Glossary W

A WAF monitors, filters, and blocks HTTP traffic between the internet and web applications. It protects against common attacks like SQL injection, XSS, and file inclusion by inspecting requests against a set of rules. WAFs can operate at the network edge (cloud WAF) or as a reverse proxy in front of application servers.

WAF custom rules allow organizations to define specific allow, block, or rate-limit actions for HTTP requests based on conditions including IP addresses, geographic origin, headers, URI patterns, query string parameters, and request body content. Custom rules supplement managed rule groups to protect application-specific attack surfaces that generic rules cannot anticipate. Rule testing with count mode before enforcement mode prevents accidental blocking of legitimate traffic.

A WAL is a durability mechanism where database changes are written to a sequential log before being applied to data files. On crash recovery, the database replays unfinished WAL entries to restore a consistent state. WAL also enables streaming replication and CDC by allowing replicas and consumers to read the change stream. PostgreSQL's WAL is the foundation of its replication and logical decoding capabilities.

Warm standby is a disaster recovery configuration where a secondary environment is kept running at reduced capacity and synchronized with the primary but does not serve production traffic. When the primary fails, the standby scales up and traffic is redirected. Warm standby provides faster RTO than cold standby (which must be provisioned from scratch) at higher cost than active-active architectures.

Web Components is a suite of native browser APIs — Custom Elements, Shadow DOM, and HTML Templates — that allow developers to create reusable, encapsulated UI components without any framework. Custom elements define new HTML tags with their own behavior; Shadow DOM provides CSS and DOM encapsulation. Web Components work in any framework or no framework, making them ideal for design systems that serve multiple tech stacks.

WebAssembly (Wasm) is a binary instruction format and execution environment that runs at near-native speed in browsers and server-side runtimes. It allows code written in C, C++, Rust, and other languages to run safely in a sandboxed environment alongside JavaScript. Wasm is increasingly used for compute-intensive browser applications, plugin systems, and serverless edge functions via the WASI standard.

A webhook is a user-defined HTTP callback that delivers real-time notifications from one system to another when an event occurs. Rather than polling an API repeatedly, the event source sends an HTTP POST to a registered URL when the event fires. Webhooks are fundamental to integrating third-party services in event-driven systems and are ubiquitous in developer platforms like GitHub, Stripe, and Twilio.

WebSocket is a full-duplex communication protocol over a single TCP connection, enabling servers to push data to clients without polling. The connection is established via an HTTP upgrade handshake and then maintained for bidirectional, low-latency messaging. WebSockets are used in real-time applications like chat, live dashboards, collaborative editing, and multiplayer games.

Whisper is OpenAI's open-source automatic speech recognition model trained on 680,000 hours of multilingual and multitask supervised audio data. It uses a transformer encoder-decoder architecture and achieves near-human performance on English and strong multilingual transcription and translation. Whisper is widely deployed in transcription tools, voice assistants, and media accessibility pipelines.

A workflow engine orchestrates complex, multi-step business processes with support for conditional branching, parallel execution, error handling, retries, and human approvals. Cloud-native workflow engines include AWS Step Functions, Google Cloud Workflows, and Azure Logic Apps. Open-source alternatives like Apache Airflow and Temporal are popular for data engineering and microservice coordination.

Workload identity provides cloud-native mechanisms for workloads (pods, VMs, functions) to authenticate to cloud services using their platform-assigned identity rather than long-lived credentials. GCP Workload Identity Federation allows Kubernetes pods to impersonate GCP service accounts via OIDC token exchange. Workload identity eliminates the most common cloud credential management anti-pattern of storing service account keys as Kubernetes secrets or environment variables.