Enterprise Technology Glossary
Definitions, concepts, acronyms, and terminology used across enterprise technology markets.
The Decision Insights Glossary provides definitions and explanations for technology terms, acronyms, products, architectures, standards, and industry concepts used throughout enterprise IT.
Entries are designed to help technology professionals, business leaders, researchers, and students quickly understand terminology spanning networking, cloud computing, cybersecurity, artificial intelligence, software development, infrastructure, observability, telecommunications, and related domains.
Use the search bar to find specific terms, concepts, acronyms, technologies, or industry terminology.
6,173 results · page 246 of 309
-
Security Audit
Security audit is a formal, systematic assessment of an organization’s information security controls and practices against defined policies, standards, and regulations, used in enterprises to verify compliance, document control effectiveness, and identify gaps that require remediation or architectural adjustment.
-
Security Automation
Security automation is the use of software-driven, rule-based workflows to execute cybersecurity tasks with minimal human intervention, helping enterprises standardize incident handling, reduce manual effort on repetitive operations, and enforce security policies consistently across on-premises, cloud, and hybrid environments.
-
Security Baseline
Security baseline is a documented set of minimum security configuration requirements and controls that an enterprise adopts for specific systems and environments, used to standardize hardening, support compliance, and enable automated assessment of configuration drift and policy conformance.
-
Security Certification Authority
Security Certification Authority is an entity that issues and manages digital certificates within a public key infrastructure, providing identity binding and trust needed for authenticated, encrypted communications in enterprise environments and supporting compliance, governance, and risk management requirements.
-
Security Compliance Scanner
Security compliance scanner is an automated security tool that checks systems, applications, and cloud environments against defined policies, benchmarks, and regulatory frameworks, helping enterprises monitor control adherence, document audit evidence, and organize remediation of noncompliant configurations across diverse IT and cloud estates.
-
Security Configuration Baseline
Security configuration baseline is a formally approved set of security configuration settings for systems and platforms that establishes a reference secure state, enabling consistent hardening, automated assessment, and compliance monitoring across enterprise IT and cloud environments.
-
Security Context Constraint
Security context constraint is an OpenShift policy object that controls pod and container security settings, enabling enterprises to enforce least-privilege configurations, tenant isolation, and compliance-aligned restrictions on workloads across OpenShift-based Kubernetes clusters.
-
Security Control Framework
Security control framework is a structured catalog of cybersecurity controls and requirements that organizations use to design, implement, and assess security in a consistent, auditable way, supporting risk management, regulatory compliance, and standardized reporting across systems, vendors, and business units.
-
Security Control Validation
Security control validation is a structured process that tests and verifies whether deployed security controls function as intended against defined threats, enabling enterprises to measure control effectiveness, support compliance evidence, and align security investments with risk management and governance objectives.
-
Security Hardening
Security hardening is the process of configuring and maintaining systems, applications, and networks according to defined secure baselines to reduce attack surface, support compliance requirements, and provide a repeatable method for keeping enterprise environments in a controlled security state.
-
Security Header Configuration
Security header configuration is the administration of HTTP response headers that enforce browser-based security policies for web applications, helping enterprises reduce exposure to common web attacks, support compliance with security baselines, and standardize protections across servers, environments, and delivery platforms.
-
Security Information and Event Management
Security information and event management (SIEM) is a class of security platforms that centralize, correlate, and analyze log and event data from diverse systems to support threat detection, incident investigation, and compliance reporting in enterprise and cloud environments.
-
Security Lifecycle Management
Security lifecycle management is an organized approach for planning, implementing, operating, monitoring, and decommissioning security controls across systems and data. It matters in enterprises because it aligns security activities with IT lifecycles, risk management, and regulatory requirements in a repeatable, auditable way.
-
Security Operations
Security operations is the organizational function that continuously monitors, detects, investigates, and responds to cybersecurity threats and incidents across enterprise environments, supporting protection of data and systems, regulatory compliance, and coordination of incident response with technology, risk, and business stakeholders.
-
Security Operations Center
Security operations center is an organizational function that provides centralized monitoring, analysis, and response for cybersecurity events and incidents, helping enterprises maintain observability, coordinate incident handling, and support compliance and risk management across networks, endpoints, applications, and cloud infrastructure.
-
Security Orchestration Automation Response
Security orchestration, automation and response (SOAR) centralizes and automates security operations workflows, integrating multiple security and IT tools so enterprises can coordinate incident detection, investigation and response, standardize playbooks, reduce manual tasks, and generate consistent, auditable processes for security operations centers.
-
Security Playbook
Security playbook is a documented, standardized set of procedures that defines how an organization detects, analyzes, contains, and recovers from specific cyber incidents or alerts. It matters because it coordinates people, tools, and workflows for consistent, auditable security operations.
-
Security Policy as Code
Security policy as code is the practice of expressing security rules and controls in machine-readable code artifacts, enabling automated enforcement, testing, and versioning across enterprise infrastructure and applications within DevSecOps, cloud, and governance workflows.
-
Security Policy Enforcement
Security policy enforcement is the implementation and execution of defined security rules across systems, networks, applications, and data so that enterprise security policies operate consistently in production environments and support governance, risk management, and regulatory compliance requirements.
-
Security Policy Federation
Security policy federation is a method for sharing and enforcing common authorization and access control policies across independent systems or domains, enabling consistent security governance in distributed, multi-cloud, and cross-organizational environments while allowing each domain to maintain its own enforcement mechanisms.