AuditWard security and QA glossary
Plain-language definitions of the security and QA terms behind AuditWard. Each entry explains what a term means, where it fits in a scan, and how AuditWard uses it in practice. Start with the term you need below.
Definitions in this glossary.
Vulnerability scanning
What a vulnerability scan checks for, how it differs from a manual test, and where AuditWard fits.
Read more →DAST (dynamic application security testing)
Testing a running app from the outside, the way an attacker would, instead of reading its source code.
Read more →Agentic QA
Using an AI agent to plan and run QA checks in a real browser rather than scripting every step by hand.
Read more →Penetration test vs vulnerability scan
How a manual pentest and an automated scan differ, and why AuditWard complements a pentest rather than replacing it.
Read more →Security headers
HTTP response headers like CSP and HSTS that harden a site, and what AuditWard flags when they are missing.
Read more →CVSS (common vulnerability scoring system)
The 0 to 10 scoring scale used to rank how serious a finding is, and how AuditWard reports it.
Read more →Glossary questions.
Who is this glossary for?
Anyone evaluating or running AuditWard who wants a clear definition of a security or QA term without wading through a standards document. The entries stay practical and tie each concept back to how a scan works.
Does knowing these terms change what AuditWard does?
No. AuditWard runs the same QA and security audit whether or not you know the jargon. The glossary is here so the findings, severity scores, and report read clearly when you open them.
Is this legal or compliance advice?
No. These definitions are educational. AuditWard helps you find and evidence security issues, but it does not certify you and is not a substitute for advice from a qualified auditor or assessor.