Tech Terms, Plain English
A jargon-free reference for non-technical founders and business leaders navigating software decisions.
A
Agile
A project management methodology that breaks work into short iterations (sprints), typically 2 weeks long. Features are delivered incrementally with regular feedback from stakeholders.
API
Application Programming Interface — a set of rules that allows different software applications to communicate with each other. Think of it as a waiter taking your order to the kitchen and bringing back your food.
C
CDN
Content Delivery Network — a network of servers distributed globally that caches and serves your content from the location closest to the user, reducing load times significantly.
CI/CD
Continuous Integration / Continuous Deployment — an automated pipeline that tests and deploys code changes. Every time a developer writes code, it's automatically tested and shipped to production.
Cloud Hosting
Running your application on servers managed by providers like AWS, Google Cloud, or Azure — instead of owning physical servers. You pay for what you use and can scale instantly.
D
Docker
A tool that packages your application and all its dependencies into a standardized container. This ensures your app runs exactly the same way everywhere — development, testing, and production.
F
Firmware
Specialized software programmed into hardware devices. It controls the device's specific functions and is typically written in C or C++ for embedded systems.
G
GDPR
General Data Protection Regulation — EU law governing how personal data of EU residents is collected, stored, and used. Requires user consent and gives individuals control over their data.
GraphQL
A query language for APIs that lets clients request exactly the data they need. Unlike REST, which returns fixed data structures, GraphQL gives the client control over the response shape.
H
HIPAA
Health Insurance Portability and Accountability Act — US federal law that sets standards for protecting sensitive patient health information. Any software handling medical data must comply.
I
IoT
Internet of Things — a network of physical devices embedded with sensors, software, and connectivity that collect and exchange data. Examples: smart thermostats, industrial sensors, wearables.
K
Kubernetes
An orchestration platform that automatically manages, scales, and deploys containerized applications. It ensures your app stays running even if individual servers fail.
L
Load Balancer
A system that distributes incoming network traffic across multiple servers to ensure no single server gets overwhelmed. It improves reliability and response times.
M
Machine Learning
A subset of AI where systems learn patterns from data and make predictions without being explicitly programmed. Used for recommendation engines, fraud detection, and image recognition.
Microservices
An architectural approach where an application is built as a collection of small, independent services. Each service handles one specific business function and can be updated independently.
MVP
Minimum Viable Product — the simplest version of your product that still delivers value to users. It lets you test your idea with real customers before investing in full development.
N
NLP
Natural Language Processing — a branch of AI focused on enabling computers to understand, interpret, and generate human language. Powers chatbots, translation, and sentiment analysis.
O
ORM
Object-Relational Mapping — a tool that lets developers interact with a database using their programming language instead of writing raw SQL queries. Examples: Prisma, SQLAlchemy.
P
PCI DSS
Payment Card Industry Data Security Standard — security standards for organizations that handle credit card data. Required for any application that processes, stores, or transmits cardholder information.
R
RAG
Retrieval-Augmented Generation — an AI pattern that combines a language model with a knowledge base. The system retrieves relevant documents and uses them to generate more accurate, grounded responses.
Redis
An in-memory data store used for caching, session management, and real-time features. It's extremely fast because it stores data in RAM rather than on disk.
REST API
A widely-used standard for building web APIs. REST APIs use standard HTTP methods (GET, POST, PUT, DELETE) to perform operations on resources identified by URLs.
RTOS
Real-Time Operating System — an operating system designed to process data and events within guaranteed time constraints. Critical for industrial control systems and medical devices.
S
SaaS
Software as a Service — a cloud-based software delivery model where users access the application via a web browser and pay a subscription fee instead of buying and installing software.
Scalability
The ability of a system to handle increased load by adding resources. Horizontal scaling adds more servers; vertical scaling adds more power to existing servers.
SOC 2
Service Organization Control 2 — a security framework that demonstrates a company handles customer data securely. It covers five areas: security, availability, processing integrity, confidentiality, and privacy.
Sprint
A fixed time period (usually 2 weeks) during which the development team works on a defined set of features. Each sprint ends with a demo of working software.
SSL/TLS
Secure Sockets Layer / Transport Layer Security — encryption protocols that secure data transmitted between a user's browser and a server. The padlock icon in your browser means TLS is active.
T
Tech Stack
The combination of programming languages, frameworks, databases, and tools used to build an application. For example: React + Node.js + PostgreSQL + AWS.
Terraform
An infrastructure-as-code tool that lets you define cloud infrastructure (servers, databases, networks) in configuration files. Changes are version-controlled and reproducible.
W
Webhook
An automated message sent from one application to another when a specific event occurs. For example, a payment processor sending a notification to your app when a payment succeeds.
Z
Zero Trust
A security model that requires verification for every person and device trying to access resources, regardless of whether they're inside or outside the network perimeter.