Knowledge Base

AIOps (artificial intelligence for IT operations) is an IT practice that combines big data and machine learning to automate IT operations, such as event correlation, anomaly detection, and root-cause analysis. A modern approach to AIOps serves the full software delivery lifecycle.

Anomaly detection is a technique that uses AI to identify abnormal behavior as compared to an established pattern. Anything that deviates from an established baseline pattern is considered an anomaly.

API monitoring is the process of collecting and analyzing data about the performance of an API in order to identify problems that impact users.

Application performance monitoring (APM) is the practice of tracking key software application performance metrics using monitoring software and telemetry data.

Application mapping is the process of mapping out elements across your entire IT environment, through a visual graph, and then looking at how these applications are interconnected and dependent on each other. AI can be used to automate these actions.

Application modernization takes existing legacy applications and modernizes their platform infrastructure, internal architecture, or features. Application modernization centers on bringing monolithic, on-premises applications into cloud architecture and release patterns.

Application topology discovery is the ability to discover all components and dependencies of your entire technology stack, end-to-end. Application mapping is the process of mapping out these elements across your entire IT environment, through a visual graph, and then looking at how these applications are interconnected and dependent on each other.

Artificial intelligence (AI) refers to a system’s ability to mimic human cognitive function. AI applies advanced analytics and logic-based techniques to interpret data and events, support and automate decisions, and even take intelligent actions.

AWS Lambda is a serverless compute service that can run code in response to predetermined events or conditions and automatically manage all the computing resources required for those processes.

Azure Functions is a serverless compute service by Microsoft that can run code in response to predetermined events or conditions (triggers), such as an order arriving on an IoT system, or a specific queue receiving a new message.

Cloud automation enables Development, DevOps, and SRE teams to build better quality software faster by bringing observability, automation, and intelligence to DevOps processes.

Cloud cost modeling is a process for estimating and analyzing the expenses associated with using cloud computing services to run applications, store data, and perform various computing tasks. Estimating cloud spend uses machine learning and predictive analytic models.

Cloud migration is the process of transferring some or all data, software, and operations to a cloud-based computing environment that offers unlimited scale and high availability. Cloud migration involves moving from on-premises infrastructure to cloud-based services or migrating from one cloud to another.

Cloud monitoring is a set of solutions and practices used to observe, measure, analyze, and manage the health of cloud-based IT infrastructure.

Cloud-native architecture is a structural approach to planning and implementing an environment for software development and deployment that uses resources and processes common with public clouds like Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Container as a Service (CaaS) is a cloud-based service that allows companies to manage and deploy containers at scale. Container environments enable enterprises to quickly deploy and develop cloud-native applications that can run anywhere.

Container monitoring is the process of collecting metrics, traces, logs, and other observability data to improve the health and performance of containerized applications.

Container orchestration is a process that automates the deployment and management of containerized applications and services at scale. This orchestration includes provisioning, scheduling, networking, ensuring availability, and monitoring container lifecycles.

Container security is the practice of applying security tools, processes, and policies to protect container-based workloads. Container security has two main functions: Secure the container image and Secure container runtime configuration

Continuous delivery (CD) is a series of processes for delivering software in which DevOps teams use automation to deliver complete portions of software in short, controlled cycles to different environments as part of a software delivery pipeline.

Core Web Vitals are three key metrics of web page performance that measure a page’s loading performance, interactivity, and stability. Those metrics are Largest Contentful Paint (LCP), Cumulative Layout Shift (CLS), and First Input Delay (FID).

Customer experience analytics is the systematic collection, integration, and analysis of data related to customer interactions and behavior with an organization and its products.

Database monitoring tracks the database performance and resources to create and maintain a high performing and available application infrastructure. To carry out monitoring, the database system collects information from the database manager, its database, and any connected applications.

A data lakehouse features the flexibility and cost-efficiency of a data lake with the contextual and high-speed querying capabilities of a data warehouse.

Dependency mapping is a process that identifies relationships among system applications, processes, services, hosts, and data centers. IT professionals use dependency mapping to understand application and system availability, performance metrics, service flows, and to analyze hotspots.

DevOps is a collection of flexible practices and processes organizations use to create and deliver applications and services by aligning and coordinating software development with IT operations.

DevOps automation is a set of tools and technologies that perform routine, repeatable tasks that engineers would otherwise do manually. Automating tasks throughout the SDLC helps software development and operations teams collaborate and improve.

DevOps metrics and DevOps KPIs are essential for ensuring your DevOps processes, pipelines, and tooling meet their intended goal. Like any IT or business project, you’ll need to track critical key metrics.

DevOps orchestration tames the complexity of DevOps toolchains by automatically managing workflows and dependencies in DevOps workflows.

DevSecOps is a tactical trifecta that connects three disciplines: development, security, and operations. The goal is to seamlessly integrate security into your continuous integration and continuous delivery (CI/CD) pipeline in both pre-production (dev) and production (ops) environments.

A digital experience (DX) is a user’s interaction with a digital touchpoint — whether it’s purchasing an item online, receiving updates from a mobile app, or power-using a business platform. A digital touchpoint may be a mobile application, a website, a smart TV, ATM, and so on.

Digital immunity is an approach to software development that results in secure and resilient software applications and promotes a positive user experience. The methodology combines software design, development, automation, operations, and analytics.

Digital transformation is the integration of digital technology into all areas of a business. This process reinvents existing processes, operations, customer services, and organizational culture.Digital transformation requires modernization and change management so employees can embrace digitization.

Distributed tracing is a method of observing requests as they propagate through distributed cloud environments. Distributed tracing follows an interaction by tagging it with a unique identifier.

Google’s DevOps Research and Assessment (DORA) team established four main DevOps metrics known as “The Four Keys.” These metrics are Deployment Frequency, Lead Time for Changes, Change Failure Rate, and Time to Restore Service.

Full-stack observability is the ability to determine the state of every endpoint in a distributed IT environment based on its telemetry data. Endpoints include on-premises servers, Kubernetes infrastructure, cloud-hosted infrastructure and services, and open-source technologies.

Function as a Service (FaaS) is a cloud computing model that runs code in small modular pieces, or microservices. FaaS enables developers to create and run a single function in the cloud using a serverless compute model.

GitOps is a specialized, prescriptive discipline of DevOps used to achieve similar goals of speed and efficiency. Building on the success of DevOps practices, GitOps is a relatively new way to manage infrastructure through code and automation, around a single Git repository.

Google Cloud Functions is a serverless compute service for creating and launching microservices. The service pairs ideally with single-use functions that tie into other services and is intended to simplify application development and accelerate innovation. GCF is part of the Google Cloud Platform.

Hybrid cloud architecture is a computing environment that shares data and applications on a combination of public clouds and on-premises private clouds.

Hyperconverged infrastructure (HCI) is an IT architecture that combines servers, storage, and networking functions into a unified, software-centric platform to streamline resource management. HCI typically includes an on-premises component.

Hyperscale refers to an architecture’s ability to scale appropriately as organizations add increased demand to the system. Hyperscalers are cloud providers that offer services and seamless delivery to build robust and scalable application environments. Some examples are AWS, Microsoft, and Google.

Infrastructure as a Service (IaaS) is used to manage low-level resources like VMs and disks. The end user is responsible for what is running within the VM, starting with the OS. IaaS is most closely related to a regular automated virtualized system.

Infrastructure as Code (IaC) is a practice that automates IT infrastructure provisioning and management by codifying it as software. IaC uses descriptive code that, in many ways, mimics the DevOps approach to source code.

Infrastructure monitoring is the process of collecting and analyzing data from IT infrastructure, systems, and processes, and using that data to improve business outcomes and drive value across the whole organization.

Interactive application security tests (IAST) combines SAST and DAST together and improves on them by instrumenting applications to support deeper vulnerability analysis beyond exposed surfaces.

IT automation is the practice of using coded instructions to carry out IT tasks without human intervention. IT admins can automate virtually any time-consuming task that requires regular application. The range of use cases for automating IT is as broad as IT itself.

ITOps is an IT discipline involving actions and decisions made by the operations team responsible for an organization’s IT infrastructure. ITOps refers to the process of acquiring, designing, deploying, configuring, and maintaining equipment and services.

Keptn is an open source enterprise-grade control plane for cloud-native continuous delivery and automated operations.

Kubernetes (aka K8s) is an open source platform used to run and manage containerized applications and services on clusters of physical or virtual machines across on-premises, public, private, and hybrid clouds. It automates complex tasks during the container’s lifecycle.

Kubernetes architecture is a collection of core components in the Kubernetes container management system that run and manage containerized applications and services. Kubernetes architecture manages containers and workloads, distributed storage, and control planes that manage global functions.

Log4Shell is a software vulnerability in Apache Log4j 2, a popular Java library for logging error messages in applications. The vulnerability, published as CVE-2021-44228, enables a remote attacker to take control of a device on the internet if the device is running certain versions of Log4j 2.

Log analytics is the process of viewing, interpreting, and querying log data so developers and IT teams can quickly detect and resolve application and system issues.

Log management is an organization’s rules and policies for managing and enabling the creation, transmission, analysis, storage, and other tasks related to IT systems’ and applications’ log data.

Log monitoring is a process by which developers and administrators continuously observe logs as they’re recorded. With log monitoring software, teams can collect information and trigger alerts if something affects system performance and health.

Log preparation is the process of ensuring log data is accurate, reliable, and properly formatted for use in log management and monitoring tools. This includes validating data, eliminating redundant data, and more to help IT teams detect, identify, and remediate issues across IT environments.

A message queue is a form of middleware used in software development to enable communications between services, programs, and dissimilar components, such as operating systems and communication protocols. A message queue enables the smooth flow of information to make complex systems work.

Microservices are small, flexible, modular units of software that fit together with other services to deliver complete applications. This method of structuring, developing, and operating software as a collection of smaller independent services is known as a microservices architecture.

Mobile app monitoring is the process of collecting and analyzing data about application performance. Mobile analytics and monitoring provide context around your mobile application performance—the better the performance, the better for your bottom line.

MTTR stands for "mean time to respond", "mean time to repair", "mean time to resolve", and "mean time to recovery". Each is distinct and fits into its own spot in the incident management framework.

Observability is the ability to measure a system’s current state based on the data it generates, such as logs, metrics, and traces. Observability relies on telemetry derived from instrumentation that comes from the endpoints and services in your multicloud computing environments.

Google made the OpenCensus project open source in 2018 with the goal to give developers a vendor-agnostic library for collecting traces and metrics. The OpenTracing and OpenCensus projects converged into one project called OpenTelemetry.

Red Hat OpenShift is a cloud-based Kubernetes platform that helps developers build applications. It offers automated installation, upgrades, and life cycle management throughout the container stack on any cloud.

OpenTelemetry (also referred to as OTel) is an open source observability framework made up of a collection of tools, APIs, and SDKs. Otel enables IT teams to instrument, generate, collect, and export telemetry data for analysis and to understand software performance and behavior.

OpenTracing is an open-source CNCF (Cloud Native Computing Foundation) project which provides vendor-neutral APIs and instrumentation for distributed tracing. OpenTracing and OpenCensus have merged to form OpenTelemetry in early 2019.

Orchestration refers to coordinating the execution of multiple steps in a more complex workflow or pipeline. Orchestration leverages DevOps tools that allow for rapid updates and releases, version control, and other best practices for software engineering.

OTLP, or OpenTelemetry protocol, is a set of rules, conventions, and standards that specify how components exchange telemetry data. Using metrics, logs, and traces, OTLP serves as a vendor-neutral open standard for collecting and transmitting telemetry data from distributed systems.

Performance monitoring is the process of collecting metrics, logs, and traces to understand the state of applications or infrastructure. Performance monitoring aims to ensure services are highly available and reliable.

Platform as a Service (PaaS) provides faster development and deployment platforms by abstracting the user from the OS while adding well-defined APIs to many essential services (such as the Web, databases, mail, queues, and storage) that the developer must use.

Prometheus is an open-source monitoring and alerting toolkit that’s been heavily adopted by many companies and organizations, and its popularity has grown due to the large number of Exporters built by the community.

Real user monitoring (RUM) is a performance monitoring process that collects detailed data about a user’s interaction with an application. Real user monitoring collects data on a variety of metrics.

SecDevOps is a collaboration framework that expands the impact of DevOps by adding security practices to the software development and delivery process. It resolves the tension between DevOps teams that want to release software quickly and security teams that prioritize security over all else.

Security analytics is a process that uses a combination of data collection, data aggregation, and AI to proactively detect, identify, and defend against security threats.

Serverless computing is a cloud-based, on-demand execution model where customers consume resources solely based on their application usage. Serverless computing is a newer approach that simplifies manageability and reduces costs.

A service mesh is a dedicated infrastructure layer built into an application that controls service-to-service communication in a microservices architecture. It controls the delivery of service requests to other services, performs load balancing, encrypts data, and discovers other services.

Session replay is an IT technology that creates anonymized video-like recordings of actions taken by users interacting with your website or mobile application. Analysits can then watch the user’s mouse movements.

Shift left is the practice of moving testing, quality, and performance evaluation early in the development process, often before any code is written. Shift left testing helps teams anticipate changes that arise during the development process that can affect performance or other delivery processes.

Shift right is the practice of performing testing, quality, and performance evaluation in production under real-world conditions. Shift right methods ensure that applications running in production can withstand real user load while ensuring the same high levels of quality.

Site reliability engineering (SRE) is the practice of applying software engineering principles to operations and infrastructure processes to help organizations create highly reliable and scalable software systems. Those who perform the tasks involved are known as site reliability engineers.

SLAs, or service-level agreements, are contracts signed between a vendor and customer that guarantees a certain measurable level of service.

SLIs provide the actual metrics and measurements that indicate whether you are meeting your service level objective. Most SLIs are measured in percentages to express the service level delivered.

SLOs (service-level objectives) are an agreed-upon target within an SLA that must be achieved for each activity, function, and process to provide the best opportunity for customer success. In layman’s terms, service level objectives represent the performance or health of a service.

Software composition analysis is an application security methodology that tracks and analyzes open source software components. Fundamentally, SCA tools provide insight into open source license limitations and possible vulnerabilities in your projects.

Spring4Shell is a critical vulnerability in the Spring Framework, an open source platform for Java-based application development. Because 60% of developers use Spring for their main Java applications, many applications are potentially affected.

Synthetic monitoring is an application performance monitoring practice that emulates the paths users might take when engaging with an application. It uses scripts to generate simulated user behavior for different scenarios, geographic locations, device types, and other variables.

Test automation involves the use of special software (separate from the software being tested) to control the execution of tests and the comparison of actual outcomes with predicted outcomes.

Vulnerability assessment is the process of identifying, quantifying, and prioritizing the cybersecurity vulnerabilities in a given IT system. The goal of an assessment is to locate weaknesses that can be exploited to compromise systems.

Vulnerability management is the practice of identifying, prioritizing, correcting, and reporting software vulnerabilities.

Web application security is the process of protecting web applications against various types of threats that are designed to exploit vulnerabilities in an application’s code.

A zero-day vulnerability is an unknown software vulnerability that has been discovered by attackers before the organization is aware of it.