DEVOPSv3.3 Master DevOps Glossary 10dec2020
Uploaded by
SamHamIIDEVOPSv3.3 Master DevOps Glossary 10dec2020
Uploaded by
SamHamIIDEVOPS
GLOSSARY OF TERMS
This glossary is provided for reference only as it contains key
terms that may or may not be examinable.
© DevOps Institute DevOps Glossary of Terms 10Dec2020 1
DevOps Glossary of Terms
Course
Term Definition
Appearances
A methodology for building modern,
12-Factor App Continuous Delivery
scalable, maintainable software-as-a-service
Design Ecosystem Foundation
applications.
Two-Factor Authentication, also known as
2FA or TFA or Two-Step Authentication is
when a user provides two authentication
2-Factor or 2-Step
factors; usually firstly a password and then a DevSecOps Foundation
Authentication
second layer of verification such as a code
texted to their device, shared secret,
physical token or biometrics.
Deploy different versions of an EUT to
Continuous Delivery
A/B Testing different customers and let the customer
Ecosystem Foundation
feedback determine which is best.
A structured problem-solving approach that
uses a lean tool called the A3 Problem-
A3 Problem Solving Solving Report. The term "A3" represents the DevOps Foundation
paper size historically used for the report (a
size roughly equivalent to 11" x 17").
Granting an authenticated identity access to
an authorized resource (e.g., data, service,
Access
environment) based on defined criteria (e.g., DevSecOps Foundation
Management
a mapped role), while preventing an
unauthorized identity access to a resource.
Access provisioning is the process of
coordinating the creation of user accounts,
e-mail authorizations in the form of rules and
Access Provisioning DevSecOps Foundation
roles, and other tasks such as provisioning of
physical resources associated with enabling
new users to systems or environments.
The purpose of the test is to determine if an
Administration Continuous Delivery
End User Test (EUT) is able to process
Testing Ecosystem Foundation
administration tasks as expected.
© DevOps Institute DevOps Glossary of Terms 2
Any person making a decision must seek
advice from everyone meaningfully affected
by the decision and people with expertise in
the matter. Advice received must be taken
into consideration, though it does not have
to be accepted or followed. The objective of
Advice Process DevSecOps Foundation
the advice process is not to form consensus,
but to inform the decision-maker so that they
can make the best decision possible. Failure
to follow the advice process undermines trust
and unnecessarily introduces risk to the
business.
A project management method for complex Certified Agile Process
projects that divides tasks into small "sprints" Owner, Certified Agile
Agile
of work with frequent reassessment and Service Manager, Site
adaptation of plans. Reliability Engineering
Able to move quickly and easily; well-
coordinated. Able to think and understand DevOps Foundation,
Agile (adjective)
quickly; able to solve problems and have DevSecOps Foundation
new ideas.
Help teams master Agile development and
Agile Coach DevOps practices; enables productive ways DevOps Leader
of working and collaboration.
Fast moving, flexible and robust company
DevOps Foundation,
Agile Enterprise capable of rapid response to unexpected
DevSecOps Foundation
challenges, events, and opportunities.
A formal proclamation of values and
principles to guide an iterative and people-
Agile Manifesto DevOps Foundation
centric approach to software
development. http://agilemanifesto.org
Involves evaluating in-flight projects and
proposed future initiatives to shape and
Agile Portfolio Site Reliability
govern the ongoing investment in projects
Management Engineering
and discretionary work. CA’s Agile Central
and VersionOne are examples.
The twelve principles that underpin the Agile Certified Agile Service
Agile Principles
Manifesto. Manager
The aspect of Agile Service Management
(Agile SM) that applies the same Agile Certified Agile Service
Agile Process Design
approach to process design as developers Manager
do to software development.
The aspect of Agile SM that aligns Agile
Agile Process Certified Agile Service
values with ITSM processes through
Improvement Manager
continuous improvement.
© DevOps Institute DevOps Glossary of Terms 3
An ITSM or other type of process owner that
uses Agile and Scrum principles and
Agile Process Owner DevOps Foundation
practices to design, manage and measure
individual processes.
Framework that ensures that ITSM processes
reflect Agile values and are designed with
Agile Service "just enough" control and structure in order to Certified Agile Service
Management effectively and efficiently deliver services Manager
that facilitate customer outcomes when and
how they are needed.
Agile Service
Process Backlog, Sprint Backlog, Burndown Certified Agile Process
Management
Chart, Process Increment Owner
Artifacts
Process Planning Meeting (optional), Sprint
Agile Service Certified Agile Process
Planning Meeting, Sprint, Daily Scrum, Sprint
Management Events Owner
Review, Sprint Retrospective
Process Owner, Process Improvement Team
Agile Service Certified Agile Process
(Team) and Agile Service Manager. See also
Management Roles Owner
Scrum Roles.
The operational equivalent to Dev's
ScrumMaster. A role within an IT organization
Agile Service
that understands how to leverage Agile and DevOps Foundation
Manager
Scrum methods to improve the design,
speed and agility of ITSM processes.
Group of software development methods in
which requirements and solutions evolve Continuous Delivery
Agile Software through collaboration between self- Ecosystem Foundation,
Development organizing, cross-functional teams. Usually DevOps Foundation,
applied using the Scrum or Scaled Agile DevSecOps Foundation
Framework approach.
Amazon Web Services (AWS) is a secure
cloud services platform, offering compute DevSecOps Foundation,
Amazon Web
power, database storage, content delivery Site Reliability
Services (AWS)
and other functionality to help businesses Engineering
scale and grow.
Continuous Delivery
Test results processed and presented in an
Ecosystem Foundation,
Analytics organized manner in accordance with
Continuous Testing
analysis methods and criterion.
Foundation
A system gives an assembly line worker the
ability, and moreover the empowerment, to Continuous Delivery
Andon
stop production when a defect is found, and Ecosystem Foundation
immediately call for assistance.
A commonly reinvented but poor solution to
Anti-pattern DevOps Foundation
a problem.
© DevOps Institute DevOps Glossary of Terms 4
Antifragility is a property of systems that
increases its capability to thrive as a result of DevOps Foundation, Site
Anti-fragility
stressors, shocks, volatility, noise, mistakes, Reliability Engineering
faults, attacks, or failures.
Continuous Delivery
The purpose of the test is to determine if an Ecosystem Foundation,
API Testing
API for an EUT functions as expected. Continuous Testing
Foundation
APM is the monitoring and management of
performance and availability of software
Application
applications. APM strives to detect and Site Reliability
Performance
diagnose complex application performance Engineering
Management (APM)
problems to maintain an expected level of
service.
Application A set of protocols used to create
DevOps Foundation,
Programming applications for a specific OS or as an
DevSecOps Foundation
Interface (API) interface between modules or applications.
Application
Programming The purpose of the test is to determine if an Continuous Delivery
Interface (API) API for an EUT functions as expected. Ecosystem Foundation
Testing
Controlled continuous delivery pipeline
Continuous Delivery
Application Release capabilities including automation (release
Ecosystem Foundation
upon code commit).
Controlled continuous delivery pipeline
capabilities including automation (release
upon code commit), environment modeling
(end-to-end pipeline stages, and deploy
Application Release
application binaries, packages or other Continuous Delivery
Automation (ARA) or
artifacts to target environments) and release Ecosystem Foundation
Orchestration (ARO)
coordination (project, calendar and
scheduling management, integrate with
change control and/or IT service support
management).
Acceptance Test Driven Development
(ATDD) is a practice in which the whole team
Application Test
collaboratively discusses acceptance Continuous Delivery
Driven Development
criteria, with examples, and then distills them Ecosystem Foundation
(ATDD)
into a set of concrete acceptance tests
before development begins.
The purpose of the test is to determine if an
Continuous Delivery
Application Testing application is performing according to its
Ecosystem Foundation
requirements and expected behaviors.
© DevOps Institute DevOps Glossary of Terms 5
Continuous Delivery
Application Under The EUT is a software application. E.g. Ecosystem Foundation,
Test (AUT) Business application is being tested. Continuous Testing
Foundation
The fundamental underlying design of
Architecture computer hardware, software or both in DevSecOps Foundation
combination.
Continuous Delivery
Any element in a software development
Ecosystem Foundation,
Artifact project including documentation, test plans,
DevOps Foundation,
images, data files and executable modules.
DevSecOps Foundation
Store for binaries, reports and metadata. Continuous Delivery
Artifact Repository Example tools include: JFrog Artifactory, Ecosystem Foundation,
Sonatype Nexus. DevOps Foundation
The chain of weaknesses a threat may
exploit to achieve the attacker's objective.
For example, an attack path may start by
compromising a user's credentials, which are
Attack path DevSecOps Foundation
then used in a vulnerable system to escalate
privileges, which in turn is used to access a
protected database of information, which is
copied out to an attacker's own server(s).
The use of automated tools to ensure
products and services are auditable,
including keeping audit logs of build, test Site Reliability
Audit Management
and deploy activities, auditing configurations Engineering
and users, as well as log files from production
operations.
The process of verifying an asserted identity.
Authentication can be based on what you
Authentication know (e.g., password or PIN), what you have DevSecOps Foundation
(token or one-time code), what you are
(biometrics) or contextual information.
The process of granting roles to users to have
Authorization DevSecOps Foundation
access to resources.
Auto DevOps brings DevOps best practices
to your project by automatically configuring
Site Reliability
Auto-DevOps software development lifecycles. It
Engineering
automatically detects, builds, tests, deploys,
and monitors applications.
The ability to automatically and elastically
scale and de-scale infrastructure depending Continuous Delivery
Auto-scaling
on traffic and capacity variations while Ecosystem Foundation
maintaining control of costs.
© DevOps Institute DevOps Glossary of Terms 6
If a failure is detected during a deployment,
an operator (or an automated process) will Site Reliability
Automated rollback
verify the failure and rollback the failing Engineering
release to the previous known working state.
Availability is the proportion of time a system
Site Reliability
Availability is in a functioning condition and therefore
Engineering
available (to users) to be used.
A backdoor bypasses the usual
authentication used to access a system. Its
purpose is to grant the cybercriminals future
Backdoor DevSecOps Foundation
access to the system even if the organization
has remediated the vulnerability initially used
to attack the system.
Requirements for a system, expressed as a
prioritized list of product backlog items
Continuous Delivery
usually in the form of 'User Stories'. The
Ecosystem
Backlog product backlog is prioritized by the Product
Foundation, DevOps
Owner and should include functional, non‐
Foundation
functional and technical team‐generated
requirements.
A common set of minimum-security practices
that must be applied to all environments
without exception. Practices include basic
network security (firewalls and monitoring),
Basic Security hardening, vulnerability and patch
DevSecOps Foundation
Hygiene management, logging and monitoring, basic
policies and enforcement (may be
implemented under a "policies as code"
approach), and identity and access
management.
Refers to the volume of features involved in a
Batch Sizes DevOps Leader
single code release.
Bateson Stakeholder A tool for mapping stakeholder's
DevOps Leader
Map engagement with the initiative in progress.
Test cases are created by simulating an EUT's
Behavior Driven Continuous Delivery
externally observable inputs, and outputs.
Development (BDD) Ecosystem Foundation
Example tool: Cucumber.
A management model that looks beyond
Beyond Budgeting command-and-control towards a more DevOps Leader
empowered and adaptive state.
Continuous Delivery
Test case only uses knowledge of externally Ecosystem Foundation,
Black‐Box
observable behaviors of an EUT. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 7
A process through which engineers whose
actions have contributed to a service
Blameless post Site Reliability
incident can give a detailed account of
mortems Engineering
what they did without fear of punishment or
retribution.
Used for impact analysis of service incidents.
When a particular IT service fails, the users, Site Reliability
Blast Radius
customers, other dependent services that Engineering
are affected.
Taking software from the final stage of testing
to live production using two environments
Continuous Delivery
labelled Blue and Green. Once the software
Blue/Green Testing Ecosystem Foundation,
is working in the green environment, switch
or Deployments Continuous Testing
the router so that all incoming requests go to
Foundation
the green environment - the blue one is now
idle.
An error or defect in software that results in
Bug an unexpected or system-degrading DevSecOps Foundation
condition.
Bureaucratic organizations are likely to use
Bureaucratic Culture standard channels or procedures which may DevOps Leader
be insufficient in a crisis (Westrum).
Certified Agile Service
Chart showing the evolution of remaining
Burndown Chart Manager, DevOps
effort against time.
Foundation
Public cloud resources are added as
Continuous Delivery
Bursting needed to temporarily increase the total
Ecosystem Foundation
computing capacity of a private cloud.
Justification for a proposed project or
Business Case undertaking on the basis of its expected DevOps Leader
commercial benefit.
Business continuity is an organization's ability
to ensure operations and core business
Site Reliability
Business Continuity functions are not severely impacted by a
Engineering
disaster or unplanned incident that take
critical services offline.
Changing how the business functions.
Making this a reality means changing culture,
Business
processes, and technologies in order to DevSecOps Foundation
Transformation
better align everyone around delivering on
the organization's mission.
The benefit of an approach to key business
Business Value DevOps Leader
KPIs.
© DevOps Institute DevOps Glossary of Terms 8
DevOps Foundation,
Cadence Flow or rhythm of events. DevOps Leader,
DevSecOps Foundation
Considered the pillars or values of DevOps:
Culture, Automation, Lean, Measurement,
CALMS Model DevOps Foundation
Sharing (as put forth by John Willis, Damon
Edwards and Jez Humble).
A canary (also called a canary test) is a push
of code changes to a small number of end
users who have not volunteered to test
anything. Similar to incremental rollout, it is Continuous Delivery
where a small portion of the user base is Ecosystem Foundation,
Canary Testing
updated to a new version first. This subset, Site Reliability
the canaries, then serve as the proverbial Engineering
“canary in the coal mine”. If something goes
wrong then a release is rolled back and only
a small subset of the users are impacted.
The purpose of the test is to determine if the
EUT can handle expected loads such as Continuous Delivery
Capacity Test
number of users, number of sessions, Ecosystem Foundation
aggregate bandwidth.
Continuous Delivery
Test cases are created by capturing live
Ecosystem Foundation,
Capture‐Replay interactions with the EUT, in a format that can
Continuous Testing
be replayed by a tool. E.g. Selenium
Foundation
Positive incentives, for encouraging and
Carrots DevSecOps Foundation
rewarding desired behaviors.
A method designed by Roman Pichler of
ensuring that goals are linked and shared at
Chain of Goals DevOps Leader
all levels through the product development
process.
Addition, modification or removal of
DevOps Foundation,
Change anything that could have an effect on IT
DevSecOps Foundation
services. (ITIL® definition)
Continuous Delivery
A measure of the percentage of failed/rolled
Change Failure Rate Ecosystem Foundation,
back changes.
DevOps Foundation
A general sense of apathy or passive
Change Fatigue resignation towards organizational changes DevSecOps Foundation
by individuals or teams.
A measure of the time from a request for
Change Lead Time DevOps Foundation
change to delivery of the change.
Change Leader Jim Canterucci's model for five levels of
DevOps Leader
Development Model change leader capability.
© DevOps Institute DevOps Glossary of Terms 9
DevOps Foundation,
Change Process that controls all changes throughout
DevOps Leader,
Management their lifecycle. (ITIL definition)
DevSecOps Foundation
An approach to shifting or
transitioning individuals, teams &
Change organizations from a current state to a
Management desired future state. Includes the process, DevOps Leader
(Organizational) tools & techniques to manage the people-
side of change to achieve the required
business outcome(s).
Continuous Delivery
Tests are selected according to a criterion
Change-based Test Ecosystem
that matches attributes of tests to attributes
Selection Method Foundation, Continuous
of the code that is changed in a build.
Testing Foundation
The discipline of experimenting on a software
system in production in order to build
Site Reliability
Chaos Engineering confidence in the system's capability to
Engineering
withstand turbulent and unexpected
conditions.
A squad line manager in the Spotify model
who is responsible for traditional people
Chapter Lead management duties, is involved in day to DevOps Leader
day work and grows individual and chapter
competence.
A small family of people having similar skills
and who work within the same general
competency area within the same tribe.
Chapters Chapters meet regularly to discuss DevOps Leader
challenges and areas of expertise in order to
promote sharing, skill development, re-use
and problem solving.
An approach to managing technical and Continuous Delivery
business operations (coined by GitHub) that Ecosystem Foundation,
involves a combination of group chat and DevOps Foundation,
ChatOps
integration with DevOps tools. Example tools Continuous Testing
include: Atlassian HipChat/Stride, Microsoft Foundation, Site
Teams, Slack. Reliability Engineering
Continuous Delivery
Action of submitting a software change into Ecosystem Foundation,
Check‐in
a system version management system. Continuous Testing
Foundation
A subset of regression tests that are run
Continuous Delivery
CI Regression Test immediately after a software component is
Ecosystem Foundation
built. Same as Smoke Test.
© DevOps Institute DevOps Glossary of Terms 10
Continuous Delivery
Same as Glass‐Box Testing and White‐Box Ecosystem Foundation,
Clear‐Box
Testing. Continuous Testing
Foundation
The practice of using remote servers hosted DevSecOps Foundation,
Cloud Computing on the internet to host applications rather Site Reliability
than local servers in a private datacenter. Engineering
Native cloud applications (NCA) are Continuous Delivery
Cloud-Native
designed for cloud computing. Ecosystem Foundation
Cloudbees is a commercially supported
proprietary automation framework tool
Continuous Testing
Cloudbees which works with and enhances Jenkins by
Foundation
providing enterprise levels support and add-
on functionality.
Tools like Kubecost, Replex, Cloudability use
Cluster Cost Site Reliability
monitoring to analyze container clusters and
Optimization Engineering
optimize the resource deployment model.
Tools that let you know the health of your
Site Reliability
Cluster Monitoring deployment environments running in clusters
Engineering
such as Kubernetes.
A group of computers (called nodes or
members) work together as a cluster Continuous Delivery
Clustering
connected through a fast network acting as Ecosystem Foundation
a single system.
A measure of white box test coverage by
Continuous Delivery
counting code units that are executed by a
Ecosystem Foundation,
Code Coverage test. The code unit may be a code
Continuous Testing
statement, a code branch, or control path or
Foundation
data path through a code module.
See also static code analysis, Sonar and
Checkmarks are examples of tools that
automatically check the seven main
Site Reliability
Code Quality dimensions of code quality – comments,
Engineering
architecture, duplication, unit test coverage,
complexity, potential defects, language
rules.
A repository where developers can commit
and collaborate on their code. It also tracks
Code Repository historical versions and potentially identifies DevSecOps Foundation
conflicting versions of the same code. Also
referred to as "repository" or "repo."
Continuous Delivery
Software engineers inspect each other's
Ecosystem Foundation,
Code Review source code to detect coding or code
Continuous Testing
formatting errors.
Foundation
© DevOps Institute DevOps Glossary of Terms 11
Cognitive bias is a limitation in objective
thinking that is caused by the tendency for
the human brain to perceive information
Cognitive Bias through a filter of personal experience and DevOps Leader
preferences: a systematic pattern of
deviation from norm or rationality in
judgment.
People jointly working with others towards a DevOps Foundation,
Collaboration
common goal. DevSecOps Foundation
A culture that applies to everyone which
incorporates an expected set of behaviors,
Collaborative language and accepted ways of working Continuous Delivery
Culture with each other reinforcement by Ecosystem Foundation
leadership.
Continuous Delivery
Test with the purpose to determine if and EUT
Ecosystem Foundation,
Compatibility Test interoperates with another EUT such as peer‐
Continuous Testing
to‐peer applications or protocols.
Foundation
Configuration management (CM) is a
systems engineering process for establishing Continuous Delivery
Configuration and maintaining consistency of a product's Ecosystem Foundation,
Management performance, functional, and physical DevOps Foundation,
attributes with its requirements, design, and DevSecOps Foundation
operational information throughout its life.
Continuous Delivery
The purpose of the test is to determine if an Ecosystem Foundation,
Conformance Test
EUT complies to a standard. Continuous Testing
Foundation
Limitation or restriction; something that DevOps Foundation,
Constraint
constrains. See also bottleneck. DevSecOps Foundation
A way of packaging software into
lightweight, stand-alone, executable DevOps Foundation,
packages including everything needed to DevSecOps Foundation,
Container
run it (code, runtime, system tools, system Site Reliability
libraries, settings) for development, shipment Engineering
and deployment.
Used to prove that any app that can be run
on a container cluster with any other app
Container Network Site Reliability
can be confident that there is no unintended
Security Engineering
use of the other app or any unintended
network traffic between them.
© DevOps Institute DevOps Glossary of Terms 12
Secure and private registry for Container
images. Typically allowing for easy upload
Site Reliability
Container Registry and download of images from the build
Engineering
tools. Docker Hub, Artifactory, Nexus are
examples.
When building a Container image for your
application, tools can run a security scan to
ensure it does not have any known Site Reliability
Container Scanning
vulnerability in the environment where your Engineering
code is shipped. Blackduck, Synopsis, Synk,
Claire and klar are examples.
Continual Service One of the ITIL Core publications and a stage
DevOps Foundation
Improvement (CSI) of the service lifecycle.
Certified Agile Service
Manager, Continuous
A methodology that focuses on making sure Delivery Ecosystem
Continuous Delivery
software is always in a releasable state Foundation, DevOps
(CD)
throughout its lifecycle. Foundation, DevSecOps
Foundation, Continuous
Testing Foundation
A person who is responsible to guide the
Continuous Delivery Continuous Delivery
implementation and best practices for a
(CD) Architect Ecosystem Foundation
continuous delivery pipeline.
A continuous delivery pipeline refers to the
series of processes which are performed on
product changes in stages. A change is
Continuous Delivery
injected at the beginning of the pipeline. A
Continuous Delivery Ecosystem Foundation,
change may be new versions of code, data
Pipeline DevOps Foundation
or images for applications. Each stage
Course, DevOps Leader
processes the artifacts resulting from the prior
stage. The last stage results in deployment to
production.
Each process in a continuous delivery
pipeline. These are not standard. Examples
Continuous Delivery are Design: determine implementation Continuous Delivery
Pipeline Stage changes; Creation: implement an Ecosystem Foundation
unintegrated version of design changes;
Integration: merge
A set of practices that enable every change
Continuous DevOps Foundation,
that passes automated tests to be
Deployment DevSecOps Foundation
automatically deployed to production.
Smoothly moving people or products from DevOps Foundation,
Continuous Flow the first step of a process to the last with DevOps Leader,
minimal (or no) buffers between steps. DevSecOps Foundation
© DevOps Institute DevOps Glossary of Terms 13
Based on Deming's Plan-Do-Check-Act, a
Continuous DevOps Foundation,
model for ensure ongoing efforts to improve
Improvement DevOps Leader
products, processes and services.
Certified Agile Service
Manager, Continuous
A development practice that requires
Delivery Ecosystem
developers to merge their code into trunk or
Continuous Foundation, DevOps
master ideally at least daily and perform tests
Integration (CI) Foundation, Continuous
(i.e. unit, integration and acceptance) at
Testing
every code commit.
Foundation, DevSecOps
Foundation
Tools that provide an immediate feedback
loop by regularly merging, building and
Continuous DevOps Foundation,
testing code. Example tools include:
Integration Tools DevOps Leader
Atlassian Bamboo, Jenkins, Microsoft
VSTS/Azure DevOps, TeamCity.
Continuous Delivery
This is a class of terms relevant to logging,
Continuous Ecosystem Foundation,
notifications, alerts, displays and analysis of
Monitoring (CM) Continuous Testing
test results information.
Foundation
DevOps
This is a class of terms relevant to testing and Foundation, Continuous
Continuous Testing
verification of an EUT in a DevOps Delivery Ecosystem
(CT)
environment. Foundation, Continuous
Testing Foundation
Conversation Cafés are open, hosted
conversations in cafés as well as conferences
Conversation Café DevOps Leader
and classrooms—anywhere people gather to
make sense of our world.
Organizations which design systems are
Continuous Delivery
constrained to produce designs which are
Conway's Law Ecosystem Foundation,
copies of the communication structures of
DevOps Leader
these organizations.
The key cultural value shift toward being
Cooperation vs. highly collaborative and cooperative, and
DevSecOps Foundation
Competition away from internal competitiveness and
divisiveness.
Continuous Delivery
Ecosystem Foundation,
COTS Commercial‐off‐the‐shelf solution
Continuous Testing
Foundation
Certified Agile Process
Something that must happen for an IT Owner, Certified Agile
Critical Success
service, process, plan, project or other Service Manager,
Factor (CSF)
activity to succeed. DevOps Foundation,
DevSecOps Foundation
© DevOps Institute DevOps Glossary of Terms 14
Vehicle for recording and managing
Certified Agile Service
CSI Register improvement opportunities throughout their
Manager
lifecycle (Continual Service Improvement).
A metaphor that visualizes the difference
between observable (above the water) and
Cultural Iceberg DevOps Leader
non-observable (below the waterline)
elements of culture.
Continuous Delivery
Culture The values and behaviors that contribute to
Ecosystem Foundation,
(Organizational the unique psychosocial environment of an
DevOps Foundation,
Culture) organization.
DevSecOps Foundation
A cumulative flow diagram is a tool used in
agile software development and lean
Cumulative Flow product development. It is an
DevOps Leader
Diagram area graph that depicts the quantity of work
in a given state, showing arrivals, time in
queue, quantity in queue, and departure.
A form of value stream map that helps you
Current State Map identify how the current process works and DevOps Leader
where the disconnects are.
CRE is what you get when you take the
Customer Reliability Sire Reliability
principles and lessons of SRE and apply them
Engineer (CRE) Engineering
towards customers.
DevOps Foundation,
A measure of the time from start of work to
Cycle Time DevOps Leader.
ready for delivery.
DevSecOps Foundation
Daily timeboxed event of 15 minutes or less Certified Agile Service
Daily Scrum for the Team to replan the next day of work Manager, DevOps
during a Sprint. Foundation
Continuous Delivery
Ecosystem Foundation,
Dashboard Graphical display of summarized test results.
Continuous Testing
Foundation
Tools that prevent files and content from
Data Loss Protection Site Reliability
being removed from within a service
(DLP) Engineering
environment or organization.
A person responsible for keeping database
Database Reliability Site Reliability
systems that support all user facing services in
Engineer (DBRE) Engineering
production running smoothly.
Continuous Delivery
The number of faults found in a unit E.g. # Ecosystem Foundation,
Defect Density
defects per KLOC, # defects per change. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 15
Certified Agile Process
A shared understanding of expectations that Owner, Certified Agile
Definition of Done the Increment must live up to in order to be Service Manager,
releasable into production. (Scrum.org) DevOps Foundation,
DevOps Leader
Continuous Delivery
The frequency of deliveries. E.g. # deliveries Ecosystem Foundation,
Delivery Cadence
per day, per week, etc. Continuous Testing
Foundation
Continuous Delivery
Set of release items (files, images, etc.) that Ecosystem Foundation,
Delivery Package
are packaged for deployment. Continuous Testing
Foundation
A four-stage cycle for process management,
DevOps Foundation,
Deming Cycle attributed to W. Edwards Deming. Also called
DevSecOps Foundation
Plan-Do-Check-Act (PDCA).
Many projects depend on packages that
may come from unknown or unverified
providers, introducing potential security
Dependency vulnerabilities. There are tools to scan Site Reliability
Firewall dependencies but that is after they are Engineering
downloaded. These tools prevent those
vulnerabilities from being downloaded to
begin with.
For many organizations, it is desirable to have
a local proxy for frequently used upstream
images/packages. In the case of CI/CD, the Site Reliability
Dependency Proxy
proxy is responsible for receiving a request Engineering
and returning the upstream image from a
registry, acting as a pull-through cache.
Used to automatically find security
vulnerabilities in your dependencies while
Dependency you are developing and testing your Site Reliability
Scanning applications. Synopisis, Gemnasium, Retire.js Engineering
and bundler-audit are popular tools in this
area.
The installation of a specified version of
DevOps Foundation,
Deployment software to a given environment (e.g.,
DevSecOps Foundation
promoting a new build into production).
Continuous Delivery
An EUT is designed with features which Ecosystem Foundation,
Design for Testability
enable it to be tested. Continuous Testing
Foundation
Principles for designing, organizing, and
Design Principles managing a DevOps delivery operating DevOps Leader
model.
© DevOps Institute DevOps Glossary of Terms 16
Individuals involved in software development
DevOps Foundation,
Dev activities such as application and software
DevSecOps Foundation
engineers.
Individual who has responsibility to develop Continuous Delivery
changes for an EUT. Alternate: Individuals Ecosystem
Developer (Dev)
involved in software development activities Foundation, Continuous
such as application and software engineers. Testing Foundation
Continuous Delivery
Ensuring that the developer's test
Ecosystem Foundation,
Development Test environment is a good representation of the
Continuous Testing
production test environment.
Foundation
Continuous Delivery
Device Under Test The EUT is a device. E.g. Router or switch is Ecosystem Foundation,
(DUT) being tested. Continuous Testing
Foundation
A cultural and professional movement that
stresses communication, collaboration and
integration between software developers
and IT operations professionals while Certified Agile Service
automating the process of software delivery Manager, DevOps
DevOps
and infrastructure changes. It aims at Foundation, DevSecOps
establishing a culture and environment Foundation
where building, testing, and releasing
software, can happen rapidly, frequently,
and more reliably." (Source: Wikipedia)
Help teams master Agile development and
DevOps Coach DevOps practices; enables productive ways DevOps Leader
of working and collaboration.
Continuous Delivery
The entire set of tools and facilities that make
DevOps Ecosystem Foundation,
up the DevOps system. Includes CI, CT, CM
Infrastructure Continuous Testing
and CD tools.
Foundation
Kaizen is a Japanese word that closely
translates to "change for better," the idea of
continuous improvement—large or small—
involving all employees and crossing
DevOps Kaizen DevOps Leader
organisational boundaries. Damon Edwards'
DevOps Kaizen shows how making small,
incremental improvements (little J's) has an
improved impact on productivity long term.
Continuous Delivery
The entire set of interconnected processes Ecosystem Foundation,
DevOps Pipeline
that make up a DevOps Infrastructure. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 17
A metric showing DevOps adoption across
Site Reliability
DevOps Score an organization and the corresponding
Engineering
impact on delivery velocity.
Continuous Delivery
Ecosystem Foundation,
The tools needed to support a DevOps
DevOps Foundation,
DevOps Toolchain continuous development and delivery cycle
DevSecOps
from idea to value realisation.
Foundation, Continuous
Testing Foundation
A mindset that "everyone is responsible for
Continuous Delivery
security" with the goal of safely distributing
Ecosystem Foundation,
DevSecOps security decisions at speed and scale to
DevOps Foundation,
those who hold the highest level of context
DevSecOps Foundation
without sacrificing the safety required.
The software revisions are stored in a
Distributed Version
distributed revision control system (DRCS), Continuous Delivery
Control System
also known as a distributed version control Ecosystem Foundation
(DVCS)
system (DVCS).
A DMZ in network security parlance is a
network zone in between the public internet
and internal protected resources. Any
DMZ (De-Militarized
application, server, or service (including APIs) DevSecOps Foundation
Zone)
that need to be exposed externally are
typically placed in a DMZ. It is not
uncommon to have multiple DMZs in parallel.
A place where DevOps team members go
for hands-on training. The team is self-
organizing, which means that members will
Dojo first work together to figure out what skills DevOps Foundation
they will need to accomplish a desired goal
and then plan together how to build those
skills.
Dynamic analysis is the testing of an
Continuous Delivery
application by executing data in real-time
Ecosystem Foundation,
Dynamic Analysis with the objective of detecting defects while
Continuous Testing
it is in operation, rather than by repeatedly
Foundation
examining the code offline.
Dynamic
A type of testing that runs against built code
Application Security DevSecOps Foundation
to test exposed interfaces.
Testing (DAST)
Automated function and regression testing of
Continuous Testing
EggPlant enterprise applications. Licensed by Test
Foundation
Plant.
© DevOps Institute DevOps Glossary of Terms 18
Elasticity is a term typically used in cloud
computing, to describe the ability of an
IT infrastructure to quickly expand or cut
back capacity and services without Continuous Delivery
Elastic Infrastructure
hindering or jeopardizing Ecosystem Foundation
the infrastructure's stability, performance,
security, governance or compliance
protocols.
A short summary used to quickly and simply
define a process, product, service, Certified Agile Process
Elevator Pitch
organization, or event and its value Owner
proposition.
Process control model in which decisions are
made based on observation and
Empirical Process Certified Agile Process
experimentation (rather than on detailed
Control Owner
upfront planning) and decisions are based
on what is known.
Employee Net Promoter Score (eNPS) is a
way for organizations to measure employee
loyalty. The Net Promoter Score, originally a DevOps Foundation,
eNPS
customer service tool, was later used DevOps Leader
internally on employees instead of
customers.
This is a class of terms which refers to names
Continuous Delivery
of types of entities that are being tested.
Entity Under Test Ecosystem Foundation,
These terms are often abbreviated to the
(EUT) Continuous Testing
form xUT where "x" represents a type of entity
Foundation
under test.
A big chunk of work, made up of a number Certified Agile Process
Epic
of user stories, with a common objective. Owner
Erik Erikson (1950, 1963) proposed a
psychoanalytic theory of psychosocial
Erickson (Stages of development comprising eight stages from
Psychosocial infancy to adulthood. During each stage, the DevSecOps Foundation
Development) person experiences a psychosocial crisis
which could have a positive or negative
outcome for personality development.
The error budget provides a clear, objective
metric that determines how unreliable a Site Reliability
Error Budget
service is allowed to be within a specific time Engineering
period.
An error budget policy enumerates the
activity a team takes when they've Site Reliability
Error Budget Policies
exhausted their error budget for a particular Engineering
service in a particular time period.
© DevOps Institute DevOps Glossary of Terms 19
Tools to easily discover and show the errors
Site Reliability
Error Tracking that application may be generating, along
Engineering
with the associated data.
Scripts and automation outside of a service Site Reliability
External Automation
that is intended to reduce toil. Engineering
Continuous Delivery
A DevOps tenet referring to the preference
Ecosystem Foundation,
Fail Early to find critical problems as early as possible in
Continuous Testing
a development and delivery pipeline.
Foundation
Continuous Delivery
A DevOps tenet which emphasizes a
Ecosystem Foundation,
Fail Often preference to find critical problems as fast as
Continuous Testing
possible and therefore frequently.
Foundation
DevOps Foundation,
Continuous Delivery
Failure Rate Fail verdicts per unit of time. Ecosystem Foundation,
Continuous Testing
Foundation
Continuous Delivery
A test incorrectly reports a verdict of "fail"
Ecosystem Foundation,
False Negative when the EUT actually passed the purpose of
Continuous Testing
the test.
Foundation
Continuous Delivery
A test incorrectly reports a verdict of "pass"
Ecosystem Foundation,
False Positive when the EUT actually failed the purpose of
Continuous Testing
the test.
Foundation
DevOps Foundation,
The practice of using software switches to
Continuous Delivery
hide or activate features. This enables
Feature Toggle Ecosystem Foundation,
continuous integration and testing a feature
Continuous Testing
with selected stakeholders.
Foundation
A central identity used for access to a wide
range of applications, systems, and services,
but with a particular skew toward web-
based applications. Also, often referenced
Federated Identity DevSecOps Foundation
as Identity-as-a-Service (IDaas). Any identity
that can be reused across multiple sites,
particularly via SAML or OAuth
authentication mechanisms.
A planned failure testing process focussed on
the operation of live services including
Site Reliability
Fire Drills service failure testing as well as
Engineering
communication, documentation, and other
human factor testing.
© DevOps Institute DevOps Glossary of Terms 20
How people, products or information move DevOps Foundation,
Flow through a process. Flow is the first way of The DevOps Leader,
Three Ways. DevSecOps Foundation
A form of map that shows the end-to-end
Flow of Value value stream. This view is usually not DevOps Leader
available within the enterprise.
Continuous Delivery
Backbone for plugging in tools. Launches
Ecosystem Foundation,
Framework automated tasks, collects results from
Continuous Testing
automated tasks.
Foundation
A core cultural value that with the freedom
of self-management (such as afforded by
Freedom and DevOps) comes the responsibility to be
DevSecOps Foundation
Responsibility diligent, to follow the advice process and to
take ownership of both successes and
failures.
Frequency How often an application is released. DevOps Leader
Tests to determine if the functional operation Site Reliability
Functional Testing
of the service is as expected. Engineering
A form of value stream map that helps you
develop and communicate what the target
Future State Map DevOps Leader
end state should look like and how to tackle
the necessary changes.
Fuzzing or fuzz testing is an automated
software testing practice that inputs invalid,
Fuzzing DevSecOps Foundation
unexpected, or random data into
applications.
Define and obtain consensus for criterion of
changes promoted between all CD pipeline
Continuous Delivery
Gated Commits stages such as: Dev to CI stage / CI to
Ecosystem Foundation
packaging / delivery stage / Delivery to
Deployment/Production stage.
In a generative organization alignment takes
place through identification with the mission.
The individual ''buys into'' what he or she is
Generative supposed to do and its effect on the
DevOps Leader
(DevOps) Culture outcome. Generative organizations tend to
be proactive in getting the information to the
right people by any means. necessary.
(Westrum)
A cultural view wherein long-term outcomes
are of primary focus, which in turn drives
Generativity DevSecOps Foundation
investments and cooperation that enable an
organization to achieve those outcomes.
© DevOps Institute DevOps Glossary of Terms 21
Continuous Delivery
Same as Clear‐Box Testing and White‐Box Ecosystem Foundation,
Glass‐Box
Testing. Continuous Testing
Foundation
Process Owner who oversees a single, global
Global Process process. A Global Process Owner (who may Certified Agile Process
Owner reside in a SMO) may oversee one or more Owner
Regional Process Managers.
The purpose of the test is to determine an
EUT's performance boundaries, using Continuous Delivery
incrementally stresses until the EUT reaches a Ecosystem Foundation,
Goal‐seeking tests
peak performance. E.g. Determine the Continuous Testing
maximum throughput that can be handled Foundation
without errors.
A model by Simon Sinek that emphasizes an
Golden Circle understanding of the business' "why" before DevOps Foundation
focusing on the "what" and "how".
A template for a virtual machine (VM), virtual
Golden Image desktop, server or hard disk drive. DevSecOps Foundation
(TechTarget)
Daniel Goleman (2002) created the Six
Goleman's Six Styles Leadership Styles and found, in his research,
DevOps Leader
of Leadership that leaders used one of these styles at any
one time.
A software platform intended for
concentrating governance, compliance and
risk management data, including policies,
compliance requirements, vulnerability data,
and sometimes asset inventory, business
Governance, Risk
continuity plans, etc. In essence, a
Management and DevSecOps Foundation
specialized document and data repository
Compliance (GRC)
for security governance. Or a team of
people who specialize in IT/security
governance, risk management and
compliance activities. Most often non-
technical business analyst resources.
Continuous Delivery
Test cases use a limited knowledge of the Ecosystem Foundation,
Gray‐Box
internal design structure of the EUT. Continuous Testing
Foundation
Continuous Delivery
The purpose of the test is to determine if the
Ecosystem Foundation,
GUI testing graphical user interface operates as
Continuous Testing
expected.
Foundation
© DevOps Institute DevOps Glossary of Terms 22
A "community of interest" group that
welcomes anyone and usually cuts across an DevOps Foundation,
Guilds
entire organization. Similar to a Community DevOps Leader
of Practice.
The procedure for transferring the
DevOps Foundation,
Hand Offs responsibility of a particular task from one
DevOps Leader
individual or team to another.
Securing a server or infrastructure
environment by removing or disabling
unnecessary software, updating to known
good versions of the operating system,
Hardening restricting network-level access to only that DevSecOps Foundation
which is needed, configuring logging in order
to capture alerts, configuring appropriate
access management and installing
appropriate security tools.
Helm charts are what describe related
Kubernetes resources. Artifactory and Site Reliability
Helm Chart Registry
Codefresh support a registry for maintaining Engineering
master records of Helm Charts.
Heritage Reliability Applying the principles and practices of SRE Site Reliability
Engineer (HRE) to legacy applications and environments. Engineering
Organizations with a high-trust culture
encourage good information flow, cross-
High-Trust Culture functional collaboration, shared DevOps Foundation
responsibilities, learning from failures and new
ideas.
Computing resources are scaled wider to Continuous Delivery
increase the volume of processing. E.g. Add Ecosystem Foundation,
Horizontal Scaling
more computers and run more tasks in Continuous Testing
parallel. Foundation
CM tools (e.g., Puppet, Chef, Ansible, and
Salt) claim that they are 'idempotent' by
allowing the desired state of a server to be Continuous Delivery
Idempotent
defined as code or declarations and Ecosystem Foundation
automate steps necessary to consistently
achieve the defined state time‐after‐time.
The unique name of a person, device, or the
combination of both that is recognized by a
Identity DevSecOps Foundation
digital system. Also referred to as an
"account" or "user."
Policies, procedures and tools for ensuring
Identity and Access
the right people have the right access to DevSecOps Foundation
Management (IAM)
technology resources.
© DevOps Institute DevOps Glossary of Terms 23
Identity and access management services
Identity as a Service
that are offered through the cloud or on a DevSecOps Foundation
(IDAAS)
subscription basis.
Build images are pre‐assigned test cases. Continuous Delivery
Image‐based test Tests cases are selected for a build by Ecosystem Foundation,
selection method matching the image changes resulting from Continuous Testing
a build. Foundation
A learning approach that guides teams with
Immersive learning coaching and practice to help them learn to DevOps Leader
work in a new way.
An immutable object is an object whose
state cannot be modified after it is created. Continuous Delivery
Immutable
The antonym is a mutable object, which can Ecosystem Foundation
be modified after it is created.
Instead of instantiating an instance (server,
container, etc.), with error‐prone, time‐ Continuous Delivery
Immutable consuming patches and upgrades (i.e. Ecosystem Foundation,
Infrastructures mutations), replace it with another instance Site Reliability
to introduce changes or ensure proper Engineering
behavior.
Certified Agile Process
Anything that prevents a team member from Owner, Certified Agile
Impediment
performing work as efficiently as possible. Service Manager,
DevOps Foundation
Agile Service
Anything that prevents a team member from
Impediment (Scrum) Management, DevOps
performing work as efficiently as possible.
Foundation
Continuous Delivery
Implementation The EUT is a software implementation. E.g. Ecosystem Foundation,
Under Test Embedded program is being tested. Continuous Testing
Foundation
A structured way to create a culture of
continuous learning and improvement. (In
Japanese business, Kata is the idea of doing
Improvement Kata things the "correct" way. An organization's DevOps Foundation
culture can be characterized as its Kata
through its consistent role modeling,
teaching and coaching.)
A system designed to motivate people to
complete tasks toward achieving objectives.
Incentive model DevSecOps Foundation
The system may employ either positive or
negative consequences for motivation.
Any unplanned interruption to an IT service or
reduction in the quality of an IT service. DevOps Foundation,
Incident
Includes events that disrupt or could disrupt DevSecOps Foundation
the service. (ITIL definition)
© DevOps Institute DevOps Glossary of Terms 24
Process that restores normal service
operation as quickly as possible to minimize
business impact and ensure that agreed DevOps Foundation,
Incident levels of service quality are maintained. (ITIL DevSecOps Foundation,
Management definition). Involves capturing the who, Site Reliability
what, when of service incidents and the Engineering
onward use of this data in ensuring service
level objectives are being met.
An organized approach to addressing and
managing the aftermath of a security
DevSecOps Foundation,
breach or attack (also known as an
Incident Response Site Reliability
incident). The goal is to handle the situation
Engineering
in a way that limits damage and reduces
recovery time and costs.
Certified Agile Service
Potentially shippable completed work that is
Increment Manager, DevOps
the outcome of a Sprint.
Foundation
Incremental rollout means deploying many
small, gradual changes to a service instead
of a few large changes. Users are
incrementally moved across to the new Site Reliability
Incremental Rollout
version of the service until eventually all users Engineering
are moved across. Sometimes referred to by
colored environments e.g. Blue/green
deployment.
All of the hardware, software, networks,
facilities, etc., required to develop, test,
deliver, monitor and control or support IT
DevOps Foundation,
Infrastructure services. The term IT infrastructure includes all
DevSecOps Foundation
of the information technology but not the
associated people, processes and
documentation. (ITIL definition)
Infrastructure as The practice of using code (scripts) to DevOps Foundation,
Code configure and manage infrastructure. DevSecOps Foundation
The purpose of the test is to verify the Continuous Delivery
framework for EUT operating. E.g. verify Ecosystem Foundation,
Infrastructure Test
specific operating system utilities function as Continuous Testing
expected in the target environment. Foundation
Continuous Delivery
Infrastructure‐as‐a‐ On‐demand access to a shared pool of Ecosystem Foundation,
Service (IaaS) configurable computing resources. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 25
An integrated development environment
(IDE) is a software suite that consolidates the
basic tools developers need to write and test
software. Typically, an IDE contains a code
Integrated editor, a compiler or interpreter and a
development debugger that the developer accesses DevSecOps Foundation
environment (IDE) through a single graphical user interface
(GUI). An IDE may be a standalone
application, or it may be included as part of
one or more existing and compatible
applications. (TechTarget)
Linting is the process of running a program
Integrated
that will analyze code for potential errors
development
(e.g., formatting discrepancies, non- DevSecOps Foundation
environment (IDE)
adherence to coding standards and
'lint' checks
conventions, logical errors).
A network of physical devices that connect
DevOps Foundation,
Internet of Things to the internet and potentially to each other
DevSecOps Foundation
through web-based wireless services.
Scripts and automation delivered as part of Site Reliability
Internal Automation
the service that is intended to reduce toil. Engineering
A mnemonic was created by Bill Wake as a
Certified Agile Service
INVEST reminder of the characteristics of a quality
Manager
user story.
A family of standards that provide principles
ISO 31000 DevSecOps Foundation
and generic guidelines on risk management.
International standard for IT service
management. ISO/IEC 20000 is used to audit
ISO/IEC 20000 DevOps Foundation
and certify service management
capabilities.
A process for capturing, tracking, and
Issue Management resolving bugs and issues throughout the DevSecOps Foundation
software development lifecycle.
Set of best practice publications for IT service
management. Published in a series of five
core books representing the stages of the IT
IT Infrastructure Certified Agile Process
service lifecycle which are: Service Strategy,
Library (ITIL) Owner
Service Design, Service Transition, Service
Operation and Continual Service
Improvement.
A service provided to a customer from an IT
IT Service DevOps Foundation
organization.
Implementation and management of quality Certified Agile Process
IT Service
IT services that meet the needs of the Owner, Site Reliability
Management (ITSM)
business. (ITIL definition) Engineering
© DevOps Institute DevOps Glossary of Terms 26
Tool licensed by Spirent Communications for Continuous Testing
iTest
creating automated test cases. Foundation
Set of best practice publications for IT service
management. Published in a series of five
Certified Agile Service
core books representing the stages of the IT
Manager, DevOps
ITIL service lifecycle which are: Service Strategy,
Foundation, Site
Service Design, Service Transition, Service
Reliability Engineering
Operation and Continual Service
Improvement.
Jenkins is a freeware tool. It is the most
popular master automation framework tool,
Continuous Delivery
especially for continuous integration task
Ecosystem
Jenkins automation. Jenkins task automation centers
Foundation, Continuous
around timed processes. Many test tools and
Testing Foundation
other tools offer plugins to simplify integration
with Jenkins.
Kaizen The practice of continuous improvement. DevOps Foundation
Certified Agile Service
Method of work that pulls the flow of work
Kanban Manager, DevOps
through a process at a manageable pace.
Foundation
Tool that helps teams organize, visualize and
Kanban Board DevOps Foundation
manage work.
The drama triangle is a social model of
Karpman Drama human interaction. The triangle maps a type
DevOps Leader
Triangle of destructive interaction that can occur
between people in conflict.
Something that is measured and reported
DevOps Foundation,
Key Metrics upon to help manage a process, IT service or
DevOps Leader
activity.
Key metric used to measure the
Certified Agile Process
Key Performance achievement of critical success factors. KPIs
Owner, Certified Agile
Indicator underpin critical success factors and are
Service Manager
measured as a percentage.
Key metric used to measure the
Certified Agile Service
Key Performance achievement of critical success factors. KPIs
Manager, DevOps
Indicator (KPI) underpin critical success factors and are
Foundation
measured as a percentage. (ITIL definition)
Continuous Delivery
Test cases are created using pre‐defined
Ecosystem Foundation,
Keywords‐Based names that reference programs useful for
Continuous Testing
testing.
Foundation
Process that ensures the right information is DevOps
Knowledge
delivered to the right place or person at the Foundation, DevSecOps
Management
right time to enable an informed decision. Foundation
© DevOps Institute DevOps Glossary of Terms 27
Problem with a documented root cause and DevOps Foundation,
Known Error
a workaround. (ITIL definition) DevSecOps Foundation
David Kolb published his learning styles
model in 1984; his experiential learning theory
Kolb's Learning Styles DevOps Leader
works on two levels: a four stage cycle of
learning and four separate learning styles.
John Kotter describes the need for a dual
operating system that combines the
Kotter's Dual
entrepreneurial capability of a network with DevOps Leader
Operating System
the organisational efficiency of traditional
hierarchy.
Kubernetes is an open-source container-
orchestration system for automating
application deployment, scaling, and Site Reliability
Kubernetes
management. It was originally designed by Engineering
Google, and is now maintained by the Cloud
Native Computing Foundation.
Describes and predicts the stages of
Kubler-Ross Change
personal and organizational reaction to DevOps Foundation
Curve
major changes.
Category of cloud computing services that
Continuous Delivery
provides a laboratory allowing customers to
Lab‐as‐a‐Service Ecosystem Foundation,
test applications without the complexity of
(LaaS) Continuous Testing
building and maintaining the lab
Foundation
infrastructure.
Laloux (Culture Frederic Laloux created a model for
DevSecOps Foundation
Models) understanding organizational culture.
Latency is the delay incurred in
communicating a message, the time a
message spends “on the wire” between the Site Reliability
Latency
initial request being received e.g. by a server Engineering
and the response being recieved e.g. by a
client.
In his book 'The Fifth Discipline', Peter Senge
outlines eleven laws will help the
Laws of Systems
understanding of business systems and to DevOps Leader
Thinking
identify behaviors for addressing complex
business problems.
Production philosophy that focuses on
Lean reducing waste and improving the flow of DevOps Leader
processes to improve overall customer value.
Spare, economical. Lacking richness or DevOps Foundation,
Lean (adjective)
abundance. DevSecOps Foundation
© DevOps Institute DevOps Glossary of Terms 28
Production philosophy that focuses on
DevOps Foundation,
Lean (production) reducing waste and improving the flow of
DevSecOps Foundation
processes to improve overall customer value.
Lean Canvas is a 1-page business plan
Lean Canvas DevOps Leader
template.
Organization that strategically applies the
DevOps Foundation,
Lean Enterprise key ideas behind lean production across the
DevSecOps Foundation
enterprise.
Applying the key ideas behind lean
DevOps Foundation,
Lean IT production to the development and
DevSecOps Foundation
management of IT products and services.
Lean production philosophy derived mostly DevOps Foundation,
Lean Manufacturing
from the Toyota Production System. DevSecOps Foundation
Lean Product Development, or LPD, utilizes
Lean Product
Lean principles to meet the challenges of DevOps Leader
Development
Product Development.
Management approach that combines the
concepts of Lean Manufacturing and Six Certified Agile Process
Lean Six Sigma
Sigma by removing 'waste' and reducing Owner
'defects'.
A system for developing a business or
Lean Startup product in the most efficient way possible to DevOps Leader
reduce the risk of failure.
The goal of lean thinking is to create more
value for customers with fewer resources and Certified Agile Service
Lean Thinking
less waste. Waste is considered any activity Manager
that does not add value to the process.
Tools, such as Blackduck and Synopsis, that
check that licenses of your dependencies Site Reliability
License Scanning
are compatible with your application, and Engineering
approve or blacklist them.
A theorem by John Little which states that
the long-term average number L of
customers in a stationary system is equal to
Little's Law DevOps Leader
the long-term average effective arrival
rate λ multiplied by the average time W that
a customer spends in the system.
Continuous Delivery
Tool used to test applications, measuring
Ecosystem Foundation,
LoadRunner system behavior and performance under
Continuous Testing
load. Licensed by HP.
Foundation
© DevOps Institute DevOps Glossary of Terms 29
Continuous Delivery
Serialized report of details such as test Ecosystem Foundation,
Log
activities and EUT console logs. Continuous Testing
Foundation
The collective processes and policies used to
administer and facilitate the generation,
Log Management transmission, analysis, storage, archiving and DevSecOps Foundation
ultimate disposal of the large volumes of log
data created within an information system.
The capture, aggregation and storage of all
logs associated with system performance
including, but not limited to, process calls, Site Reliability
Logging
events, user data, responses, error and status Engineering
codes. Logstash and Nagios are popular
examples.
A string of malicious code used to cause
Logic Bomb (Slag
harm to a system when the programmed DevSecOps Foundation
Code)
conditions are met.
Continuous Delivery
The purpose of the test is to determine if a
Ecosystem Foundation,
Longevity Test complete system performs as expected over
Continuous Testing
an extended period of time
Foundation
Data analysis that uses algorithms that learn
Machine Learning DevOps Foundation
from data.
A program designed to gain access to
computer systems, normally for the benefit of
Malware DevSecOps Foundation
some third party, without the user’s
permission
The practice of using at least 2 factors for
Many-factor
authentication. The two factors can be of DevSecOps Foundation
Authentication
the same class.
Mean Time Between DevOps Foundation,
Used to measure deployment frequency.
Deploys DevSecOps Foundation
Average time that a CI or IT service can
perform its agreed function without
Mean Time Between interruption. Often used to measure reliability. DevOps Foundation,
Failures (MTBF) Measured from when the CI or service starts DevSecOps Foundation
working, until the time it fails (uptime). (ITIL
definition)
Continuous Delivery
Ecosystem Foundation,
Mean Time to
Average time required to detect a failed DevOps Foundation,
Detect
component or device. DevSecOps Foundation,
Incidents
Site Reliability
(MTTD)
Engineering
© DevOps Institute DevOps Glossary of Terms 30
Mean Time to How long a vulnerability or software
DevSecOps Foundation
Discovery bug/defect exists before it's identified.
How long it takes to apply patches to
Mean Time to Patch environments once a vulnerability has been DevSecOps Foundation
identified.
Average time required to
Mean Time to repair/recover a failed component or DevOps Foundation,
Repair/Recover device. MTTR does not include the time DevSecOps Foundation
(MTTR) required to recover or restore service. Site Reliability
Engineering
Used to measure time from when the CI or IT
DevOps Foundation,
Mean Time to service fails until it is fully restored and
DevSecOps Foundation,
Restore Service delivering its normal functionality
Site Reliability
(MTRS) (downtime). Often used to measure
Engineering
maintainability. (ITIL definition).
A mental model is an explanation of
Mental Models someone's thought process about how DevOps Leader
something works in the real world.
Continuous Delivery
Action of integrating a software changes
Ecosystem Foundation,
Merge together into a software version
Continuous Testing
management system.
Foundation
Something that is measured and reported
DevOps Foundation,
Metric upon to help manage a process, IT service or
DevSecOps Foundation
activity.
Continuous Delivery
This is a class of terms relevant to
Ecosystem Foundation,
Metrics measurements used to monitor the health of
Continuous Testing
a product or infrastructure.
Foundation
A software architecture that is composed of
smaller modules that interact through APIs
Microservices DevOps Foundation
and can be updated without affecting the
entire system.
A person's usual attitude or mental state is
Mindset DevOps Leader
their mindset.
Activities that must be performed to provide
Minimum Critical Certified Agile Process
evidence of compliance with a given
Activities Owner
process.
Certified Agile Service
Most minimal version of a product that can
Minimum Viable Manager, DevOps
be released and still provide enough value
Product Foundation, DevOps
that people are willing to use it.
Leader
© DevOps Institute DevOps Glossary of Terms 31
Mock is a method/object that simulates the
behavior of a real method/object in Continuous Delivery
controlled ways. Mock objects are used in Ecosystem Foundation,
Mock Object
unit testing. Often a method under a test Continuous Testing
calls other external services or methods Foundation
within it. These are called dependencies.
Representation of a system, process, IT
service, CI, etc. that is used to help
understand or predict future behavior. In the
Model DevSecOps Foundation
context of processes, models represent pre-
defined steps for handling specific types of
transactions.
Continuous Delivery
Test cases are automatically derived from a
Ecosystem Foundation,
Model‐Based model of the entity under test. Example tool:
Continuous Testing
Tricentus
Foundation
The use of a hardware or software
Site Reliability
Monitoring component to monitor the system resources
Engineering
and performance of a computer service.
Tools that allow IT organizations to identify
Monitoring Tools specific issues of specific releases and to DevOps Leader
understand the impact on end-users.
A software system is called "monolithic" if it
has a monolithic architecture, in which
functionally distinguishable aspects (for
example data input and output, data Continuous Delivery
Monolithic
processing, error handling, and the user Ecosystem Foundation
interface) are all interwoven, rather than
containing architecturally separate
components.
The practice of using 2 or more factors for
Multi-factor
authentication. Often used synonymously DevSecOps Foundation
Authentication
with 2-factor Authentication.
Multi‐cloud DevOps solutions provide on‐
Continuous Delivery
Multi‐cloud demand multi‐tenant access to
Ecosystem Foundation
development and test environments.
Someone who applies a reliability
Network Reliability Site Reliability
engineering approach to measure and
Engineer (NRE) Engineering
automate the reliability of networks.
Describes the ability of the brain to form and
reorganize synaptic connections, especially
Neuroplasticity DevOps Leader
in response to learning or experience or
following injury.
Neuroscience The study of the brain and nervous system. DevOps Leader
© DevOps Institute DevOps Glossary of Terms 32
Requirements that specify criteria that can
be used to judge the operation of a system,
Non-functional
rather than specific behaviors or functions DevOps Foundation
requirements
(e.g., availability, reliability, maintainability,
supportability); qualities of a system.
Defined as a type of service testing intending
to check non-functional aspects such as Site Reliability
Non-functional tests
performance, usability and reliability of a Engineering
software service.
Continuous Delivery
Object Under Test The EUT is a software object or class of Ecosystem Foundation,
(OUT) objects. Continuous Testing
Foundation
Certified Agile Process
Objective An aim or goal of a process.
Owner
Observability is focused on externalizing as
much data as you can about the whole Site Reliability
Observability
service allowing us to infer what the current Engineering
state of that service is.
Being on-call means someone being
available during a set period of time, and
Site Reliability
On-call being ready to respond to production
Engineering
incidents during that time with appropriate
urgency.
Software that is distributed with its source
DevOps Foundation,
Open Source code so that end user organizations and
DevSecOps Foundation
vendors can modify it for their own purposes.
Agreement between an IT service provider
Operational Level Certified Agile Process
and another part of the same organization.
Agreement Owner
(ITIL definition)
Individuals involved in the daily operational
activities needed to deploy and manage
systems and services such as quality
Continuous Delivery
Operations (Ops) assurance analysts, release managers,
Ecosystem Foundation
system and network administrators,
information security officers, IT operations
specialists and service desk analysts.
© DevOps Institute DevOps Glossary of Terms 33
Function that performs the daily activities
Operations needed to deliver and support IT services
DevSecOps Foundation
Management and the supporting IT infrastructure at the
agreed levels. (ITIL)
Individuals involved in the daily operational
activities needed to deploy and manage
systems and services such as quality
DevOps Foundation,
Ops assurance analysts, release managers,
DevSecOps Foundation
system and network administrators,
information security officers, IT operations
specialists and service desk analysts.
An approach to building automation that
DevOps Foundation,
Orchestration interfaces or "orchestrates" multiple tools
DevSecOps Foundation
together to form a toolchain.
A system of shared values, assumptions,
Organization Culture beliefs, and norms that unite the members of DevOps Leader
an organization.
For DevOps, an approach that models
Organization Model DevOps Leader
Spotify's Squad approach for organizing IT.
Efforts to adapt the behavior of humans
Organizational DevOps Foundation,
within an organization to meet new
Change DevSecOps Foundation
structures, processes or requirements.
A method for splitting a server into multiple
partitions called "containers" or "virtual
OS Virtualization DevOps Foundation
environments" in order to prevent
applications from interfering with each other.
DevOps Foundation,
Outcome Intended or actual results.
DevSecOps Foundation
Deliverable produced by a process activity
Certified Agile Process
Output (e.g., information, plans, documents, records,
Owner
reports and so forth).
A repository for software packages, artifacts
and their corresponding metadata. Can
Site Reliability
Package Registry store files produced by an organization itself
Engineering
or for third party binaries. Artifactory and
Nexus are amongst the most popular.
Something for creating supporting web
Site Reliability
Pages pages automatically as part of a CI/CD
Engineering
pipeline.
A software update designed to address
Patch DevSecOps Foundation
(mitigate/remediate) a bug or weakness.
© DevOps Institute DevOps Glossary of Terms 34
The process of identifying and implementing
Patch management DevSecOps Foundation
patches.
Pathological cultures tend to view
DevOps Leader, Site
Pathological Culture information as a personal resource, to be
Reliability Engineering
used in political power struggles (Westrum).
An authorized simulated attack on a
computer system that looks for security
Penetration Testing DevSecOps Foundation
weaknesses, potentially gaining access to
the system's features and data.
Focuses on changing attitudes, behaviors,
People Changes DevOps Leader
skills, or performance of employees.
The purpose of the test is to determine an EUT Continuous Delivery
meets its system performance criterion or to Ecosystem Foundation,
Performance Test
determine what a system's performance Continuous Testing
capabilities are. Foundation
Formal, approved document that describes
Certified Agile Process
Plan the capabilities and resources needed to
Owner
achieve a result.
Certified Agile Process
A four-stage cycle for process management Owner, Certified Agile
and improvement attributed to W. Edwards Service
Plan-Do-Check-Act
Deming. Sometimes called the Deming Manager, DevOps
Cycle or PDCA. Foundation, DevSecOps
Foundation
Category of cloud computing services that
Continuous Delivery
provides a platform allowing customers to
Platform‐as‐a‐ Ecosystem Foundation,
develop, run, and manage applications
Service (PaaS) Continuous Testing
without the complexity of building and
Foundation
maintaining the infrastructure.
A pre‐programmed integration between an Continuous Delivery
Orchestration tool and other tools. For Ecosystem Foundation,
Plugin
example, many tools offer plugins to Continuous Testing
integrate with Jenkins. Foundation
Formal documents that define boundaries in
DevOps Foundation,
Policies terms of what the organization may or may
DevSecOps Foundation
not do as part of its operations.
Formal document that describes the overall
Certified Agile Process
Policy intentions and direction of a service provider,
Owner
as expressed by senior management.
© DevOps Institute DevOps Glossary of Terms 35
The notion that security principles and
concepts can be articulated in code (e.g.,
software, configuration management,
automation) to a sufficient degree that the
need for an extensive traditional policy
Policy as Code framework is greatly reduced. Standards and DevSecOps Foundation
guidelines should be implemented in code
and configuration, automatically enforced
and automatically reported-on in terms of
compliance, variance or suspected
violations.
Review that takes place after a change or a
Certified Agile Service
Post Implementation project has been implemented that assesses
Manager, DevOps
Review (PIR) whether the change was successful and
Foundation
opportunities for improvement.
Increment of work that is "done" and Certified Agile Service
Potentially
capable of being released if it makes sense Manager, DevOps
Shippable Product
to do so. Foundation
This is a class of terms which refers names of Continuous Delivery
activities and processes that are conducted Ecosystem Foundation,
Pre‐Flight
on an EUT prior to integration into the trunk Continuous Testing
branch. Foundation
The relative importance of an incident,
DevOps Foundation,
Priority problem or change; based on impact and
DevSecOps Foundation
urgency. (ITIL definition)
Technologies that help organizations provide
secured privileged access to critical assets
Privileged Access
and meet compliance requirements by DevSecOps Foundation
Management (PAM)
securing, managing and monitoring
privileged accounts and access. (Gartner)
The underlying cause of one or more DevOps Foundation,
Problem
incidents. (ITIL definition) DevSecOps Foundation
Step‐by‐step instructions that describe how Certified Agile Service
Procedure
to perform the activities in a process. Manager
Structured set of activities designed to
accomplish a specific objective. A process Certified Agile Service
takes inputs and turns them into defined Manager, DevOps
Process
outputs. Related work activities that take Foundation, DevSecOps
specific inputs and produce specific outputs Foundation
that are of value to a customer.
Prioritized list of everything that needs to be
Certified Agile Service
Process Backlog designed or improved for a process including
Manager
current and future requirements.
© DevOps Institute DevOps Glossary of Terms 36
Focuses on changes to standard IT process,
such as software development practices, ITIL
Process Changes DevOps Leader
processes, change management, approvals
etc.
Certified Agile Service
Process Customer Recipient of a process' output.
Manager
Team of individuals that designs or redesigns
Process a process and determines how best to Certified Agile Process
Improvement Team implement the new process across the Owner
organization.
Individual responsible for operational (day- Certified Agile Process
Process Manager
to-day) management of a process. Owner
Role accountable for the overall quality of a
DevOps Foundation,
process. May be assigned to the same
DevSecOps
Process Owner person who carries out the Process Manager
Foundation, Certified
role, but the two roles may be separate in
Agile Service Manager
larger organizations. (ITIL definition)
Person accountable for the overall quality of
Certified Agile Service
Process Owner a process and the owner of the Process
Manager
Backlog.
A high-level event to define the goals,
Process Planning objectives, inputs, outcomes, activities, Certified Agile Service
Meeting stakeholders, tools and other aspects of Manager
a process. This meeting is not timeboxed.
Certified Agile Service
Process Supplier Creator of process input.
Manager
The period during which one or more inputs
are transformed into a finished product by a
Processing Time DevOps Leader
manufacturing or development procedure.
(Business Dictionary)
Certified Agile Process
Prioritized list of functional and non-functional
Owner, Certified Agile
Product Backlog requirements for a system usually expressed
Service Manager,
as user stories.
DevOps Foundation
Ongoing process of adding detail, estimates
Product Backlog Certified Agile Service
and order to backlog items. Sometimes
Refinement Manager
referred to as Product Backlog grooming.
Certified Agile Process
An individual responsible for maximizing the
Owner, Certified Agile
value of a product and for managing the
Product Owner Service Manager,
product backlog. Prioritizes, grooms, and
DevOps Foundation,
owns the backlog. Gives the squad purpose.
DevOps Leader
© DevOps Institute DevOps Glossary of Terms 37
Continuous Delivery
Test cases are created by writing code in a
Ecosystem Foundation,
Programming‐Based programming language. E.g. JavaScript,
Continuous Testing
Python, TCL, Ruby
Foundation
Temporary endeavor undertaken to create a Certified Agile Process
Project
unique product, service or result. Owner
Tools that provide platforms for provisioning
Provision Platforms DevOps Leader
infrastructure (e.g., Puppet, Chef, Salt).
Psychological safety is a shared belief that
Psychological Safety DevOps Leader
the team is safe for interpersonal risk taking.
Quick Test Professional is a functional and
Continuous Testing
QTP regression test automation tool for software
Foundation
applications. Licensed by HP.
Tools that handle test case planning, test
Quality execution, defect tracking (often into Site Reliability
Management backlogs), severity and priority analysis. CA’s Engineering
Agile Central
Maps roles and responsibilities to the Certified Agile Process
RACI Matrix
activities of a process or project. Owner
GUI test automation framework for testing of
Continuous Testing
Ranorex desktop, web‐based and mobile
Foundation
applications. Licensed by Ranorex.
Encrypts the files on a user’s device or a
network’s storage devices. To restore access
to the encrypted files, the user must pay a
Ransomware DevSecOps Foundation
“ransom” to the cybercriminals, typically
through a tough-to-trace electronic
payment method such as Bitcoin.
Continuous Delivery
The purpose of the test is to determine if a
Ecosystem Foundation,
Regression testing new version of an EUT has broken somethings
Continuous Testing
that worked previously.
Foundation
The purpose of the test is to determine if an
Continuous Delivery
EUT conforms to specific regulatory
Regulatory Ecosystem Foundation,
requirements. E.g. verify an EUT satisfies
compliance testing Continuous Testing
government regulations for consumer credit
Foundation
card processing.
Continuous Delivery
Software that is built, tested and deployed Ecosystem Foundation,
Release
into the production environment. DevOps Foundation,
DevSecOps Foundation
© DevOps Institute DevOps Glossary of Terms 38
Measurable attributes for a release package Continuous Delivery
Release which determine whether a release Ecosystem Foundation,
Acceptance Criteria candidate is acceptable for deployment to Continuous Testing
customers. Foundation
Continuous Delivery
A release package that has been prepared
Ecosystem Foundation,
Release Candidate for deployment, may or may not have
Continuous Testing
passed the Release.
Foundation
Release Governance is all about the controls
and automation (security, compliance, or
Release otherwise) that ensure your releases are Site Reliability
Governance managed in an auditable and trackable Engineering
way, in order to meet the need of the
business to understand what is changing.
Process that manages releases and
Release DevOps Foundation,
underpins Continuous Delivery and the
Management DevSecOps Foundation
Deployment Pipeline.
Typically a deployment pipeline, used to
detect any changes that will lead to
Release problems in production. Orchestrating other Site Reliability
Orchestration tools will identify performance, security, or Engineering
usability issues. Tools like Jenkins and Gitlab CI
can “orchestrate” releases.
Time-boxed event that establishes the goals,
Certified Agile Process
Release Planning risks, features, functionality, delivery date and
Owner, Certified Agile
Meeting cost of a release. It also includes prioritizing
Service Manager
the Product Backlog.
Continuous Delivery
A Continuous Testing tenet which emphasizes
Ecosystem Foundation,
Relevance a preference to focus on the most important
Continuous Testing
tests and test results
Foundation
Measure of how long a service, component DevOps Foundation,
or CI can perform its agreed function without DevSecOps Foundation,
Reliability
interruption. Usually measured as MTBF or Site Reliability
MTBSI. (ITIL definition) Engineering
The purpose of the test is to determine if a Continuous Delivery
complete system performs as expected Ecosystem Foundation,
Reliability Test
under stressful and loaded conditions over Continuous Testing
an extended period of time. Foundation
Action to resolve a problem found during Continuous Delivery
DevOps processes. E.g. Roll‐back changes Ecosystem Foundation,
Remediation
for an EUT change that resulted in a CT a test Continuous Testing
case fail verdict. Foundation
Plan that determines the actions to take after DevOps Foundation,
Remediation Plan
a failed change or release. (ITIL definition) DevSecOps Foundation
© DevOps Institute DevOps Glossary of Terms 39
Formal proposal to make a change. The term
Request for Change
RFC is often misused to mean a change DevOps Foundation
(RFC)
record, or the change itself. (ITIL definition)
Tools than handle requirements definition,
Requirements traceability, hierarchies & dependency. Site Reliability
Management Often also handles code requirements and Engineering
test cases for requirements.
DevSecOps Foundation,
Building an environment or organization that
Resilience Site Reliability
is tolerant to change and incidents.
Engineering
Response time is the total time it takes from
Site Reliability
Response Time when a user makes a request until they
Engineering
receive a response.
Continuous Delivery
Representation State Transfer. Software Ecosystem Foundation,
REST
architecture style of the world‐wide web. Continuous Testing
Foundation
Representational state transfer (REST) or
RESTful services on a network, such as HTTP,
provide scalable interoperability for
requesting systems to quickly and reliably Continuous Delivery
Restful API
access and manipulate textual Ecosystem Foundation
representations (XML, HTML, JSON) of
resources using stateless operations (GET,
POST, PUT, DELETE, etc.).
Continuous Delivery
The purpose of the test is to determine if an
RESTful interface Ecosystem Foundation,
API satisfies its design criterion and the
testing Continuous Testing
expectations of the REST architecture.
Foundation
Difference between the benefit achieved
Return on DevOps Foundation,
and the cost to achieve that benefit,
Investment (ROI) DevSecOps Foundation
expressed as a percentage.
Allow code to be committed and launched
Site Reliability
Review Apps in real time – environments are spun up to
Engineering
allow developers to review their application.
© DevOps Institute DevOps Glossary of Terms 40
The time and effort required to correct
Rework DevOps Leader
defects (waste).
Possible event that could cause harm or loss
or affect an organization's ability to achieve
its objectives. The management of risk
consists of three activities: identifying risks,
analyzing risks and managing risks. The DevOps Foundation,
Risk
probably frequency and probable DevSecOps Foundation
magnitude of future loss. Pertains to a
possible event that could cause harm or loss
or affect an organization's ability to execute
or achieve its objectives.
Possible event that could cause harm or loss
or affect an organization's ability to achieve
Risk Event its objectives. The management of risk DevOps Leader
consists of three activities: identifying risks,
analyzing risks and managing risks.
The process by which "risk" is contextualized,
Risk Management assessed, and treated. From ISO 31000: 1)
DevSecOps Foundation
Process Establish context, 2) Assess risk, 3) Treat risk
(remediate, reduce or accept).
Continuous Delivery
TDD framework created and supported by Ecosystem Foundation,
Robot Framework
Google. Continuous Testing
Foundation
Set of responsibilities, activities and
authorities granted to a person or team. A
role is defined by a process. One person or
DevOps Foundation,
Role team may have multiple roles. A set of
DevSecOps Foundation
permissions assigned to a user or group of
users to allow a user to perform actions within
a system or application.
Role-based Access An approach to restricting system access to
DevSecOps Foundation
Control (RBAC) authorized users.
Continuous Delivery
Software changes which have been Ecosystem Foundation,
Roll‐back
integrated are removed from the integration. Continuous Testing
Foundation
Root Cause Analysis Actions take to identify the underlying cause DevOps Foundation,
(RCA) of a problem or incident. DevSecOps Foundation
Rugged Development (DevOps) is a method
that includes security practices as early in the
Rugged
continuous delivery pipeline as possible to
Development DevOps Foundation
increase cybersecurity, speed, and quality of
(DevOps)
releases beyond what DevOps practices can
yield alone.
© DevOps Institute DevOps Glossary of Terms 41
Rugged DevOps is a method that includes
security practices as early in the continuous Continuous Delivery
delivery pipeline as possible to increase Ecosystem Foundation,
Rugged DevOps
cybersecurity, speed, and quality of releases Continuous Testing
beyond what DevOps practices can yield Foundation
alone.
A collection of procedures necessary for the
smooth operation of a service. Previously Site Reliability
Runbooks
manual in nature they are now usually Engineering
automated with tools like Ansible.
Runtime Application Tools that actively monitor and block threats
Site Reliability
Self Protection in the production environment before they
Engineering
(RASP) can exploit vulnerabilities.
Continuous Delivery
A very basic set of tests that determine if a Ecosystem Foundation,
Sanity Test
software is functional at all. Continuous Testing
Foundation
Scalability is a characteristic of a service that
Site Reliability
Scalability describes its capability to cope and perform
Engineering
under an increased or expanding load.
A proven, publicly available, framework for
Scaled Agile
applying Lean-Agile principles and practices DevOps Foundation
Framework (SAFE)
at an enterprise scale.
A summary of important discoveries from
SCARF Model neuroscience about the way people interact DevOps Leader
socially.
Scheduling: the process of planning to
Scheduling DevOps Leader
release changes into production.
A simple framework for effective team
collaboration on complex projects. Scrum
provides a small set of rules that create "just Certified Agile Service
Scrum enough" structure for teams to be able to Manager, DevOps
focus their innovation on solving what might Foundation
otherwise be an insurmountable
challenge. (Scrum.org)
Product Backlog, Sprint Backlog, Burndown Certified Agile Process
Scrum Artifacts
Chart, Product Increment Owner
Scrum's roles, events, artifacts and the rules Certified Agile Service
Scrum Components
that bind them together. Manager
Release Planning Meeting (optional), Sprint
Certified Agile Process
Scrum Events Planning Meeting, Sprint, Daily Scrum, Sprint
Owner
Review, Sprint Retrospective
© DevOps Institute DevOps Glossary of Terms 42
The definition of Scrum concepts and
Certified Agile Service
Scrum Guide practices, written by Ken Schwaber and Jeff
Manager
Sutherland.
Pillars that uphold the Scrum framework that
Certified Agile Process
Scrum Pillars include: Transparency, Inspection and
Owner
Adaption.
Product Owner, Development Team (Team)
Certified Agile Process
Scrum Roles and ScrumMaster. See also Agile Service
Owner
Management Roles.
A self-organizing, cross-functional team that
uses the Scrum framework to deliver
Scrum Team products iteratively and incrementally. The DevOps Foundation
Scrum Team consists of a Product Owner, the
Development Team, and a Scrum Master.
A set of fundamental values and qualities
Certified Agile Process
underpinning the Scrum framework:
Scrum values Owner, Certified Agile
commitment, focus, openness, respect and
Service Manager
courage.
An individual who provides process
leadership for Scrum (i.e., ensures Scrum
ScrumMaster practices are understood and followed) and DevOps Foundation
who supports the Scrum Team by removing
impediments.
Secret Detection aims to prevent that
sensitive information, like passwords,
Site Reliability
Secret Detection authentication tokens, and private keys are
Engineering
unintentionally leaked as part of the
repository content.
Secrets management refers to the tools and
methods for managing digital authentication
Secrets credentials (secrets), including passwords, Site Reliability
Management keys, APIs, and tokens for use in applications, Engineering
services, privileged accounts and other
sensitive parts of the IT ecosystem.
Secure automation removes the chance of
human error (and wilful sabotage) by Site Reliability
Secure Automation
securing the tooling used across the delivery Engineering
pipeline.
Practices intended to protect the
Security (Information confidentiality, integrity and availability of DevOps Foundation,
Security) computer system data from those with DevSecOps Foundation
malicious intentions.
Automating and building security into
DevOps Foundation,
Security as Code DevOps tools and practices, making it an
DevSecOps Foundation
essential part of tool chains and workflows.
© DevOps Institute DevOps Glossary of Terms 43
The purpose of the test is to determine if an Continuous Delivery
EUT meets its security requirements. An Ecosystem Foundation,
Security tests
example is a test that determines if an EUT Continuous Testing
processes login credentials properly. Foundation
Continuous Delivery
Popular open‐source tool for software testing Ecosystem Foundation,
Selenium
GUI and web applications. Continuous Testing
Foundation
Self-healing means the ability of services and
underlying environments to detect and Site Reliability
Self-healing
resolve problems automatically. It eliminates Engineering
the need for manual human intervention.
Management principle in which a team
chooses how best to accomplish their work,
rather than being directed by others outside Certified Agile Process
Self-organizing Team
the team. Self-organization happens within Owner
boundaries and against given goals (i.e.,
what to do).
The management principle that teams
autonomously organize their work. Self‐
organization happens within boundaries and Certified Agile Service
Self‐organizing
against given goals. Teams choose how best Manager
to accomplish their work, rather than being
directed by others outside the team.
A code execution paradigm were no
underlying infrastructure or dependencies
are needed, moreover a piece of code is
Site Reliability
Serverless executed by a service provider (typically
Engineering
cloud) who takes over the creation of the
execution environment. Lambda functions in
AWS and Azure Functions are examples.
Means of delivering value to customers by
facilitating outcomes customers want to DevOps Foundation,
Service
achieve without the ownership of specific DevSecOps Foundation
costs and risks.
Subset of the Service Portfolio that consists of
services that are live or available for
deployment. Has two aspects: The
Service Catalog DevOps Foundation
Business/Customer Service Catalog (visible to
customers) and the Technical/Supporting
Service Catalog. (ITIL definition)
One of the ITIL Core publications and a stage
Service Design DevOps Foundation
of the service lifecycle.
© DevOps Institute DevOps Glossary of Terms 44
Single point of contact between the service
provider and the users. Tools like Service
Service Desk Now are used for managing the lifecycle of DevOps Foundation
services as well as internal and external
stakeholder engagement.
Written agreement between an IT service
Certified Agile Process
provider and its customer(s) that defines key
Service Level Owner, DevOps
service targets and responsibilities of both
Agreement (SLA) Foundation, Site
parties. An SLA may cover multiple services
Reliability Engineering
or customers. (ITIL definition)
SLI's are used to communicate quantitative
Service Level Site Reliability
data about services, typically to measure
Indicator (SLI) Engineering
how the service is performing against an SLO.
Process that ensures all current and planned
Service Level Certified Agile Process
IT services are delivered to agreed
Management Owner
achievable targets. (ITIL definition)
An SLO is a goal for how well a product or
Service Level service should operate. SLO's are set based Site Reliability
Objective (SLO) on what an organization is expecting from a Engineering
service.
Service Lifecycle Structure of the ITIL Core guidance. DevOps Foundation
Set of specialized organizational capabilities
Service
for providing value to customers in the form DevOps Foundation
Management
of services. (ITIL definition)
Function that coordinates all processes and
Service functions that manage a service provider's
Certified Agile Process
Management Office services throughout their lifecycle. Process
Owner
(SMO) Owners may report directly or via a 'dotted'
reporting line to the SMO.
One of the ITIL Core publications and a stage
Service Operation DevOps Foundation
of the service lifecycle.
Organization that supplies services to one or
Service Provider more internal or external customers. (ITIL DevOps Foundation
definition)
User request for a standard service from an IT
Service Request DevOps Foundation
service provider. (ITIL definition)
One of the ITIL Core publications and a stage
Service Strategy DevOps Foundation
of the service lifecycle.
One of the ITIL Core publications and a stage
Service Transition DevOps Foundation
of the service lifecycle.
© DevOps Institute DevOps Glossary of Terms 45
Seven distinct "pillars" provide a foundation
for DevOps systems which include
Collaborative Culture, Design for DevOps,
Seven Pillars of Continuous Delivery
Continuous Integration, Continuous Testing,
DevOps Ecosystem Foundation
Continuous Delivery and Deployment,
Continuous Monitoring and Elastic
Infrastructures and Tools.
An approach that strives to build quality into
the software development process by
incorporating testing early and often. This DevOps Foundation,
Shift Left
notion extends to security architecture, DevSecOps Foundation
hardening images, application security
testing, and beyond.
Automated function and regression testing of Continuous Testing
SilkTest
enterprise applications. Licensed by Borland. Foundation
The Simian Army is a suite of failure-inducing
tools designed by Netflix. The most famous
Site Reliability
Simian Army example is Chaos Monkey which randomly
Engineering
terminates services in production as part of a
Chaos Engineering approach.
A single point of failure (SPOF) is a part of a
Single Point of Failure DevOps Foundation
system that, if it fails, will stop the entire system
(SPOF)
from working.
The discipline that incorporates aspects of
software engineering and applies them to
Site Reliability Site Reliability
infrastructure and operations problems. The
Engineering (SRE) Engineering
main goals are to create scalable and highly
reliable software systems.
Disciplined, data-driven approach that
Certified Agile Process
Six Sigma focuses on reducing defects by measuring
Owner
standard deviations from an expected norm.
Specific, measurable, achievable, relevant
SMART Goals DevOps Foundation
and time-bound goals.
Continuous Delivery
A basic set of functional tests that are run
Ecosystem Foundation,
Smoke Test immediately after a software component is
Continuous Testing
built. Same as CI Regression Test.
Foundation
Continuous Delivery
Ecosystem Foundation,
Snapshot Report of pass/fail results for a specific build.
Continuous Testing
Foundation
Stored and shared code snippets to allow
collaboration around specific pieces of
Site Reliability
Snippets code. Also allows code snippets to be used
Engineering
in other code-bases. BitBucket and GitLab
allow this.
© DevOps Institute DevOps Glossary of Terms 46
Continuous Delivery
Simple Object Access Protocol (SOAP) is an
Ecosystem Foundation,
SOAP XML-based messaging protocol for
Continuous Testing
exchanging information among computers.
Foundation
Software
A tool that checks for libraries or functions in
Composition DevSecOps Foundation
source code that have known vulnerabilities.
Analysis
Software-Defined Networking (SDN) is a
network architecture approach that enables
Software Defined Site Reliability
the network to be intelligently and centrally
Networking (SDN) Engineering
controlled, or 'programmed,' using software
applications.
Software Delivery The process used to design, develop and test DevOps Leader, Site
Lifecycle (SDLC) high quality software. Reliability Engineering
Continuous Delivery
Software Version A repository tool which is used to manage
Ecosystem Foundation,
Management software changes. Examples are: Azure
Continuous Testing
System DevOps, BitBucket, Git, GitHub, GitLab, VSTS.
Foundation
DevOps Foundation,
Category of cloud computing services in Continuous Delivery
Software‐as‐a‐
which software is licensed on a subscription Ecosystem Foundation,
Service (SaaS)
basis. Continuous Testing
Foundation
Repositories for controlling source code for
DevOps Foundation,
Source Code Tools key assets (application and infrastructure) as
DevOps Leader
a single source of truth.
An organizational model that helps teams in
DevOps Foundation,
Spotify Squad Model large organizations behave like startups and
DevOps Leader
be nimble.
Certified Agile Process
Owner, Certified Agile
A period of 2‐4 weeks during which an
Sprint Service Manager,
increment of product work is completed.
Continuous Delivery
Ecosystem Foundation
A time-boxed iteration of work during which
Sprint (Scrum) an increment of product functionality is DevOps Foundation
implemented.
Subset of the backlog that represents the Certified Agile Process
Sprint Backlog work that must be completed to realize the Owner, DevOps
Sprint Goal. Foundation
Purpose and objective of a Sprint, often Certified Agile Process
Sprint Goal expressed as a business problem that is going Owner, Certified Agile
to be solved. Service Manager
© DevOps Institute DevOps Glossary of Terms 47
A 4 to 8-hour time-boxed event that defines
Certified Agile Process
Sprint Planning the Sprint Goal, the increment of the Product
Owner, Certified Agile
Meeting Backlog that will be completed during the
Service Manager
Sprint and how it will be completed.
A 1.5 to 3-hour time-boxed event during
Certified Agile Process
which the Team reviews the last Sprint and
Sprint Retrospective Owner, Certified Agile
identifies and prioritizes improvements for the
Service Manager
next Sprint.
A time-boxed event of 4 hours or less where
Certified Agile Process
the Team and stakeholders inspect the work
Sprint Review Owner, Certified Agile
resulting from the Sprint and update the
Service Manager
Product Backlog.
Software that is installed in a computer
without the user's knowledge and transmits
Spyware DevSecOps Foundation
information about the user's computer
activities over back to the threat agent.
A cross-functional, co-located, autonomous,
Squads DevOps Leader
self-directed team.
Person who has an interest in an
organization, project or IT service. DevOps Foundation,
Stakeholder
Stakeholders may include customers, users DevSecOps Foundation
and suppliers. (ITIL definition).
The sensitivity a service has to accept
changes and the negative impact that may
be caused by system changes. Services may Site Reliability
Stability
have reliability, in that if functions over a long Engineering
period of time, but may not be easy to
change and so does not have stability.
Pre-approved, low risk change that follows a DevOps Foundation,
Standard Change
procedure or work instruction. (ITIL definition) DevSecOps Foundation
Static Application
A type of testing that checks source code for
Security Testing DevSecOps Foundation
bugs and weaknesses.
(SAST)
The purpose of the test is to detect source Continuous Delivery
code logic errors and omissions such as Ecosystem Foundation,
Static Code Analysis
memory leaks, unutilized variables, unutilized Continuous Testing
pointers. Foundation
Service pages that easily communicate the Site Reliability
Status Page
status of services to customers and users. Engineering
Negative incentives, for discouraging or
Sticks DevSecOps Foundation
punishing undesired behaviors.
© DevOps Institute DevOps Glossary of Terms 48
A specialty area of security that is concerned
with securing data storage systems and Site Reliability
Storage Security
ecosystems and the data that resides on Engineering
these systems.
A commercial orchestration tool based on Continuous Testing
Stormstack
event triggers instead of time based. Foundation
This stands for stop, start, and keep: this is an
StoStaKee interactive time-boxed exercise focused on DevOps Leader
past events.
A 2‐4 week timeboxed Sprint during which
strategic elements that were defined during Certified Agile Process
Strategic Sprint the Process Planning Meeting are completed Owner, Certified Agile
so that the Team can move on to designing Service Manager
the activities of the process.
Changes in the hierarchy of authority, goals,
Structural Changes structural characteristics, administrative DevOps Leader
procedures and management systems.
External (third party) supplier, manufacturer
or vendor responsible for supplying goods or
Supplier DevOps Foundation
services that are required to deliver IT
services.
Synthetic monitoring (also known as active
monitoring, or semantic monitoring) runs a
subset of an application's automated tests
Continuous Delivery
Synthetic Monitoring against the system on a regular basis. The
Ecosystem Foundation
results are pushed into the monitoring
service, which triggers alerts in case of
failures.
A system of record is the authoritative data DevOps Foundation,
System of Record
source for a data element or data entity. DevSecOps Foundation
Continuous Delivery
The purpose of the test is to determine if a
Ecosystem Foundation,
System Test complete system performs as expected in its
Continuous Testing
intended configurations.
Foundation
Continuous Delivery
System Under Test The EUT is an entire system. E.g. Bank teller Ecosystem Foundation,
(SUT) machine is being tested. Continuous Testing
Foundation
Continuous Delivery
Tests and Code modules are pre‐assigned
Tag‐Based Test Ecosystem Foundation,
tags. Tests are selected for a build matching
Selection Method Continuous Testing
pre‐assigned tags.
Foundation
Target Operating A description of the desired state of
DevOps Leader
Model the operating model of an organisation.
© DevOps Institute DevOps Glossary of Terms 49
An emerging organizational paradigm that
advocates a level of consciousness including
Teal Organization DevOps Leader
all previous world views within the operations
of an organisation.
A measurement of how a team works
together. Includes team culture,
Team Dynamics communication styles, decision making DevOps Leader
ability, trust between members, and the
willingness of the team to change.
Techno-economic paradigm shifts are at the
Techno-Economic core of general, innovation-based theory of
DevOps Leader
Paradigm Shifts economic and societal development as
conceived by Carlota Perez.
Telemetry is the collection of measurements
or other data at remote or inaccessible Site Reliability
Telemetry
points and their automatic transmission to Engineering
receiving equipment for monitoring.
Continuous Delivery
Person who has responsibility for defining the Ecosystem Foundation,
Test Architect
overall end‐to‐end test strategy for an EUT. Continuous Testing
Foundation
Continuous Delivery
Test Artifact Ecosystem Foundation,
Database of files used for testing.
Repository Continuous Testing
Foundation
Continuous Delivery
A test campaign may include one or more Ecosystem Foundation,
Test Campaign
test sessions. Continuous Testing
Foundation
Set of test steps together with data and Continuous Delivery
configuration information. A test case has a Ecosystem Foundation,
Test Case
specific purpose to test at least one attribute Continuous Testing
of the EUT. Foundation
Continuous Delivery
Test Creation This is a class of test terms which refers to the Ecosystem Foundation,
Methods methodology used to create test cases. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 50
Test-driven development (TDD) is a software
development process in which the
developer writes a test before composing
code. They then follow this process:
1. Write the test
Continuous Delivery
2. Run the test and any others that are
Ecosystem Foundation,
Test Driven relevant and see them fail
DevOps Foundation,
Development (TDD) 3. Write the code
Continuous Testing
4. Run test(s)
Foundation
5. Refactor code if needed
6. Repeat
Unit level tests and/or application tests are
created ahead of the code that is to be
tested.
Continuous Delivery
The time it takes to run a test. E.g. # hours per Ecosystem Foundation,
Test Duration
test Continuous Testing
Foundation
The test environment refers to the operating
system (e.g. Linus, windows version etc.),
Continuous Delivery
configuration of software (e.g. parameter
Ecosystem Foundation,
Test Environment options), dynamic conditions (e.g. CPU and
Continuous Testing
memory utilization) and physical environment
Foundation
(e.g. power, cooling) in which the tests are
performed.
Continuous Delivery
Ecosystem Foundation,
Test Fast A CT tenet referring to accelerated testing.
Continuous Testing
Foundation
A set of processes, procedures, abstract Continuous Delivery
concept and environment in which Ecosystem Foundation,
Test Framework
automated tests are designed and Continuous Testing
implemented. Foundation
A tool which enables the automation of tests.
It refers to the system test drivers and other Continuous Delivery
supporting tools that requires to execute Ecosystem Foundation,
Test Harness
tests. It provides stubs and drivers which are Continuous Testing
small programs that interact with the Foundation
software under test.
Continuous Delivery
This is a class of terms describes the Ecosystem Foundation,
Test Hierarchy
organization of tests into groups. Continuous Testing
Foundation
Continuous Delivery
This class of terms identifies the general
Ecosystem Foundation,
Test Methodology methodology used by a test. Examples are
Continuous Testing
White Box, Black Box
Foundation
© DevOps Institute DevOps Glossary of Terms 51
Continuous Delivery
Ecosystem Foundation,
Test result repository Database of test results.
Continuous Testing
Foundation
Continuous Delivery
A matrix of correlation factors correlates test
Test Results Ecosystem Foundation,
cases and code modules according to test
Trend‐ based Continuous Testing
result (verdict).
Foundation
Continuous Delivery
This class of terms identifies general roles and Ecosystem Foundation,
Test Roles
responsibilities for people relevant to testing. Continuous Testing
Foundation
Continuous Delivery
Automated test case. A single test script may
Ecosystem Foundation,
Test Script be implemented one or more test cases
Continuous Testing
depending on the data.
Foundation
Continuous Delivery
This class of terms refers to the method used
Test Selection Ecosystem Foundation,
to select tests to be executed on a version of
Method Continuous Testing
an EUT.
Foundation
Continuous Delivery
Set of one or more test suites that are run Ecosystem Foundation,
Test Session
together on a single build at a specific time. Continuous Testing
Foundation
Continuous Delivery
Set of test cases that are run together on a Ecosystem Foundation,
Test Suite
single build at a specific time. Continuous Testing
Foundation
Continuous Delivery
Ecosystem Foundation,
Test Trend History of verdicts.
Continuous Testing
Foundation
Continuous Delivery
Class that indicates what the purpose of the Ecosystem Foundation,
Test Type
test is. Continuous Testing
Foundation
Continuous Delivery
The version of files used to test a specific Ecosystem Foundation,
Test Version
build. Continuous Testing
Foundation
Continuous Delivery
Individual who has responsibility to test a Ecosystem Foundation,
Tester
system or service. Continuous Testing
Foundation
© DevOps Institute DevOps Glossary of Terms 52
Tools that verify code quality before passing
Testing Tools DevOps Leader
the build.
Any person deciding must seek advice from
everyone meaningfully affected by the
decision and people with expertise in the
matter. Advice received must be taken into
consideration, though it does not have to be
accepted or followed. The objective of the
The Advice Process DevSecOps Foundation
advice process is not to form consensus, but
to inform the decision-maker so that they
can make the best decision possible. Failure
to follow the advice process undermines trust
and unnecessarily introduces risk to the
business.
The situation wherein an audit-centric
perspective focuses exclusively on "checking
The Checkbox Trap the box" on compliance requirements DevSecOps Foundation
without consideration for overall security
objectives.
The Power of TED* offers an alternative to the
Karpman Drama Triangle with its roles of
Victim, Persecutor, and Rescuer. The
The Power of TED Empowerment Dynamic (TED) provides the DevOps Leader
antidote roles of Creator, Challenger and
Coach and a more positive approach to
life's challenges.
DevOps Foundation,
Key principles of DevOps – Flow, Feedback, DevSecOps Foundation,
The Three Ways
Continuous experimentation and learning. Site Reliability
Engineering
Methodology for identifying the most
important limiting factor (i.e., constraint) that
DevOps Foundation,
Theory of Constraints stands in the way of achieving a goal and
DevSecOps Foundation
then systematically improving that constraint
until it is no longer the limiting factor.
Thomas Kilmann Measures a person's behavioral choices
DevOps Foundation
Inventory (TKI) under certain conflict situations.
An actor, human or automated, that acts
against a system with intent to harm or
Threat Agent DevSecOps Foundation
compromise that system. Sometimes also
called a "Threat Actor."
Refers to the ability to detect, report, and
support the ability to respond to attacks.
Threat Detection Intrusion detection systems and denial-of-
service systems allow for for some level of
threat detection and prevention.
© DevOps Institute DevOps Glossary of Terms 53
Information pertaining to the nature of a
threat or the actions a threat may be known
to be perpetrating. May also include
Threat Intelligence "indicators of compromise" related to a given DevSecOps Foundation
threat's actions, as well as a "course of
action" describing how to remediate the
given threat action.
A method that ranks and models potential
threats so that the risk can be understood
Threat Modeling DevSecOps Foundation
and mitigated in the context of the value of
the application(s) to which they pertain.
The period of time between when an idea is
Time to Market conceived and when it is available to DevOps Leader
customers.
Measure of the time it takes for the business DevOps Foundation,
Time to Value
to realize value from a feature or service. DevSecOps Foundation
Tools that allow for time to be tracked, either
Site Reliability
Time Tracking against individual issues or other work or
Engineering
project types.
Certified Agile Process
Time-box Maximum duration of a Scrum event. Owner, Certified Agile
Service Manager
A kind of work tied to running a production
service that tends to be manual, repetitive, Site Reliability
Toil
automatable, tactical, devoid of enduring Engineering
value.
Continuous Delivery
This class describes tools that orchestrate,
Ecosystem Foundation,
Tool automate, simulate and monitor EUT's and
Continuous Testing
infrastructures.
Foundation
A philosophy that involves using an
integrated set of complimentary task specific
Toolchain DevOps Foundation
tools to automate an end to end process (vs.
a single-vendor solution).
In a Lean Production system the The touch
Touch Time time is the time that the product is actually DevOps Leader
being worked on, and value is being added.
Tracing provides insight into the performance
and health of a deployed application, Site Reliability
Tracing
tracking each function or microservice which Engineering
handles a given request.
The amount of data sent and received by Site Reliability
Traffic Volume
visitors to a service (e.g. a website or API). Engineering
© DevOps Institute DevOps Glossary of Terms 54
An accelerated learning model in line with
Training From the agile values and principles using the 4Cs
Back of the Room instructional design “map” (Connection,
Concept, Concrete Practice, Conclusion).
A leadership model in which leaders inspire
and motivate followers to achieve higher
Transformational performance by appealing to their values
DevOps Leader
Leadership and sense of purpose, facilitating wide-scale
organizational change (State of DevOps
Report, 2017).
A senior technical leader that has broad and
deep technical expertise across all the
squads' technical areas. A group of squads
Tribe Lead DevOps Leader
working together on a common feature set,
product or service is a tribe in Spotify's
definitions.
A collection of squads with a long-term
Tribes mission that work on/in a related business DevOps Leader
capability.
Malware that carries out malicious
operations under the appearance of a
desired operation such as playing an online
game. A Trojan horse differs from a virus
Trojan (horses) DevSecOps Foundation
because the Trojan binds itself to non-
executable files, such as image files, audio
files whereas a virus requires an executable
file to operate.
Continuous Delivery
The primary source code integration Ecosystem Foundation,
Trunk
repository for a software product. Continuous Testing
Foundation
Continuous Delivery
Ecosystem Foundation,
Unit Test The purpose of the test is to verify code logic.
Continuous Testing
Foundation
Continuous Delivery
The purpose of the test is to determine if
Ecosystem Foundation,
Usability Test humans have a satisfactory experience
Continuous Testing
when using an EUT.
Foundation
Consumer of IT services. Or, the identity
DevOps Foundation,
User asserted during authentication (aka
DevSecOps Foundation
username).
User and Entity A machine learning technique to analyze
Site Reliability
Behavior Analytics normal and “abnormal” user behaviour with
Engineering
(UEBA) the aim of preventing the latter.
© DevOps Institute DevOps Glossary of Terms 55
Statement written from the user's business
perspective that describes how the user will Certified Agile Process
User Story achieve a goal from a feature of the Owner, Certified Agile
product. User stories are captured in the Service Manager
Product Backlog (or Process Backlog).
The amount of time spent on an activity that
Value Added Time DevOps Leader
creates value (e.g., development, testing).
Being able to produce value with the
Value Efficiency DevOps Leader
minimum amount of time and resources.
All of the activities to go from a customer
Value Stream DevOps Foundation
request to a delivered product or service.
Lean tool that depicts the flow of
information, materials and work across
Value Stream
functional silos with an emphasis on DevOps Foundation
Mapping
quantifying waste, including time and
quality.
The ability to visualize the flow of value
delivery through the DevOps lifecycle. Gitlab
Value Stream Site Reliability
CI and the Jenkins extension (from Cloud
Management Engineering
Bees) DevOptics can provide this
visualization.
Individual accountable to senior
Certified Agile Process
Value Stream Owner management for improving the value to
Owner
non-value ratio of a given product or service.
An approach where traditional and digital
Variable Speed IT processes co-exist within an organization DevOps Foundation
while moving at their own speed.
Measure of the quantity of work done in a DevOps Foundation,
pre-defined interval. The amount of work an DevSecOps Foundation,
Velocity
individual or team can complete in a given Site Reliability
amount of time. Engineering
Continuous Delivery
Test result classified as Fail, Pass or Ecosystem Foundation,
Verdict
Inconclusive. Continuous Testing
Foundation
Ensure a 'single source of truth' and enable
Version control tools change control and tracking for all DevOps Foundation
production artifacts.
Computing resources are scaled higher to
Continuous Testing
Vertical Scaling increase processing speed e.g. using faster
Foundation
computers to run more tasks faster.
© DevOps Institute DevOps Glossary of Terms 56
Malicious executable code attached to a
file that spreads when an infected file is
Virus (Computer) passed from system to system that could be DevSecOps Foundation
harmless (but annoying) or it could modify or
delete data.
A process that captures and analyzes
Voice of the
customer requirements and feedback to DevOps Foundation
Customer (VOC)
understand what the customer wants.
A weakness in a design, system, or
Vulnerability application that can be exploited by an DevSecOps Foundation
attacker.
Information describing a known vulnerability,
including affected software by version,
relative severity of the vulnerability (for
example, does it result in escalation of
privileges for user role, or does it cause a
denial of service), exploitability of the
Vulnerability
vulnerability (how easy/hard it is to exploit), DevSecOps Foundation
Intelligence
and sometimes current rate of exploitation in
the wild (is it being actively exploited or is it
just theoretical). This information will also
often include guidance on what software
versions are known to have remediated the
described vulnerability.
Vulnerability The process of identifying and remediating
DevSecOps Foundation
management vulnerabilities.
The amount of time wasted on waiting for
work (e.g., waiting for development and test
Wait Time DevOps Leader
infrastructure, waiting for resources, waiting
for management approval).
Certified Agile Process
Owner, Certified Agile
Waste (Lean Any activity that does not add value to a
Service Manager,
Manufacturing) process, product or service.
DevOps Foundation,
DevOps Leader
A hybrid approach to application lifecycle
management that combines waterfall and Continuous Delivery
Water‐scrum‐fall
Scrum development can complete in a Ecosystem Foundation
given amount of time.
Linear and sequential approach to Certified Agile Service
managing software design and Manager, Continuous
Waterfall (Project
development projects in which progress is Delivery Ecosystem
Management)
seen as flowing steadily (and sequentially) Foundation, DevOps
downwards (like a waterfall). Foundation
© DevOps Institute DevOps Glossary of Terms 57
An error in software that can be exploited by
an attacker to compromise the application,
Weakness DevSecOps Foundation
system, or the data contained therein. Also
called a vulnerability.
Tools that examine traffic being sent to an
Web Applicaion Site Reliability
application and can block anything that
Firewall (WAF) Engineering
looks malicious.
Tools that have a web client integrated
development environment. Enables Site Reliability
Web IDE
developer productivity without having to use Engineering
a local development tool.
Ron Westrum developed a typology of
organizational cultures that includes three DevSecOps Foundation,
Westrum
types of organizations: Pathological (power- Site Reliability
(Organization Types)
oriented), Bureaucratic (rule-oriented) and Engineering
Generative (performance-oriented).
White‐Box Testing
Test cases use extensive knowledge of the Continuous Delivery
(or Clear-, Glass-,
internal design structure or workings of an Ecosystem Foundation,
Transparent-Box
application, as opposed to its functionality Continuous Testing
Testing or Structural
(i.e. Black-Box Testing). Foundation
Testing)
Application whitelisting is the practice of
specifying an index of approved software Continuous Delivery
Whitelisting
applications that are permitted to be present Ecosystem Foundation
and active on a computer system.
Wicked questions are used to expose the
assumptions which shape our actions and
choices. They are questions that articulate
Wicked Questions DevOps Leader
the embedded, and often contradictory
assumptions, we hold about an issue, a
problem or a context.
Knowledge sharing can be enabled by using
Site Reliability
Wiki tools like Confluence which create a rich Wiki
Engineering
of content
A model that recognises four modes of
general approach for human beings. Two
Wilber's Quadrants DevOps Leader
axes are used: on one axis people tend
towards individuality OR collectivity.
Work in Progress Any work that has been started but has not
DevOps Foundation
(WIP) been completed.
Temporary way to reduce or eliminate the
impact of incidents or problems. May be DevOps Foundation,
Workaround
logged as a known error in the Known Error DevSecOps Foundation
Database. (ITIL definition).
© DevOps Institute DevOps Glossary of Terms 58
Is a structured conversational process for
knowledge sharing in which groups of
people discuss a topic at several tables, with
World Café DevOps Leader
individuals switching tables periodically and
getting introduced to the previous discussion
at their new table by a "table host".
Worms replicate themselves on a system by
attaching themselves to different files and
looking for pathways between computers.
Worms (Computer) DevSecOps Foundation
They usually slow down networks and can run
by themselves (where viruses need a host
program to run).
© DevOps Institute DevOps Glossary of Terms 59
You might also like
- Acronis #CyberFit Cloud Sales Fundamentals 2023 HandoutNo ratings yetAcronis #CyberFit Cloud Sales Fundamentals 2023 Handout133 pages
- ?????????? & ??????? ?????????? ?? ??????No ratings yet?????????? & ??????? ?????????? ?? ??????59 pages
- Waiting For Your Valuable Responds 1719890904No ratings yetWaiting For Your Valuable Responds 171989090430 pages
- Amazon CloudFront A Comprehensive GuideNo ratings yetAmazon CloudFront A Comprehensive Guide22 pages
- Sustainable Web Development With Ruby On Rails P2.0No ratings yetSustainable Web Development With Ruby On Rails P2.0487 pages
- AWS Partner Security Best Practices (Technical) - 200-SIPSBP-14-En-SGNo ratings yetAWS Partner Security Best Practices (Technical) - 200-SIPSBP-14-En-SG206 pages
- Docker Scenario Based Questions and AnswersNo ratings yetDocker Scenario Based Questions and Answers25 pages
- Roadshow Advanced 7.2 V3.2 230711 Final All GeoNo ratings yetRoadshow Advanced 7.2 V3.2 230711 Final All Geo342 pages
- Scalable Machine Learning With Apache Spark enNo ratings yetScalable Machine Learning With Apache Spark en145 pages
- 5g Eve d2.6 Participating Vertical Industries PlanningNo ratings yet5g Eve d2.6 Participating Vertical Industries Planning113 pages
- Devops Shack: Linux Commands DocumentationNo ratings yetDevops Shack: Linux Commands Documentation7 pages
- Introduction To Appsec Combined Keynote PDFNo ratings yetIntroduction To Appsec Combined Keynote PDF107 pages
- M3 - Kubernetes Architecture - ILT v1.7No ratings yetM3 - Kubernetes Architecture - ILT v1.791 pages
- Object Oriented Programming: Dr. Bharat Singh PHD, CseNo ratings yetObject Oriented Programming: Dr. Bharat Singh PHD, Cse184 pages
- Chloe Annable Mastering DevOps - A Complete Step by Step Guide For Beginners Chloe Annable - 2024No ratings yetChloe Annable Mastering DevOps - A Complete Step by Step Guide For Beginners Chloe Annable - 2024138 pages
- Silabus Introduction To DevOps and Site Reliability EngineeringNo ratings yetSilabus Introduction To DevOps and Site Reliability Engineering2 pages
- AWS Certified Developer Associate - Exam GuideNo ratings yetAWS Certified Developer Associate - Exam Guide16 pages
- Model Order Reduction Using Genetic AlgorithmNo ratings yetModel Order Reduction Using Genetic Algorithm6 pages
- K8S Architecture: Kubelet Kube-Proxy Kubelet Kube-Proxy K8s API ServerNo ratings yetK8S Architecture: Kubelet Kube-Proxy Kubelet Kube-Proxy K8s API Server2 pages
- Integration of Vessel Traffic Control SyNo ratings yetIntegration of Vessel Traffic Control Sy14 pages
- ESM-Sensors For Tactical Information in Air Defence Systems: T. Smestad, H. Øhra, and A. KnapskogNo ratings yetESM-Sensors For Tactical Information in Air Defence Systems: T. Smestad, H. Øhra, and A. Knapskog14 pages
- About Kubernetes and Security Practices - Short Edition: First Edition, #1From EverandAbout Kubernetes and Security Practices - Short Edition: First Edition, #1No ratings yet
