Host, Data, and Application Security

Secure Coding

Programming in a manner that is secure

stored procedure

SQL statements written and stored on the database that can be called by applications.

hardening

The process of making a server or an application resistant to an attack.

IaC (Infrastructure as Code)

The process of managing and provisioning computer datacenters through machine-readable definition files.

Database Normalization

The process of removing duplication in a relational database.

Agile Development

A method of software development meant to be rapid.

Fuzzing

A method of testing that intentionally enters invalid input to see if the application can handle it.

waterfall method

A software development method that uses very well-defined sequential phases.

script kiddie

An attacker with little expertise or sophistication. Script kiddies use existing scripts to launch attacks.

OWASP (Open Web Application Security Project)

An online community that develops free articles, documentation, tool, and more on web application security.

APTs (Advance Persistent Threats

Any sophisticated series of related attacks taking place over an extended period of time.

Baselining

Creating a fundamental, or baseline, security level

Prototyping

Creating a version of an application that has only the bare minimum functionality so that it can be evaluated before further development.

Big Data

Data that is larger than what can be handled with traditional tools and algorithms.

NoSQL database

Datastores that do not use a relational structure

IoT (Internet of Things)

Devices that interact on the internet, without human intervention.

Embedded System

Operating system in a device, sometimes on a single chip.

stress testing

Subjecting a system to workloads that are extreme

SQL (Structured Query Language)

The language used by all relational databases