Glossary
The language of AI-native software development.
Plain-English definitions of the terms we use when we talk about how software gets built today — from delivery models and AI agents to the security and compliance acronyms that matter for production systems.
Terms
Defined, in plain English.
AI-only development
A delivery model in which AI agents do the building — writing the code, tests, and configuration — while senior engineers architect the system and review every line before it ships. The human effort moves up the stack to design and judgment rather than typing. It is how Kinisys builds software.
AI-assisted development
A traditional workflow in which human engineers still write most of the code by hand, using an AI assistant or copilot to speed up parts of the job. The pipeline and team structure stay the same; AI is a productivity boost layered on top, not the primary builder.
AI agent
A software program that uses a large language model to pursue a goal across multiple steps — reasoning, calling tools or APIs, and acting on the results — rather than answering a single prompt. In development, an agent can plan a task, write code, run tests, and iterate, all under human supervision and review.
Agent fleet
A coordinated group of AI agents working in parallel, often on different parts of the same project. Running a fleet lets several components be built or processed at once instead of in sequence, which is a key source of the throughput behind AI-only development.
Multi-tenant SaaS
A software-as-a-service architecture in which a single application instance serves many customers (tenants) while keeping each tenant's data isolated and secure. It lets a product scale to many organizations efficiently, with shared infrastructure but separated data and permissions.
RAG (Retrieval-Augmented Generation)
A technique that improves a language model's answers by first retrieving relevant documents or data from a knowledge source, then giving that context to the model to generate a grounded response. RAG reduces hallucination and lets a model answer using private or up-to-date information it was never trained on.
LLM (Large Language Model)
A type of AI model trained on vast amounts of text to predict and generate language. LLMs power chatbots, copilots, and AI agents, and can write code, summarize documents, answer questions, and follow instructions. Their output is fluent but not guaranteed correct, which is why review matters.
Vector database
A database designed to store and search data as numerical vectors (embeddings) that capture meaning, so it can find items by similarity rather than exact matches. Vector databases are a common building block for RAG and semantic search, letting applications retrieve the most relevant content for a query.
LangGraph
An open-source framework for building stateful, multi-step AI agent workflows as graphs, where each node is a step and the edges define how control flows between them. It helps developers orchestrate agents that loop, branch, and call tools reliably, with clear control over the agent's path.
CI/CD
Continuous Integration and Continuous Delivery/Deployment — an automated pipeline that builds, tests, and ships code every time a change is made. CI/CD catches regressions early and makes releases routine and repeatable, and is where automated tests and security scans run on each commit.
SAST
Static Application Security Testing — automated analysis of source code, without running it, to find security vulnerabilities and risky patterns such as injection flaws or unsafe data handling. Running SAST in the CI/CD pipeline flags many security problems on every commit, before code reaches production.
SOC 2
A widely recognized security and compliance framework that evaluates how an organization protects customer data across criteria such as security, availability, and confidentiality. A SOC 2 report is produced by an independent auditor and is often requested by enterprise buyers to verify a vendor's controls.
BAA (Business Associate Agreement)
A contract required under U.S. HIPAA rules between a healthcare organization and a vendor that handles protected health information (PHI). It defines how the vendor must safeguard that data and its responsibilities if a breach occurs, and is a prerequisite for building healthcare software that touches patient data.
MVP
Minimum Viable Product — the smallest version of a product that delivers real value and can be put in front of users to learn what works. An MVP focuses scope on the core problem so a team can launch quickly, gather feedback, and iterate rather than over-building before validating the idea.
Got a project in mind?
Tell us what you want to build, your rough timeline, and any budget range. We reply within one business day.
Book a free consultation