Host, Data, and Application Security
Secure Coding
Programming in a manner that is secure
stored procedure
SQL statements written and stored on the database that can be called by applications.
hardening
The process of making a server or an application resistant to an attack.
IaC (Infrastructure as Code)
The process of managing and provisioning computer datacenters through machine-readable definition files.
Database Normalization
The process of removing duplication in a relational database.
Agile Development
A method of software development meant to be rapid.
Fuzzing
A method of testing that intentionally enters invalid input to see if the application can handle it.
waterfall method
A software development method that uses very well-defined sequential phases.
script kiddie
An attacker with little expertise or sophistication. Script kiddies use existing scripts to launch attacks.
OWASP (Open Web Application Security Project)
An online community that develops free articles, documentation, tool, and more on web application security.
APTs (Advance Persistent Threats
Any sophisticated series of related attacks taking place over an extended period of time.
Baselining
Creating a fundamental, or baseline, security level
Prototyping
Creating a version of an application that has only the bare minimum functionality so that it can be evaluated before further development.
Big Data
Data that is larger than what can be handled with traditional tools and algorithms.
NoSQL database
Datastores that do not use a relational structure
IoT (Internet of Things)
Devices that interact on the internet, without human intervention.
Embedded System
Operating system in a device, sometimes on a single chip.
stress testing
Subjecting a system to workloads that are extreme
SQL (Structured Query Language)
The language used by all relational databases