Glossary R

RabbitMQ is an open-source message broker implementing the AMQP protocol that provides flexible routing through exchanges and queues. It supports patterns like direct routing, topic-based routing, fan-out, and headers-based routing. RabbitMQ excels at complex routing scenarios and low-latency task queues, while Kafka is preferred for high-throughput event streaming.

A race condition vulnerability occurs when the security of an operation depends on the timing or ordering of events that are not properly synchronized. In security contexts, race conditions can be exploited to bypass authentication checks, corrupt shared state, or gain unauthorized access by winning a timing window between a check and use. The TOCTOU (Time-of-Check Time-of-Use) pattern is the most common security-relevant race condition.

RAG is an architecture that enhances language model responses by retrieving relevant documents from an external knowledge base and including them in the prompt context at inference time. It combines the parametric knowledge of LLMs with the up-to-date, domain-specific knowledge stored in vector databases or search indexes. RAG reduces hallucinations, improves factuality, and enables knowledge base updates without retraining.

RASP embeds security controls directly into an application's runtime environment, intercepting calls to detect and block attacks in real time without requiring external network devices. When an attack is detected, RASP can terminate the session or alert security teams while the app continues running. It provides a last line of defense when perimeter controls fail.

Rate limiting controls the number of requests a client can make to an API within a defined time window, protecting services from overload and abuse. Common algorithms include token bucket (smooth bursts), sliding window, and fixed window counting. Rate limiting is typically enforced at the API gateway layer and communicates limits via HTTP 429 responses and rate limit headers.

RBAC restricts system access based on roles assigned to users within an organization. Instead of assigning permissions directly to individuals, permissions are grouped into roles (e.g., admin, editor, viewer) and users are assigned appropriate roles. This simplifies permission management and enforces the principle of least privilege.

RCA is a post-incident investigation process that identifies the fundamental reason(s) why a security incident or outage occurred. Techniques like the five whys, fishbone diagrams, and fault tree analysis are used to trace symptoms back to systemic causes. RCA outputs include corrective actions that address root causes rather than just symptoms, preventing recurrence.

RCE is a critical vulnerability class that allows an attacker to execute arbitrary code on a target system from a remote location. It can result from exploiting deserialization flaws, injection vulnerabilities, memory corruption bugs, or server-side template injection. RCE vulnerabilities receive the highest CVSS severity scores and demand immediate patching because they provide complete system compromise.

Amazon RDS is AWS's managed relational database service supporting MySQL, PostgreSQL, MariaDB, Oracle, and SQL Server engines. RDS handles provisioning, patching, backups, Multi-AZ replication, and read replica creation. While Amazon Aurora (also an RDS engine) uses a cloud-native storage architecture, standard RDS engine options are closer to self-managed databases with automation on top.

ReAct is a prompting framework that interleaves reasoning steps ("thoughts") with action calls (tool invocations) in a language model's output, creating a thought-action-observation loop. By reasoning before each action and incorporating tool results, ReAct agents produce more grounded, coherent multi-step behavior. ReAct is foundational to the design of modern AI agent frameworks.

Recall is the fraction of all relevant items that are successfully retrieved or predicted, calculated as true positives divided by all actual positives. High recall means the model misses few relevant items, though potentially at the cost of including irrelevant ones. In RAG systems, retrieval recall is critical — missing a relevant document means the model cannot use its information.

Red teaming is the practice of systematically probing an AI model for harmful behaviors, safety failures, and policy violations by adopting an adversarial mindset. Red teamers craft prompts designed to elicit jailbreaks, prompt injections, biased outputs, and harmful content. Red teaming outputs inform model fine-tuning, content filter improvements, and deployment policy decisions.

Redis is an open-source, in-memory data store used as a cache, message broker, session store, and real-time database. It supports rich data structures (strings, hashes, lists, sorted sets, streams) and provides sub-millisecond latency for read and write operations. Redis Cluster provides horizontal scaling, while Redis Sentinel offers high availability through automatic failover.

A cloud region is a geographic area containing one or more data center clusters (availability zones) operated by a cloud provider. Each region is isolated from others, with data not automatically replicated across regions. Region selection affects latency for end users, data residency compliance, service availability (not all services are available in all regions), and pricing.

A registry mirror is a local or regional cache of a container registry that reduces pull latency and prevents rate limiting from public registries (like Docker Hub). Organizations configure their container runtimes to pull from an internal mirror that proxies and caches images. Mirrors improve build reliability in CI environments and reduce egress costs from cloud environments.

Release automation uses tools and pipelines to execute the release process — versioning, changelog generation, artifact publication, and deployment — without manual intervention. It reduces human error, ensures consistency, and enables faster release cadences. Semantic Release, GoReleaser, and release-please are popular tools that automate the end-to-end software release workflow.

A release train is a scheduled, time-boxed release cadence where code that is ready by a cutoff time is included in the next release, and code that misses the train waits for the following one. This model decouples feature readiness from release scheduling and is common in large organizations where multiple teams contribute to shared platforms. The SAFe framework codifies this as the Program Increment (PI).

Remote state stores Terraform's state file in a shared backend (S3, GCS, Terraform Cloud) rather than on a local filesystem. This enables team collaboration, state locking to prevent concurrent modifications, and state sharing between Terraform configurations. Remote state is essential for any team-based Terraform workflow and prevents the 'state file on a laptop' anti-pattern.

Renovate is an open-source automated dependency update tool that creates pull requests to keep software dependencies up to date. It supports 60+ package managers, allows fine-grained configuration of update policies (grouped updates, automerge rules, schedule windows), and integrates with GitHub, GitLab, and Azure DevOps. Keeping dependencies current is a critical practice for managing vulnerability exposure from known CVEs.

A REPL is an interactive programming environment that reads a single expression, evaluates it, prints the result, and loops back for more input. REPLs accelerate development by enabling exploratory coding, debugging, and learning without a full compile-run cycle. Node.js, Python, Clojure, and Haskell all provide REPLs. Jupyter notebooks extend the REPL concept to shareable, mixed-media computational documents.

Replication copies data from a primary database to one or more replicas, providing high availability and read scalability. Synchronous replication guarantees no data loss but adds write latency; asynchronous replication is faster but allows replicas to lag. Logical replication (row-level changes) and physical replication (WAL streaming) are the two main modes in PostgreSQL.

A reproducible build is a build process that always produces byte-for-byte identical output from the same source code, build environment, and inputs. This property allows independent verification that a distributed binary was built from the published source code without tampering. Reproducible builds are a key supply chain integrity control that can detect compromised build systems inserting malicious code during compilation.

Reranking is a two-stage retrieval technique where an initial set of candidate documents is retrieved cheaply (by vector similarity or BM25) and then scored by a more accurate but expensive cross-encoder model to identify the most relevant passages. Cross-encoders jointly encode the query and document, capturing fine-grained relevance signals missed by bi-encoder models. Reranking significantly improves RAG retrieval quality.

Resource-based policies attach directly to AWS resources (S3 buckets, KMS keys, Lambda functions, SQS queues) and define which principals from any account can access the resource and what actions they may perform. Unlike identity-based policies that grant permissions to identities, resource policies control access from the resource side, enabling cross-account access without IAM role assumption. Misconfigured resource policies are a frequent cause of data exposure in cloud environments.

Responsible disclosure is the practice where security researchers report vulnerabilities directly to affected vendors before public release, allowing a remediation window typically of 90 days. The vendor patches the vulnerability and notifies affected users before or coordinated with the researcher's public disclosure. This practice balances the public's right to know with giving vendors time to protect users, and is formalized in programs by major vendors and coordinated by organizations like CERT/CC.

REST is an architectural style for designing web APIs based on HTTP methods (GET, POST, PUT, DELETE) and resource-oriented URLs. RESTful APIs are stateless, cacheable, and use standard HTTP status codes. REST's simplicity and broad tooling support make it the dominant pattern for public APIs, though gRPC and GraphQL are gaining adoption for specific use cases.

A reward model is a neural network trained to score language model outputs according to human preferences, serving as a proxy for human feedback in reinforcement learning from human feedback. Human annotators rank model outputs, and the reward model learns to predict these rankings. During RLHF, the language model is fine-tuned using PPO to maximize reward model scores while staying close to the original policy.

RLHF is a training methodology that uses human preference judgments to align language model behavior with human values. Human annotators compare model outputs and rank them, training a reward model on these preferences. The language model is then fine-tuned with PPO to maximize the reward model's score. RLHF was key to creating ChatGPT-style helpful, harmless, and honest assistants.

A rollback is the process of reverting a system to a previously known-good state after a failed deployment or incident. Effective rollback strategies include deploying a previous container image version, reverting a Git commit, or switching traffic back to a stable deployment in a blue-green setup. Fast rollback capability directly reduces MTTR and enables higher deployment frequency.

ROUGE is a set of automatic metrics for evaluating text summarization and translation quality by measuring n-gram overlap between generated text and human references. ROUGE-N measures n-gram recall, ROUGE-L measures the longest common subsequence, and ROUGE-S measures skip-bigram overlap. Like BLEU, ROUGE correlates poorly with human judgment on abstractive generation tasks.

A route table is a set of rules (routes) that determine where network traffic is directed within a VPC. Each subnet is associated with one route table that defines how traffic destined for specific CIDR ranges should be forwarded — to an internet gateway, NAT gateway, VPC peering connection, or local network. Proper route table configuration is fundamental to VPC network design.

RPO defines the maximum acceptable amount of data loss, expressed as a time window, in the event of a disaster. An RPO of 1 hour means the business can tolerate losing up to 1 hour of transactions. RPO drives backup frequency, replication lag tolerance, and the choice between asynchronous replication (potentially higher RPO) and synchronous replication (near-zero RPO at higher cost).

RTO is the maximum acceptable duration of a service outage after a disaster before business operations are critically impacted. A 4-hour RTO allows up to 4 hours to restore service. RTO drives architectural choices: active-active multi-region achieves RTO near zero, warm standby enables RTO in minutes, and cold standby may require hours. Lower RTO targets require proportionally more investment.

A runbook is a documented series of procedures for routine operational tasks, often used in both IT operations and security incident response. In security contexts, runbooks detail specific tool commands, escalation paths, and communication templates for known incident types. Unlike a playbook (which is strategic), a runbook is tactical and step-by-step — often automated in SOAR platforms.

Runtime security monitors applications and infrastructure while they are actively executing, detecting anomalous behavior that static analysis cannot predict. Techniques include system call monitoring, process genealogy analysis, file integrity monitoring, and network traffic analysis. Runtime security tools like Falco and commercial EDR solutions provide detection and response capabilities for live production environments.

Runtime threat detection monitors live workload behavior to identify indicators of compromise that evade static analysis, such as post-exploitation activity, fileless attacks, and novel malware. It correlates system calls, network connections, process trees, and file access patterns against threat intelligence and behavioral baselines. Cloud-native runtime threat detection tools (Falco, GuardDuty, Defender for Containers) provide coverage for containerized and serverless workloads where traditional endpoint agents cannot be deployed.