| Software | Software |
| ASOC (Application Security Orchestration and Correlation) | Application Security Orchestration and Correlation platforms or solutions are platforms designed to manage and coordinate application security. They enable the automation of processes for detecting, analyzing, and responding to security threats related to applications. |
| DAST (Dynamic Application Security Testing) | Dynamic Application Security Testing - the analysis of software without access to the source code, implemented by executing programs. A testing process that simulates malicious external attacks attempting to exploit common vulnerabilities. |
| DevSecOps (Development Security Operations) | Secure Development Process - a software development methodology that integrates security practices (Sec) into software development and delivery processes (DevOps). |
| OSA (Open Source Analysis) | Open Source Analysis - the analysis of open-source libraries and components that are part of the software development perimeter or are already used as artifacts in an application. The analysis is conducted from the perspective of known security vulnerabilities and license violations. |
| SCA (Software Composition Analysis) | Software Composition Analysis - allows for determining the software composition to identify and manage open-source components and their vulnerabilities. |
| SAST (Static Application Security Testing) | Static Application Security Testing - the process of testing an application for errors and vulnerabilities in the source code using static analysis. Static analysis can be applied to find code that potentially contains vulnerabilities. |
| IaC (Infrastructure-as-Code) | Infrastructure as Code - an approach to creating and managing infrastructure through the use of code, such as configuration files or scripts. |
| Container Security | Container Security - an approach to protecting and securely configuring containerization systems; a general concept encompassing a set of various tools and methods for protecting containers from potential threats and attacks. |
| Project | An entity created by an authorized user to logically combine the entire set of related applications or components that are developed and maintained within a single team or organization, and which need to be checked for compliance with the company's security policies and quality standards. |
| AST (Application Security Testing) | Application Security Testing |
| Integration | Data exchange between systems with possible subsequent processing |
| AD (Active Directory) | Directory Services - a set of software services and databases (Microsoft-based) for the hierarchical representation of information resources on a network and for configuring access to them. |
| LDAP (Lightweight Directory Access Protocol) | Lightweight Directory Access Protocol |