Commencer

Glossary

Plain-English definitions of the terms founders meet when building, securing and launching a product.

Security

IDOR (Insecure Direct Object Reference)An access-control flaw where changing an ID in a request lets a user read or edit records that belong to someone else.SSRF (Server-Side Request Forgery)A flaw where an attacker tricks your server into making requests to internal systems or cloud metadata it should never reach.SQL injection (SQLi)A flaw where untrusted input is mixed into a database query, letting an attacker read, change, or destroy your data.XSS (Cross-Site Scripting)A flaw where attacker-controlled script runs in another user's browser, letting it steal sessions or act as that user.CSRF (Cross-Site Request Forgery)An attack that tricks a logged-in user's browser into sending an unwanted state-changing request to your app.OWASP Top 10A widely used list of the ten most critical web application security risks, maintained by the OWASP foundation.Broken access controlWhen users can act outside their permissions, reaching data or actions that should be restricted to other roles or owners.CVSS (severity scoring)A standard 0-to-10 scoring system that rates how severe a security vulnerability is so you can prioritize fixes.SARIFA standard JSON format for security and static-analysis results so different tools and platforms can read the same findings.Penetration testing (pentest)A security assessment that actively tries to exploit your app the way a real attacker would, then reports what it found.

Building & launching

MVP (Minimum Viable Product)The smallest version of your product that delivers real value, built to test whether people actually want it.Landing pageA focused single page built around one offer and one action, designed to turn visitors into signups or customers.WaitlistA signup list that captures interested people before launch, giving you early demand signal and a warm audience to launch to.Vibe codingBuilding software by prompting an AI in natural language and accepting its output, often without reviewing the underlying code.

Research & growth

TAM, SAM, SOMThree nested estimates of market size: total demand, the slice you can serve, and the share you can realistically win.Product-market fitThe point where your product satisfies a real market demand strongly enough that growth and retention start to pull on their own.