Glossary T

T5 is a Google encoder-decoder transformer that reformulates all NLP tasks as text-to-text problems — both input and output are text strings regardless of task type. Pre-trained on the C4 corpus with a masked span denoising objective, T5 and its variants (T5-XXL, Flan-T5) are widely used for summarization, translation, and question answering. Flan-T5 adds instruction tuning across 1,800 tasks.

TDD is a development practice where tests are written before implementation code, following a red-green-refactor cycle. A failing test (red) defines the desired behavior, minimal code makes it pass (green), then the code is improved without breaking tests (refactor). TDD produces test coverage as a byproduct, encourages minimal and decoupled designs, and reduces debugging time.

A Trusted Execution Environment is a secure area of a processor that guarantees code and data loaded inside it are protected with respect to confidentiality and integrity. TEEs provide hardware-enforced isolation from the main operating system, hypervisor, and other applications. Examples include Intel TDX (Trust Domain Extensions), AMD SEV-SNP (Secure Encrypted Virtualization), and ARM TrustZone. TEEs are the hardware foundation for confidential computing.

Tekton is a Kubernetes-native CI/CD framework that defines pipeline components (Tasks, Pipelines, PipelineRuns) as Kubernetes custom resources. Running pipelines as Kubernetes workloads provides native scalability, RBAC integration, and cluster-native secret management. Tekton underpins Red Hat OpenShift Pipelines and is a CNCF incubating project for cloud-native CI/CD.

Temperature is a parameter that scales the logits before the softmax in language model sampling, controlling output randomness. A temperature of 1.0 uses the model's raw distribution; values below 1.0 make the distribution sharper (more deterministic), while values above 1.0 flatten it (more random). Temperature 0 approximates greedy decoding, while higher values increase creative diversity at the cost of coherence.

TensorRT is NVIDIA's SDK for high-performance deep learning inference, optimizing models for NVIDIA GPUs through layer fusion, precision calibration (INT8/FP16), and kernel auto-tuning. TensorRT-LLM extends these optimizations specifically for large language models with features like in-flight batching and paged KV caching. It enables significant throughput gains over standard PyTorch inference.

Terragrunt is a thin wrapper around Terraform that adds DRY (Don't Repeat Yourself) configurations, remote state management automation, and dependency management for large multi-environment Terraform codebases. It eliminates repetitive backend and provider configurations using `terragrunt.hcl` files and enables hierarchical variable inheritance. Terragrunt is widely used in organizations with complex multi-account, multi-region Terraform setups.

Terratest is a Go testing library for infrastructure code that deploys real infrastructure, validates its configuration, and tears it down after testing. It supports Terraform, Packer, Docker, and Kubernetes, enabling true integration testing of infrastructure modules. While Terratest tests are slow and incur cloud costs, they catch issues that static analysis cannot detect.

Test parallelization distributes a test suite across multiple concurrent workers to reduce total execution time. CI platforms support parallelism at the job level (running multiple jobs simultaneously) and at the test level (splitting test files across workers). Effective parallelization requires tests to be independent and idempotent, and relies on intelligent splitting to balance work across workers.

Text-to-image generation is the task of producing images from natural language descriptions using generative AI models. Diffusion models are the dominant architecture, guided by CLIP or language model encodings of the text prompt. Applications include creative design, advertising content, stock image generation, and synthetic training data production.

Cloud threat detection and response combines automated detection of suspicious activity across cloud services with defined response playbooks for investigation and remediation. Detection sources include cloud-native services (GuardDuty, Microsoft Defender, GCP SCC), SIEM correlation rules, and behavioral analytics. Automated response actions — isolating compromised instances, revoking credentials, or blocking suspicious IPs — reduce mean time to contain while maintaining audit trails for subsequent investigation.

Threat intelligence is evidence-based knowledge about existing or emerging threats — including tactics, techniques, procedures (TTPs), indicators of compromise (IOCs), and actor profiles — used to inform security decisions. It is consumed in machine-readable formats (STIX/TAXII) by SIEM and SOAR platforms to automate detection and response. Threat intelligence enables organizations to prioritize defenses against the threats most relevant to their industry and technology stack.

Threat modeling is a structured process for identifying, quantifying, and prioritizing threats to a system before building or changing it. Common frameworks include STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, DoS, Elevation of Privilege) and PASTA. Threat modeling outputs a list of potential attacks and mitigations that inform security requirements and architecture decisions.

Threat modeling is a structured process for identifying, quantifying, and addressing security threats to a system during the design phase. Common methodologies include STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) and PASTA. The output is a prioritized list of threats with mitigating controls, informing security requirements and architecture decisions before code is written.

Throughput is the amount of data successfully transferred in a given time period, measured in MB/s or GB/s for storage and Mbps/Gbps for networks. While latency measures the delay for a single request, throughput measures overall capacity for sustained data transfer. Throughput-optimized storage (AWS st1 EBS volumes) sacrifices IOPS consistency for sequential read/write performance in streaming workloads.

TLS is a cryptographic protocol that secures communications over computer networks. It encrypts data in transit between clients and servers, preventing eavesdropping, tampering, and message forgery. TLS is the protocol behind HTTPS and is essential for protecting sensitive data like login credentials, payment information, and API communications.

TOCTOU is a class of race condition vulnerability where the state of a resource changes between when it is checked (access control verification) and when it is used (the operation). An attacker who can control or predict the timing can swap a file or resource between the check and use phases to bypass security controls. TOCTOU vulnerabilities are common in file system operations, particularly in setuid programs and OS-level privilege checks.

In SRE, toil is manual, repetitive, automatable operational work that grows proportionally with service scale and provides no enduring value. Examples include manual deployments, resizing instances by hand, and responding to recurring alerts with the same remediation steps. Google SRE teams cap toil at 50% of work time, with the remainder spent on engineering that reduces future toil.

A token is the basic unit of text that a language model processes, produced by a tokenizer splitting raw text into subword units, words, or characters. Common English words are often single tokens, while rare words are split into multiple subwords. Token count determines compute cost and context window usage — the OpenAI GPT tokenizer averages approximately 4 characters or 0.75 words per token.

Tokenization replaces sensitive data values (credit card numbers, SSNs) with non-sensitive placeholders called tokens that map back to the original values in a secure token vault. Unlike encryption, tokens have no mathematical relationship to the original value, so breaching a tokenized system yields no usable data without the vault. PCI DSS scope can be dramatically reduced by tokenizing cardholder data.

A tokenizer converts raw text strings into sequences of token IDs that a language model can process, and converts model outputs back to human-readable text. Tokenization algorithms like BPE and SentencePiece learn subword vocabularies from training data. The tokenizer choice significantly affects model performance on languages with rich morphology and specialized domains like code or mathematics.

Tool use is the ability of language models to invoke external tools — such as web search, code execution, calculator, or database queries — to gather information or take actions beyond text generation. Models indicate tool calls through structured outputs (function calling), and results are fed back into the context. Tool use dramatically extends what AI agents can accomplish, enabling access to real-time data and computational capabilities.

Top-k sampling restricts token sampling to the k most probable tokens at each generation step, setting the probability of all other tokens to zero before re-normalizing and sampling. It prevents the model from selecting very low-probability tokens but is less adaptive than top-p (nucleus) sampling, which adjusts the candidate set size based on probability mass. Top-k and top-p are often used together.

Top-p (nucleus) sampling selects the smallest set of tokens whose cumulative probability exceeds p, then samples from this nucleus. Unlike top-k, the nucleus size adapts to the model's confidence — when the model is certain, few tokens dominate, and when uncertain, more tokens are included. A typical production value is p=0.9 or p=0.95, balancing diversity against incoherence.

TPUs are Google's custom-designed ASICs built specifically for accelerating neural network matrix computations. They are optimized for the systolic array operations common in transformer training and inference, offering high throughput for large batch matrix multiplications with high memory bandwidth. Google uses TPU pods to train Gemini and other frontier models, and TPUs are available via Google Cloud.

Distributed tracing tracks a request as it flows through multiple services, recording timing and metadata at each step as spans assembled into a trace. Each span captures the operation name, start time, duration, and tags; spans share a trace ID that links them into a complete picture. Tracing is essential for diagnosing latency issues in microservice architectures where a single user request may touch dozens of services.

Traffic splitting routes a defined percentage of user requests to different versions of a service, enabling A/B testing, canary deployments, and progressive rollouts. It is implemented at the load balancer, service mesh, or ingress layer. Traffic splitting allows teams to validate new versions under real production load while limiting exposure of potential issues to a small percentage of users.

The transformer is a neural network architecture introduced in "Attention Is All You Need" (Vaswani et al., 2017) that replaced recurrence with multi-head self-attention. Transformers process entire sequences in parallel, enabling efficient training on large datasets with GPU/TPU hardware. The architecture is the foundation of virtually all state-of-the-art language models (GPT, BERT, T5) and has expanded to vision, audio, and multimodal domains.

AWS Transit Gateway is a network transit hub that connects VPCs and on-premises networks through a central hub, eliminating the complexity of full-mesh VPC peering. From a security perspective, Transit Gateway enables centralized inspection of east-west traffic by routing all inter-VPC traffic through security VPCs hosting firewalls and IDS/IPS systems. Route table segmentation on the Transit Gateway enforces network separation between production, staging, and development environments.

A transpiler converts source code from one language or syntax version to another — for example, TypeScript to JavaScript or modern ESNext to ES5 for older browsers. Babel pioneered JavaScript transpilation; esbuild and SWC are faster modern alternatives. TypeScript's tsc is the canonical TypeScript transpiler. Transpilation enables developers to use modern language features while targeting broader runtime compatibility.

Triage is the initial assessment of a security alert or incident to determine its severity, scope, and required response urgency. Analysts evaluate whether an alert is a true positive, assign a severity rating, and route it to the appropriate responder or playbook. Effective triage processes prevent high-severity incidents from being buried under alert volume and are a critical first step in reducing MTTD.

Trivy is an open-source, all-in-one security scanner developed by Aqua Security that detects vulnerabilities, misconfigurations, secrets, and SBOM issues in container images, filesystems, Git repositories, and Kubernetes clusters. Its breadth of coverage (OS packages, language packages, IaC files, Dockerfiles) and ease of integration make it one of the most widely adopted open-source security scanning tools in CI/CD pipelines.

tRPC enables end-to-end type-safe APIs for TypeScript full-stack applications without schema or code generation. The server defines procedures and the client calls them with full TypeScript inference — any type change in the server is immediately surfaced as a type error in the client. tRPC is popular in the Next.js and T3 stack ecosystem for internal APIs where both ends are TypeScript.

Trunk-based development is a source control practice where all developers commit to a single shared branch (trunk/main) frequently — at least once per day. Short-lived feature branches (less than a day) are acceptable; long-lived branches are not. Combined with feature flags and CI, trunk-based development enables continuous integration and reduces merge conflicts. It is the branching strategy used by Google and other high-velocity engineering organizations.

Trunk-based development is a branching strategy where all developers commit to a single shared branch (the trunk or main) multiple times per day, using short-lived feature branches that live no longer than a few days. This eliminates painful long-lived branch merges and is a prerequisite for high-frequency deployment. Feature flags hide incomplete work from users while code is integrated continuously.

TTPs describe how threat actors operate at increasing levels of specificity: tactics (high-level goals like Initial Access), techniques (specific methods like Spearphishing), and procedures (exact tool usage and command sequences). The MITRE ATT&CK framework organizes known TTPs by threat actor group. Aligning defenses to TTPs makes security more resilient because adversaries change tools far more often than they change fundamental behaviors.

Text-to-speech (TTS) systems synthesize natural-sounding speech audio from text input using neural generative models. Modern TTS systems like ElevenLabs, OpenAI TTS, and Coqui XTTS produce human-quality voices with controllable prosody, emotion, and speaker identity. TTS is a key component of voice AI interfaces, accessibility tools, and multimedia content generation pipelines.

The Twelve-Factor App is a methodology for building software-as-a-service applications that are portable, scalable, and maintainable. The twelve factors cover topics like storing config in environment variables, treating backing services as attached resources, and running processes as stateless. Adherence to twelve-factor principles is strongly correlated with operability in containerized and cloud-native environments.

Typosquatting is a supply chain attack where malicious packages are published with names closely resembling popular legitimate packages, targeting developers who mistype package names. Attackers rely on common typos (e.g., `requets` instead of `requests`) to get their malicious code installed. Mitigations include using package name allowlists, installing packages with exact-match verification, and monitoring for newly registered packages similar to your dependencies.