Technical Glossary

For the technically curious. Our service pages are written in plain English — but if you want to know what's actually going on under the hood, this is where to look.

Technical Glossary Illustration

Web & General

API Application Programming Interface
A defined way for two software systems to communicate. When your website submits a form and triggers an email, an API handles the delivery behind the scenes.
HTTPS HyperText Transfer Protocol Secure
The secure version of HTTP. All data between your browser and the website is encrypted — shown by the padlock in the address bar.
SSL / TLS Secure Sockets Layer / Transport Layer Security
The technology behind HTTPS. SSL is the older term; TLS is its modern successor. Both refer to the certificate that encrypts your website’s traffic.
CMS Content Management System
Software that lets you edit your website content without touching code. Examples include Umbraco, WordPress, and custom-built admin panels.
SEO Search Engine Optimisation
Improving a website’s visibility in search results through page speed, metadata, structured content, and link quality.
reCAPTCHA
Google’s service for detecting automated bots on web forms. Prevents spam submissions without requiring users to solve puzzles.
Turnstile
Cloudflare’s privacy-friendly alternative to reCAPTCHA. Verifies visitors are human without tracking them or displaying puzzles — the check happens invisibly in the background. Used on this site’s contact form.
Webhook
An HTTP callback that automatically notifies one system when something happens in another — like a payment triggering an order fulfilment workflow.
Plugin / Extension
An optional software module that adds functionality to an existing platform without modifying its core code.
Stripe
A developer-friendly payment processing platform. Handles card payments, subscriptions, refunds, and webhooks with a clean API and strong documentation.

Security & Email

SPF Sender Policy Framework
A DNS record listing servers authorised to send email from your domain. Prevents spoofed emails appearing to come from you.
DKIM DomainKeys Identified Mail
A digital signature on outgoing emails that proves they genuinely came from your domain and weren’t tampered with in transit.
DMARC Domain-based Message Authentication, Reporting and Conformance
A policy telling receiving servers what to do with emails that fail SPF or DKIM checks — quarantine, reject, or report them.
HSTS HTTP Strict Transport Security
A security header that forces browsers to always use HTTPS, even if someone types http://.
CSP Content Security Policy
A header controlling which external scripts and resources a browser can load from your pages. Reduces cross-site scripting risk.
CORS Cross-Origin Resource Sharing
A browser security mechanism controlling which domains can make API requests to your server. Misconfigured CORS is a common vulnerability.
Azure Key Vault
Microsoft Azure’s managed service for storing secrets, API keys, passwords, and certificates — separate from your application code and config files.
Security Headers
HTTP response headers instructing browsers on security policy — covering clickjacking, content injection, MIME sniffing, and referrer behaviour. Tools like securityheaders.com grade your current setup.
DNSSEC Domain Name System Security Extensions
Cryptographic signatures added to DNS records so that browsers and mail servers can verify your domain hasn’t been redirected to a fake server by an attacker.
Hardenize
A free web-based tool that scans a domain and grades it across TLS, security headers, email authentication (SPF/DKIM/DMARC), DNSSEC, and CAA records — colour-coded so you can see exactly what needs attention. See hardenize.com.

Identity & Access

OAuth Open Authorization
The standard behind “Sign in with Google” buttons. Delegates authentication to a trusted provider without your app handling passwords directly.
OIDC OpenID Connect
A layer on top of OAuth 2.0 that adds identity — so your app knows not just that access was granted, but who the user actually is.
SSO Single Sign-On
One login, multiple systems. Users authenticate once and access all connected applications without re-entering credentials.
MFA Multi-Factor Authentication
A second proof of identity beyond a password — a code from an app, SMS, or hardware key. Significantly reduces account compromise risk.
RBAC Role-Based Access Control
Assigns permissions to roles (Admin, Editor, Viewer) rather than individuals. Makes access management scalable and auditable.
Azure AD B2C Azure Active Directory Business to Consumer
Microsoft’s managed identity service for customer-facing apps. Handles registration, login, social sign-in, and MFA without building it from scratch.
PBKDF2 Password-Based Key Derivation Function 2
A cryptographic algorithm for hashing and storing passwords securely. Deliberately slow to make brute-force attacks computationally expensive.
API Key
A unique identifier used to authenticate requests to an API. Should be treated like a password — stored in a vault, never hard-coded in source.

DevOps & Infrastructure

CI Continuous Integration
Automatically building and testing code every time a change is pushed. Catches problems early, before they reach production.
CD Continuous Deployment / Delivery
Automatically releasing tested changes to staging or production. Reduces manual steps and deployment risk.
YAML YAML Ain’t Markup Language
A human-readable configuration format used in Azure Pipelines and many DevOps tools. More readable than JSON for multi-line config.
Terraform
HashiCorp’s open-source tool for defining and provisioning cloud infrastructure in code. Write a config, run a plan, apply — repeatably and safely.
Azure Pipelines
Microsoft’s CI/CD service within Azure DevOps. Runs automated build, test, and deployment workflows triggered by code commits or schedules.
MQTT Message Queuing Telemetry Transport
A lightweight messaging protocol for IoT systems. Passes sensor data and commands between devices and cloud services over low-bandwidth connections.
IR35
UK tax legislation determining whether a contractor should be treated as an employee. “Outside IR35” means a contractor operates as a genuinely independent business.
MVP Minimum Viable Product
The smallest version of a product that delivers real value. Used to validate ideas quickly before building the full thing.
GDPR General Data Protection Regulation
EU and UK data protection law governing how personal data is collected, stored, and processed. Applies to any organisation handling data from EU/UK individuals.