A
Alert A user-facing notification about a finding that needs attention. Alerts are generated automatically from drift findings, vulnerabilities, cost anomalies, and compliance failures. They can be delivered to Slack, email, or a custom webhook. Anomaly A cost spike that exceeds the expected range based on recent historical spend patterns. InfraAudit uses statistical analysis of your billing history to establish expected ranges and flags deviations automatically. Assessment A single run of a compliance framework against your connected resources. An assessment produces an overall score and control-level results showing which controls pass, fail, or are not applicable.B
Baseline A saved snapshot of a resource’s configuration at a specific point in time. Drift detection compares live resource state against baselines to identify configuration changes.C
Control A single rule within a compliance framework — for example, “S3 buckets must have server-side encryption enabled.” Each control maps to one or more resource types and has a pass/fail status in an assessment. CVE Common Vulnerabilities and Exposures. A public identifier for a known security vulnerability in software or firmware. InfraAudit surfaces CVEs discovered by Trivy during vulnerability scans. CVSS Common Vulnerability Scoring System. A numeric score from 0 to 10 that quantifies the severity of a CVE. Scores above 9.0 are critical, 7.0–8.9 are high, 4.0–6.9 are medium, and below 4.0 are low.D
Drift A detected difference between a resource’s current configuration and its recorded baseline. A drift finding includes the field that changed, its previous value, and its current value.F
Finding A single detected issue — a drift, vulnerability, compliance control failure, or cost anomaly. Each finding has a severity, an associated resource, and one or more recommendations. Framework See Compliance framework. Compliance framework A structured set of security and operational controls that your infrastructure is evaluated against. Examples: CIS Benchmarks, SOC 2, NIST SP 800-53, PCI-DSS, HIPAA.I
IaC Infrastructure as Code. Configuration files (Terraform, CloudFormation, Kubernetes manifests) that declare the desired state of infrastructure. InfraAudit can compare live resource state against IaC files to surface IaC drift. IaC drift The difference between what your IaC files declare and what is actually deployed in your cloud account. IaC drift can indicate uncommitted manual changes or configuration management gaps.J
Job A scheduled background task. InfraAudit runs five types of jobs automatically: resource sync, drift detection, vulnerability scan, cost sync, and compliance assessment. Job execution A single run of a job, recorded with its start time, end time, status (success, failed, timeout), and log output.P
Provider A connected cloud account. Each provider has a type (aws, gcp, azure, or kubernetes) and stores encrypted credentials. You can connect multiple providers of the same type (e.g., multiple AWS accounts).
R
Recommendation An AI-generated or rule-based suggestion for resolving a finding or improving cost efficiency, security, or performance. AI recommendations require a Gemini API key; rule-based recommendations are available offline. Remediation A proposed or applied fix to a finding. Remediations follow a lifecycle: suggest → approve → execute, with an optional rollback window after execution. Resource A single cloud resource discovered by a provider sync — for example, an EC2 instance, an S3 bucket, or a Kubernetes deployment. Resources are the fundamental unit in InfraAudit’s inventory. Resource type The category of a cloud resource — for example,ec2_instance, s3_bucket, or rds_instance. InfraAudit uses resource types to apply provider-specific scanning logic and compliance rules.
S
Scan A generic term for any analysis job that InfraAudit runs: a drift detection scan, vulnerability scan, or compliance assessment. Severity A classification of a finding’s risk level:critical, high, medium, or low. Severity is used to prioritize remediation and filter alerts.