic location. CDNs reduce latency and improve load times by caching content at edge locations closer to end users.

A unified security platform that combines cloud security posture management (CSPM), cloud workload protection (CWPP), and application security into a single solution. CNAPP provides end-to-end visibility and protection for cloud-native applications across development and runtime environments.

A platform for managing an organization's interactions with current and prospective customers. CRM systems centralize contact information, track communications, manage sales pipelines, and integrate with phone systems and marketing tools.

An automated security tool that continuously monitors cloud infrastructure for misconfigurations, compliance violations, and security risks. CSPM scans IaaS and PaaS environments to identify overly permissive access policies, unencrypted storage, exposed databases, and other drift from security baselines.

A systematic program for continuously assessing, prioritizing, and validating an organization's exposure to cyber threats. CTEM goes beyond periodic vulnerability scanning by combining attack surface management, threat intelligence, breach simulation, and remediation validation into an ongoing cycle.

A security solution designed to protect server workloads running in cloud, hybrid, and on-premises environments. CWPP provides runtime protection, vulnerability management, integrity monitoring, and threat detection for virtual machines, containers, and serverless functions.

A cyberattack that floods a target system, server, or network with traffic from multiple distributed sources to make it unavailable to legitimate users. DDoS protection services detect and mitigate these attacks before they impact business operations.

A software development approach that integrates security practices into every phase of the development lifecycle rather than treating security as a final gate. DevSecOps automates security testing, vulnerability scanning, and compliance checks within CI/CD pipelines so that code is secure by design.

An internet connection that provides a guaranteed amount of bandwidth exclusively for a single organization. Unlike shared broadband, DIA circuits deliver symmetric upload and download speeds with SLA-backed uptime and performance guarantees.

A set of tools and policies that detect and prevent the unauthorized transfer of sensitive data outside an organization. DLP solutions monitor email, cloud storage, endpoints, and network traffic to enforce data handling rules and compliance requirements.

The system that translates human-readable domain names (like example.com) into IP addresses that computers use to locate each other on a network. DNS security solutions protect against phishing, malware, and DNS-based attacks by filtering requests at the DNS layer.

A cloud-based service that replicates and hosts an organization's critical systems and data in a secondary environment. DRaaS enables rapid failover and recovery in the event of a hardware failure, natural disaster, or cyberattack.

A security discipline focused on discovering, classifying, and protecting sensitive data across cloud and on-premises environments. DSPM automatically maps where sensitive data resides, who has access to it, and whether it is adequately protected, helping organizations reduce data breach risk and maintain compliance.

A cybersecurity solution that continuously monitors endpoint devices (laptops, desktops, servers, mobile devices) for suspicious activity. EDR provides real-time threat detection, investigation, and automated response capabilities beyond traditional antivirus.

An integrated software platform that manages core business processes including finance, supply chain, manufacturing, human resources, and procurement. ERP systems require reliable network connectivity and often drive bandwidth and QoS requirements for multi-site organizations.

A practice that brings financial accountability to cloud spending by combining systems, best practices, and culture. FinOps teams optimize cloud costs through visibility, allocation, and governance without sacrificing performance or innovation.

A cloud-delivered firewall that provides network security without the need for on-premises hardware appliances. FWaaS inspects traffic, enforces policies, and blocks threats from the cloud, making it ideal for distributed organizations.

A category of AI systems that can create new content including text, images, code, audio, and video based on patterns learned from training data. GenAI tools powered by large language models are being adopted across business functions for content generation, code assistance, customer support automation, and data analysis.

A U.S. federal law that establishes standards for protecting sensitive patient health information. Organizations that handle protected health information (PHI) must implement physical, network, and process security measures to ensure HIPAA compliance.

A cloud computing model where a provider delivers virtualized computing resources (servers, storage, networking) over the internet on a pay-as-you-go basis. IaaS eliminates the need to purchase and maintain physical hardware, with providers like AWS, Azure, and Google Cloud leading the market.

A framework of policies, processes, and technologies for managing digital identities and controlling access to resources. IAM includes user provisioning, authentication, authorization, single sign-on (SSO), and role-based access controls.

Network security tools that monitor traffic for suspicious activity. An IDS detects and alerts on potential threats, while an IPS actively blocks them. Modern implementations are often integrated into next-generation firewalls and SASE platforms.

A network of physical devices, sensors, and equipment connected to the internet that collect and exchange data. In business environments, IoT includes smart building systems, industrial sensors, fleet tracking devices, and connected manufacturing equipment.

A company that provides internet connectivity to businesses and consumers. ISPs deliver service over various transport types including fiber, cable, fixed wireless, and dedicated circuits, each with different performance characteristics and SLA commitments.

A security discipline focused on detecting and responding to identity-based attacks such as credential theft, privilege escalation, and account takeover. ITDR continuously monitors identity infrastructure including Active Directory, SSO providers, and IAM platforms for signs of compromise that traditional endpoint or network tools miss.

A network that connects devices within a limited geographic area such as a single office, building, or campus. LANs use Ethernet and Wi-Fi to provide high-speed connectivity for computers, phones, printers, and other devices.

A type of AI model trained on massive datasets of text to understand and generate human language. LLMs power conversational AI assistants, content generation tools, code copilots, and enterprise search. Organizations are integrating LLMs into workflows for customer support, document analysis, and knowledge management while navigating considerations around data privacy, accuracy, and cost.

A managed security service that provides 24/7 threat monitoring, detection, and response capabilities. MDR combines technology (SIEM, EDR) with human analysts who investigate alerts, contain threats, and provide remediation guidance.

A security method that requires users to provide two or more verification factors to access an account or system. MFA typically combines something the user knows (password), something they have (phone or token), and something they are (fingerprint or face scan).

A subset of artificial intelligence where algorithms learn patterns from data and improve their performance over time without being explicitly programmed. In IT, machine learning powers threat detection in security tools, predictive analytics for network performance, spam filtering, and anomaly detection across infrastructure monitoring platforms.

A networking technology that routes traffic using short path labels rather than long network addresses. MPLS provides reliable, private WAN connectivity but is typically more expensive and less flexible than SD-WAN alternatives.

A third-party company that remotely manages an organization's IT infrastructure, end-user systems, and security. MSPs typically provide services on a subscription basis including help desk, monitoring, patching, and backup management.

A security approach that restricts access to a network based on device identity, compliance status, and user credentials. NAC ensures that only authorized and properly configured devices can connect to the corporate network.

A security solution that monitors network traffic in real time using behavioral analytics and machine learning to detect threats that bypass perimeter defenses. NDR identifies lateral movement, command-and-control communications, data exfiltration, and other network-based attack patterns that endpoint tools cannot see.

A branch of artificial intelligence focused on enabling computers to understand, interpret, and generate human language. NLP powers business applications such as chatbots, sentiment analysis, document summarization, intelligent search, and voice-to-text transcription in contact centers and unified communications platforms.

A centralized facility where IT teams monitor, manage, and maintain an organization's network infrastructure 24/7. NOCs track network health, bandwidth utilization, and connectivity issues to ensure maximum uptime and performance.

A cloud computing model that provides a platform for developers to build, deploy, and manage applications without managing the underlying infrastructure. PaaS includes operating systems, middleware, databases, and development tools delivered as a service.

A security framework for controlling, monitoring, and auditing access by privileged accounts such as system administrators, database admins, and service accounts. PAM solutions enforce least-privilege access, rotate credentials automatically, record privileged sessions, and prevent credential-based attacks that target the most powerful accounts in an organization.

A private telephone system within an organization that manages internal and external calls. Traditional PBX systems use on-premises hardware, while modern organizations are replacing them with cloud-based UCaaS platforms that offer greater flexibility and lower costs.

A set of security standards designed to protect credit card data during and after a financial transaction. Any organization that accepts, processes, stores, or transmits credit card information must comply with PCI-DSS requirements.

The traditional circuit-switched telephone network that has provided voice communication services for over a century. As organizations migrate to VoIP and UCaaS, PSTN connectivity is maintained through SIP trunking and session border controllers for legacy compatibility.

A set of technologies and policies that manage network traffic to reduce latency, jitter, and packet loss for priority applications. QoS is critical for real-time communications like voice and video to ensure consistent call quality.

An AI architecture pattern that enhances large language model responses by retrieving relevant information from an organization's own data sources before generating an answer. RAG reduces hallucinations and keeps responses grounded in factual, up-to-date information by connecting LLMs to knowledge bases, documents, and databases without retraining the model.

A security technology that executes web browsing activity in a remote, isolated environment rather than on the user's local device. RBI prevents web-based threats such as drive-by downloads, malicious scripts, and browser exploits from reaching endpoints by rendering only safe visual output to the user while the actual browsing session runs in a disposable cloud container.

The maximum amount of data an organization can afford to lose in the event of a disruption, measured in time. An RPO of one hour means backups must run at least every hour so that no more than 60 minutes of data is ever at risk.

The maximum acceptable amount of time that a system or application can be offline after a failure or disaster. An RTO of four hours means the organization must be able to restore operations within four hours of an outage.

A software delivery model where applications are hosted in the cloud and accessed over the internet on a subscription basis. SaaS eliminates the need for on-premises installation and maintenance, with common examples including Microsoft 365, Salesforce, and Zoom.

A cloud-delivered architecture that converges wide-area networking (SD-WAN) and network security services (SWG, CASB, ZTNA, FWaaS) into a single integrated platform. SASE provides secure access to applications regardless of user location.

A network device that manages and secures voice over IP (VoIP) communications at the border between networks. SBCs handle protocol translation, call routing, security, and interoperability between different voice platforms and carriers.

A networking approach that uses software to manage and optimize traffic across wide-area networks. SD-WAN provides application-aware routing, centralized management, and transport flexibility, enabling organizations to replace or augment expensive MPLS connections.

A platform that collects, correlates, and analyzes security event data from across an organization's IT environment. SIEM provides real-time alerting, threat detection, compliance reporting, and forensic investigation capabilities.

A contractual commitment between a service provider and customer that defines expected performance levels, uptime guarantees, response times, and remedies for service failures. SLAs are critical for evaluating and holding vendors accountable.

A platform that integrates security tools, automates repetitive tasks, and orchestrates incident response workflows. SOAR reduces the time between threat detection and response by automating playbooks that would otherwise require manual analyst intervention.

A centralized team or facility responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats 24/7. A SOC combines people, processes, and technology to protect an organization's digital assets and infrastructure.

An auditing framework developed by the AICPA that evaluates an organization's controls for security, availability, processing integrity, confidentiality, and privacy. SOC 2 reports are commonly required by enterprise customers when evaluating SaaS and cloud service providers.

The security component of SASE that delivers cloud-based security services including SWG, CASB, ZTNA, and FWaaS without the SD-WAN networking component. SSE is used by organizations that want cloud-delivered security but manage their own WAN connectivity.

A security solution that filters and inspects web traffic to protect users from malware, phishing, and access to risky or inappropriate websites. Modern SWGs operate in the cloud and are a core component of SASE architectures.

A financial estimate that includes the full lifecycle cost of a technology investment, covering acquisition, implementation, operation, maintenance, training, and eventual decommissioning. TCO analysis helps organizations compare the true cost of different solutions beyond just the sticker price.

A cloud-based platform that combines voice calling, video conferencing, team messaging, and presence into a single integrated service. UCaaS replaces traditional on-premises PBX systems with a subscription-based model that supports remote and hybrid work.

A security technology that uses machine learning to establish baseline behavior patterns for users and devices, then detects anomalies that may indicate insider threats, compromised accounts, or advanced attacks. UEBA identifies risks such as unusual login locations, abnormal data access volumes, and privilege escalation patterns that rule-based tools miss.

A technology that transmits voice calls over the internet rather than traditional phone lines. VoIP is the underlying technology behind modern business phone systems and UCaaS platforms, offering lower costs and greater flexibility than legacy telephony.

A technology that creates an encrypted tunnel between a user's device and a corporate network over the public internet. While VPNs have been the traditional solution for remote access, they are increasingly being replaced by ZTNA solutions that offer more granular, identity-based access control.

A security solution that monitors, filters, and blocks HTTP/HTTPS traffic to and from web applications. WAFs protect against common web exploits including SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities.

A telecommunications network that connects multiple locations across a large geographic area. WANs link branch offices, data centers, and cloud environments using technologies like MPLS, broadband, DIA, and SD-WAN.

A security platform that unifies threat detection and response across multiple security layers including endpoints, network, email, and cloud workloads. XDR provides a more comprehensive view of threats than EDR alone by correlating data across the entire attack surface.

A security framework based on the principle of never trust, always verify. Zero trust eliminates implicit trust within a network and requires continuous verification of every user, device, and connection before granting access to resources.

A security technology that provides identity-based, least-privilege access to specific applications rather than granting broad network access. ZTNA replaces traditional VPN by verifying user identity, device posture, and context before allowing access to each application.