Glossary
I am updating this list as I learn new “terms”
Beachhead (Breaking out of, Accessing it, Digital beachhead) - In penetration testing, Beachhead is the first compromised system; the initial foothold; this is the beachhead. The term comes from the military.
Box - Just a computer used for a specific purpose, commonly used to refer to Virtual Machines.
Ghost Machine - A virtual machine that is running but not actively used or forgotten. It consumes resources without serving a current purpose, often accumulating in data centers and cloud environments.
Link Rot - The phenomenon where hyperlinks on websites become obsolete or broken as the content they point to is moved or deleted over time.
Root(ing) - Obtaining root access in a compromised environment through privilege escalation methods (Or not).
Saturation - It can be understood as the load on your network and server resources. This typically translates to metrics like CPU utilization, memory usage, disk capacity, operations per second and many more.
Service level agreement (SLA) - A service level agreement defines the level of service expected by users. They also include penalties in case of agreement violation.
Service Level Indicators (SLIs) - measures of performance that allow engineers to understand if they are meeting the SLOs for the system and, subsequently the business-level SLAs. For example, they can be the uptime metric for a particular service.
Service Level Objectives (SLOs) - Guide levels of performance for engineers to aim for. They typically correlate with SLA requirements. For example, they can be goals for a certain level of availability for a service over a given period.
Service reliability - Its reliability is the probability that a service, product, or system will adequately do what it is supposed to for a specific period. Your service reliability measures how well your system performs given conditions over time.
Shadow IT - Refers to information technology systems and solutions used within an organization without the explicit approval of the organization’s IT department. It’s often a source of security risks since it’s not managed or secured by the IT team.
Sneakernet - The term you might be thinking of as "sandal drive." It refers to the transfer of electronic information by physically moving storage devices, like USB drives, between computers. The name comes from the idea that the data is being walked from one place to another.
Spaghetti Code - Refers to complex and tangled code with a chaotic structure, often resulting from multiple changes and poor programming practices. It’s difficult to debug or maintain.
Technical Debt is a metaphor in software development and IT that refers to the long-term costs incurred when choosing a quicker, less-than-optimal solution now, rather than a more robust, but time-consuming, approach. i.e. “making coding or design decisions that are sub-optimal – or that we know will need to be addressed and updated in the future – in order to get what we want or need into production sooner.”
Weaponization: To develop an exploit against a vulnerability into an attack tool that can be deployed in the wild against a target. i.e. “If the CA private key were compromised, the attacker could perform operations as the CA. While this attack has been talked about from a theoretical perspective, we have not found definitive documentation on weaponization”.