The glossary.
Concepts, tools, terms.
Short, clear definitions for everything we work with — from AI agents to zero-trust. Three to five minutes per entry, no marketing fluff.
AI & agents
10 entries
Agent Swarms.
Multiple specialised agents working on a task in parallel — orchestrated, not one generalist.
AI Agents.
Software systems that — based on a language model — plan, execute and verify tasks within clearly defined boundaries.
Digital Phenotyping.
Behaviour data as a health signal — and why "privacy first" isn’t a platitude here.
Edge AI.
AI at the edge of the network — manufacturing, vehicles, signage. Where the cloud is too far away.
Fine-Tuning.
When fine-tuning is worth it, when RAG is enough and when neither — a decision guide.
LLM — Large Language Model.
The foundation of modern AI products: Claude, GPT, Gemini. How we use them in the product.
MCP — Model Context Protocol.
The open standard for agent integrations. USB-C for AI — and why it radically simplifies integrations.
On-Device AI.
AI that never leaves the device. Privacy, offline capability, latency — and why that can matter categorically.
Prompt Engineering.
Prompts are specs. What works and why evaluations are part of it.
RAG — Retrieval-Augmented Generation.
Language model plus your own knowledge sources — and why quality hinges on preparation, not on the model.
Frontend & UI
9 entries
Accessibility (WCAG, BFSG).
Accessibility is mandatory from 2025 (BFSG). What WCAG 2.2 AA means in practice — and how we make sure of it in the build.
Design System.
Tokens, components, patterns. How a maintained system makes design and code speak the same language.
Figma.
Where designs are made — and how we hand them cleanly to code. Variables, auto-layout, branching.
GraphQL.
One query, exactly the data you need. When GraphQL really beats REST — and when it doesn't.
Next.js.
React, connected to reality. SSR, routing, streaming — when it carries weight and when it overdoes things.
Progressive Web App (PWA).
A web app that feels native. Installable, offline-capable, fast — where PWAs are enough instead of going native.
React.
The UI library behind the web we build. Components, state, hooks — and why this is the lingua franca of modern products.
Tailwind CSS.
Utility-first. Why it lets consistent design systems emerge faster — and where the approach runs out.
WebGL & Three.js.
GPU in the browser. For AR filters, product configurators, data visualisations — where 2D isn't enough.
Mobile
4 entries
Cross-Platform.
One idea, many devices. When it’s strategically right — and what that means for AI products.
Expo.
React Native, but with tools. SDK, EAS Build, over-the-air updates.
React Native.
One codebase, two platforms. When React Native is the right call — and when it isn’t.
TypeScript.
JavaScript with a contract. Why it’s standard in professional product development today, not an option.
Backend & data
5 entries
API / REST.
An API is a product. Why versioning, validation and error semantics matter more than the style choice.
Backend development.
The layer that carries it. What the backend additionally takes on in AI products — and our stack for it.
Database & vector store.
Structured, unstructured, semantic. When PostgreSQL, when pgvector, when Pinecone.
Machine Learning.
Models that learn from data. What actually lands in the product — and what LLMs have replaced.
Python.
The lingua franca of AI. Where we use Python — and where we deliberately mix other languages in.
DevOps & infra
9 entries
CI/CD.
Continuous Integration / Continuous Delivery. Every push is built, tested, deployed — the prerequisite for shipping fast.
Cloud (AWS, Azure, GCP).
Which cloud for which purpose. EU data residency, vendor lock-in, cost — and why the question is rarely a technical one.
Docker.
Containers as standard packaging. Why "works on my machine" is no longer an argument.
Edge Computing.
Running logic close to the user. Cloudflare Workers, Vercel Edge, Fastly — latency over vendor.
Infrastructure as Code.
Terraform, Pulumi & co. Infrastructure as versioned code — reproducible, reviewable, reversible.
Kubernetes.
Container orchestration in production. When K8s is the right tool — and when it is too big.
Microservices vs. Monolith.
When a monolith is enough, when you split. Conway's Law, team topologies — and why the answer isn't "microservices".
Observability.
Metrics, logs, traces. What a system actually does — not what it should do. Tools: OpenTelemetry, Grafana, Datadog.
Serverless.
Lambda, Cloud Run, Vercel Functions. When pay-per-request is cheaper than a server — and when it isn't.
Data & analytics
6 entries
A/B tests & Experimentation.
Testing hypotheses cleanly — statistics, sample sizes, lessons. Tools: GrowthBook, Statsig, Optimizely.
Data Mesh.
Data as a product, organised by domain. Why this is more of an org question than a tech one.
Data Warehouse / Lakehouse.
Snowflake, BigQuery, Databricks. Where structured analysis happens — and where the lakehouse merges both worlds.
ETL & Data Pipelines.
Extract, transform, load. How data moves between systems — and why this is the underrated half of every data project.
Event Tracking & CDP.
Customer Data Platform: Segment, RudderStack. Clean event schemas beat any later clean-up.
Product Analytics.
Mixpanel, PostHog, Amplitude. How we measure behaviour — and which events actually tell you something.
Project management
9 entries
Agile.
Ship incrementally, learn early. What Agile is — and what is just Scrum theatre. We use it selectively.
Continuous Discovery.
Weekly customer contact, opportunity-solution tree. Teresa Torres' approach — and why discovery never ends.
Definition of Done.
"Done" is a contract, not a feeling. What is on our list — tests, docs, telemetry, accessibility.
Jobs-to-be-Done.
Users "hire" products for a job. Why this holds up in strategy and roadmap prioritisation.
Kanban.
Flow over sprint. When WIP limits and pull systems are more productive than fixed iterations.
OKRs.
Objectives & Key Results. How to write them so they change behaviour — and don't just fill slides.
Roadmap (Now/Next/Later).
Date-based roadmaps lie. Why Now/Next/Later is more honest — and how to structure it for stakeholder meetings.
Scrum.
Sprints, rituals, roles. Where Scrum helps — and where it slows things down because the product ticks differently.
Shape Up.
Six-week cycles, fixed time / variable scope. Basecamp's method for small, experienced teams — and where we use it.
Security & compliance
8 entries
EU AI Act.
Risk classes, transparency obligations, high-risk systems. What really applies from August 2026 — and what already does.
GDPR.
What data protection really means when building products — data minimisation, data processing agreements, third-country transfers.
JWT.
JSON Web Tokens — compact, signed tokens for auth. When they are useful, when they are overrated.
OAuth 2.0 & OIDC.
The standard for "log in with X". Flows, tokens, PKCE — and where home-grown auth gets dangerous.
OWASP Top 10.
The 10 most common web vulnerabilities — the required reading for anyone building web backends.
Penetration Testing.
External testers try to break in — before someone else does. What a pentest delivers, what it doesn't.
SOC 2 & ISO 27001.
The two big compliance frameworks. Where the difference lies — and which audit counts for which market.
Zero Trust.
"Never trust, always verify." How Zero Trust replaces the old castle-and-moat model.
Need depth, not just a definition?
The Insights hub has articles, whitepapers and field reports — with real numbers from real projects.