Terminology
Following is a list of commonly used terms in the DTACT universe.
API
An API, or Application Programming Interface, is a set of rules and tools that allows different software applications to communicate with each other.
Array
An array is a data structure in computer programming that stores a collection of elements, each identified by an index or a key.
Backend
Refers to the part of a software system or application that is responsible for managing and processing data, performing server-side operations, and handling the underlying logic of the application.
Block id
Serves as a unique identifier for the Brick, offering a unique reference point that facilitates the communication of information to the Brick itself and other interconnected components.
Brick
Bricks are the building blocks of flows. Bricks communicate in a classic publish-subscribe manner. You can script the behaviour of a brick yourself or use one of the many bricks that are readily available off the shelf in Raven.
Centralized
Data that is managed and controlled from a single, unified location or system.
Cases
A case is a detailed record within the case management app that helps organize, track, and manage Alerts tied to particular incidents or issues. It brings together all relevant information, actions, and updates related to an Alert, making it easier to handle and resolve incidents efficiently.
Cron
In Python, a cron is a way to schedule and automate tasks.
Credential data
The information used to verify the identity of a user or system and to grant access to resources or services.
cURL
Is a command-line tool and library for uploading or downloading files to/from a server on the internet. It is widely used for creating APIs, making HTTP requests, and handling data in any form.
Data Fusion
The process of integrating multiple data sources to produce more consistent, accurate, and useful information than that provided by any individual data source.
Data Ingestion
The process of importing large, assorted data files from multiple sources into a single, cloud-based storage medium like a Data Warehouse or Data Lake.
Data Mesh
A decentralized data management approach that improves data agility by leveraging a domain-oriented and self-serve design for your data platform.
Data Retention
Policy for what happens with data. A Data Retention Policy describes rules about how to store data, how to remove data, who is responsible, and how long the data is stored.
Database
Digital filing system where you can store and organize information.
ETL
Extract, Transform, Load is the process where events are extracted from different sources, transformed to the desired format, and then loaded into a destination system.
ETL process
ETL is a traditional method of data processing that can be used for data ingestion. It involves transforming data for use before loading it into its destination.
Flow
A data pipeline inside Raven, defined by connecting several functional bricks together.
Icons
Small graphical symbols used in interfaces to depict an object, an action, or an idea graphically.
Input
The information received by a system or program from the external environment. It is the data input given to the computer or a program for its operation.
JSON
JSON or JavaScript Object Notation, is a widely used format for representing structured data. It provides a lightweight and human-readable way to organize information in key-value pairs.
Keys
Sequences of characters designed to confirm the identity of a person or to protect data, ensuring the user’s privacy.
Logs
Logged details covering various activities and occurrences within a system. These records serve as an account of the events taking place, providing a historical perspective on the system's operations.
Metadata
Metadata refers to data that provides information about other data. Metadata helps describe, explain, locate, and manage data, making it easier to organize, understand, and retrieve information.
Observable
Something that has been observed during a certain event or that is derived from an event through correlation with other data sources (for example, a WHOIS database). In cybersecurity, observables are typically things like IP addresses, host names, file hashes, etc.
Objects
An object is an instance of a class. It is a self-contained unit that contains both data (attributes) and the procedures or functions (methods) that operate on that data.
Output
The information or signals generated by a system or device after processing the input. It is the end product or the result produced due to processing of data by the computer or the program.
Parameters
In coding, parameters are variables that you assign when defining a function, method, or procedure, with which you refer to it. They enable the use of inputs of various values when the function is called and the function can use to accomplish its purpose.
Payload
The payload is the actual data or information that is being sent in a message.
Pipeline
A set of activities or operations by which data or tasks are transferred and change hands until they are ready to be completed. Every step in a pipeline is assigned a task, and the results of that task are passed on to the next step.
PostgreSQL
Is a powerful, open-source object-relational database system with over 35 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.
Query
A precise request for information. Data inside a brick or a table can be indexed and then queried. Find out more about queries here.
RSS feed
Really Simple Syndication - an online file that contains details about every piece of content a site has published. Often used to get quick updates on new information on websites.
Scaling Bricks
Means to adjust the capacity or number of resources to accommodate changes in workload or demand. In the context of orchestrating Bricks, it involves increasing or decreasing the number of active Bricks or their computational resources to ensure efficient performance and responsiveness.
Schema
A schema describes the structure and organization of the data.
Source
The base the data is coming from.
SOCBot
Security Operations Center Bot
Task
Specific actions or operations to perform within a workflow.
Tokens
Unique, cryptographic strings or codes that are generated and used for authentication, authorization, or identification purposes.
Topic
Topics play a crucial role in categorizing and organizing information within a messaging system. They act as channels or labels that define the subject matter of the data being communicated.
Trigger
Action when a certain condition is met.
URL
A URL or Uniform Resource Locator, is a reference or address used to access resources on the internet. It is a string of characters that provides the means to locate and retrieve a specific resource.
UUID
A UUID (Universally Unique Identifier) is a standardized 128-bit code used to ensure that each piece of information or object is uniquely identified across various systems and environments.
Vault cluster
Is a secure, distributed system designed to store, manage, and protect sensitive information such as credentials, secrets, and encryption keys.
Webhook
A webhook is a mechanism that allows one system to send real-time data to another system as soon as an event occurs. It is a way for web applications or services to communicate with each other automatically.
Workflow
Is a structured series of steps or tasks that are executed in a specific order to achieve a particular outcome or process.
XML
eXtensible Markup Language, is a flexible, text-based format used for structuring, storing, and transporting data. Tags are enclosed in angle brackets and come in pairs: an opening tag <tag> and a closing tag </tag>. Data is organized hierarchically in a tree-like structure, where elements can contain other elements or text.