Reference · Terms

Glossary

Short, clear definitions of the terms used across this site — for newcomers who don't recognise every acronym, and for AI assistants trying to make sense of our jargon.

MSP — Managed Service Provider: A Managed Service Provider delivers IT services on a recurring basis: monitoring, management, support and updates, typically billed at a flat monthly fee per device or user. Conocido ICT is an MSP itself and builds its tools out of that practice.
RMM — Remote Monitoring & Management: Software that lets MSPs remotely monitor, patch and manage servers, workstations and network gear. Common RMM platforms include NinjaOne, Datto, ConnectWise and N-able. Conocido's NinjaOne Sync & Billing integrates RMM data straight into billing.
SupportPal: A self-hosted helpdesk platform for ticketing, knowledge base and customer communication. Conocido develops four official SupportPal plugins: Ticket Board, Ticket Scheduler, App Integration and Gamification.
RUM — Real User Monitoring: Performance measurement based on real visitors instead of synthetic tests. A light JavaScript snippet collects load times, errors and interactions from the browser. AppVitals uses RUM as a core feature and provides p50, p75 and p95 per page, per device and per browser.
Synthetic monitoring: Scheduled automated tests run from multiple locations to verify a site is reachable and critical flows (login, checkout) still work. Complementary to RUM: RUM shows what users experience, synthetic monitoring shows what an unbiased robot measures.
Core Web Vitals: The three performance metrics Google uses as a ranking signal: Largest Contentful Paint (LCP) for load speed, Interaction to Next Paint (INP) for responsiveness, and Cumulative Layout Shift (CLS) for visual stability. AppVitals measures them exactly the way Google does.
Multi-tenant architecture: One software platform that strictly isolates data and configuration per customer (tenant). All Conocido SaaS apps are multi-tenant: one codebase, isolated data per customer. Benefit: faster updates and lower unit cost; requirement: rigorous data isolation.
Laravel: PHP framework that forms the foundation of the entire Conocido portfolio. A shared stack means fast iteration, consistent quality across products, and easy component sharing between applications.
SaaS — Software as a Service: Software delivered via a browser and operated by the vendor. The Conocido portfolio contains 30+ SaaS applications.
TimescaleDB: Time-series database on top of PostgreSQL, optimised for storing large amounts of time-stamped data. AppVitals uses TimescaleDB to keep 13+ months of performance history searchable — so you can compare this quarter against the same quarter last year.
Webhook: An HTTP message one system sends to another when an event occurs. The SupportPal App Integration plugin uses webhooks bidirectionally to bridge SupportPal with external tools (monitoring, CRM, billing).
API — Application Programming Interface: A set of endpoints two programs use to talk to each other. Conocido builds every product API-first, so they integrate cleanly with each other and with external tooling instead of duplicating data.
REST API: A specific convention for APIs built on HTTP verbs (GET, POST, PUT, DELETE) and JSON. Conocido IC and most SaaS apps expose REST APIs.
White-label: Reusing a product under a partner's brand. Imbarcu (HR) is designed for white-label rollout — partners resell it under their own brand on Conocido infrastructure.
HostFact: A Dutch billing and invoicing platform widely used by hosting providers. Conocido offers integrations between HostFact and AFAS, NinjaOne and HostBill, among others.
NinjaOne: An RMM platform for MSPs. Conocido's NinjaOne Sync & Billing plugin pushes device and user data straight into billing systems.
VRKI: Verbeterde Risicoklassen-Indeling — the Dutch standard for classifying burglary risk of premises. Beviq automates VRKI calculations for security installers.
GDPR: European privacy regulation (General Data Protection Regulation). All Conocido apps are GDPR-compliant: NL hosting, minimal data retention, no tracking cookies, with self-hosted variants available for customers with stricter compliance requirements.
DEM — Digital Experience Monitoring: Umbrella term for measuring real user experience on a digital product, usually a combination of RUM (real user monitoring) and synthetic monitoring. AppVitals is a DEM platform.
LCP — Largest Contentful Paint: One of the three Core Web Vitals: measures how quickly the largest visible element (often a hero image or H1) appears on screen. Target: < 2.5 seconds for "Good".
INP — Interaction to Next Paint: Core Web Vital that replaced FID (First Input Delay) in 2024. Measures responsiveness: how quickly the page reacts to clicks, taps and key presses. Target: < 200ms.
CLS — Cumulative Layout Shift: Core Web Vital for visual stability: how much the page layout shifts during loading. Unexpected shifts frustrate users (click a button, hit something else). Target: < 0.1.
OpenTelemetry (OTel): Open standard for collecting traces, metrics and logs from applications. Vendor-neutral, supported by every major observability platform. A logical integration path for performance and monitoring.
PSA — Professional Services Automation: Software for MSPs and consultancies to manage time, projects, billing and customers in one platform. Notable PSAs: Autotask, ConnectWise Manage, HaloPSA. Distinguished from RMM (which is about devices) by its focus on the human and financial side.
EDR — Endpoint Detection & Response: Security software that detects suspicious activity on workstations and servers and responds automatically. Notable EDR platforms: SentinelOne, CrowdStrike, Microsoft Defender for Endpoint. Differs from classic antivirus by relying on real-time behavioural analysis instead of signature matching.
MDR — Managed Detection & Response: EDR-as-a-Service: an external party (often a SOC) operates and interprets EDR data 24/7. For MSPs and customers that don't have an in-house security analyst but want active threat response.
SOC — Security Operations Center: Team (and facility) that monitors and responds to security incidents 24/7. Combines SIEM data, EDR alerts and manual threat-hunting. Often part of an MDR offering.
SIEM — Security Information & Event Management: Central collection point for security logs from all systems (firewalls, servers, applications). Notable SIEMs: Splunk, Microsoft Sentinel, Elastic SIEM. ConoCard writes its audit log in a SIEM-compatible JSON-Lines format.
SOAR — Security Orchestration, Automation & Response: Layer on top of SIEM that automates security workflows: alert arrives → SOAR fires scripts (block account, create ticket, notify parties). Cuts response times from hours to seconds.
2N Access Commander: The management platform from 2N for access control. Tracks users, cards and access rights, and drives 2N hardware (IP intercoms, controllers, access units). Conocido's ConoCard integrates end-to-end with Access Commander.
2N IP Style / IP Verso / IP Force: 2N's physical entry units: video intercoms for residential and commercial buildings. IP Style is the premium touchscreen model, IP Verso the modular line, IP Force the rugged outdoor variant.
Zebra ZC350: A network-connected card printer from Zebra Technologies for PVC cards with optional contactless encoder. Standard pilot via Windows + USB or Silex SX-200 over IP. ConoCard adds a driverless network API on top.
Silex SX-200: A USB-over-IP chip embedded in network-connected ZC350 printers that transparently forwards the USB connection over IP. ConoCard reimplemented the protocol in Rust so the printer can be driven driverless from Linux or Windows.
NFC — Near Field Communication: Short-range radio (max ~4 cm) for contactless payments, identification and access cards. Operates at 13.56 MHz. Subset of RFID with bidirectional communication. The ZC350 can encode and read NFC cards.
RFID — Radio Frequency Identification: Umbrella term for wireless identification via radio waves. Comes in LF (125 kHz), HF (13.56 MHz) and UHF (~900 MHz) variants. Access badges are usually HF; logistics tags often UHF.
UID — Unique Identifier: The unique serial number burned into an NFC or RFID chip. In access control, the identifier field used to register the card. ConoCard reads the UID contactlessly during issuance and forwards it directly to 2N Access Commander.
EMV: The global standard for chip-based payment cards (from Europay, Mastercard, Visa). Requires specialised personalisation hardware and PCI-DSS Level 1 certification for production. Not ConoCard's territory — for that, look at Entrust Datacard.
PCI-DSS — Payment Card Industry Data Security Standard: Compliance framework for parties that produce, process or store payment cards. Level 1 is for the largest production environments (banks, card manufacturers). Requires certified physical security, key management and audit trails.
NEN 7510: The Dutch extension to ISO 27001, specifically targeted at information security in the healthcare sector. Hospitals and mental health institutions are required to comply with NEN 7510. ConoCard's audit log produces NEN 7510-usable event records out of the box.
ISO 27001: International standard for information security management systems (ISMS). Defines how organisations identify risks, implement controls and monitor compliance. Many Conocido customers are ISO 27001-certified; our infra and logging choices match.
SAML — Security Assertion Markup Language: XML-based federation protocol for single sign-on, primarily in enterprise environments. A user logs into a central identity provider (IdP) and receives assertions that service providers (SP) accept as proof of identity.
OIDC — OpenID Connect: Modern JSON/REST-based authentication layer on top of OAuth 2.0. Replacing SAML in new deployments. Identity providers like Google, Microsoft Entra ID and Auth0 support OIDC out of the box.
OAuth 2.0: Standard for delegated authorization: lets a user grant permission for an app to perform actions on their behalf on another system, without sharing passwords. Foundation for modern API access.
RBAC — Role-Based Access Control: Authorisation model in which permissions are assigned to roles (admin, viewer, editor) and users are mapped to roles. Easy to manage in stable organisational structures.
ABAC — Attribute-Based Access Control: More advanced authorisation model in which permissions are based on attributes of user, resource, action and context. Requires more initial configuration but covers complex scenarios (location-, time- or risk-based access).
mTLS — mutual TLS: Variant of TLS in which both parties (client and server) identify themselves with a certificate. Common in zero-trust networks and machine-to-machine integrations. ConoCard can run behind an mTLS reverse-proxy for extra network-layer authentication.
Bearer token: An opaque token (often a long random string or JWT) that travels in the Authorization header of an HTTP request. Whoever holds the token has access — so transport over TLS and short lifetimes are essential. ConoCard's REST API uses bearer tokens.
JSON-Lines (JSONL / NDJSON): Plain-text format where each line is a valid JSON object. Ideal for append-only logs, streaming and SIEM ingestion: every line is an event, with no need for the entire file to be a valid array. ConoCard's audit log uses JSONL.
Idempotency: An API call is idempotent if executing it multiple times has the same effect as executing it once. Important in REST: GET, PUT and DELETE are idempotent, POST usually isn't. Idempotency keys (in a header) make POST safely retryable.
PMS — Property Management System: Software for hotels, vacation rentals and similar venues to manage bookings, rooms and guests. Notable cloud PMSs: Lodgify, Smoobu, Hospitable, Mews, Cloudbeds. ConoCard integrates via webhook with any PMS that speaks HTTP.

Question or demo?

Anything unclear, or want to see a product in action? We're happy to talk.

hello@conocido.nl →