From b088a57dd06147e753d7d234fd00216216ba5859 Mon Sep 17 00:00:00 2001
From: Kris Nova <kris@nivenly.com>
Date: Sun, 26 Jan 2020 21:22:19 +0100
Subject: [PATCH] Adding Glossary

 - Adding section to define language used in the project

Signed-off-by: Kris Nova <kris@nivenly.com>
---
 brand/README.md | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/brand/README.md b/brand/README.md
index 8d935e5b..811963d2 100644
--- a/brand/README.md
+++ b/brand/README.md
@@ -108,3 +108,35 @@ Falco however alerts when unusual behavior occurs.
 This is commonly referred to as **detection** or **forensics**.
 
 
+---
+
+# Glossary 
+
+#### Probe
+
+Used to describe the `.o` object that would be dynamically loaded into the kernel as a secure and stable (e)BPF probe. 
+This is one option used to pass kernel events up to userspace for Falco to consume.
+Sometimes this word is incorrectly used to refer to a `module`.
+
+#### Module
+
+Used to describe the `.ko` object that would be loaded into the kernel as a potentially risky kernel module.
+This is one option used to pass kernel events up to userspace for Falco to consume.
+Sometimes this word is incorrectly used to refer to a `probe`.
+
+#### Driver (deprecated)
+
+An older, more generalized term for a `module` or `probe`. We discourage the use of this word as a project.
+
+#### Falco
+
+The name of the project, and also the name of [the main engine](https://github.com/falcosecurity/falco) that the rest of the project is built on.
+
+#### Sysdig, Inc
+
+The name of the company that originally created The Falco Project, and later donated to the CNCF.
+
+#### sysdig 
+
+A [CLI tool](https://github.com/draios/sysdig) used to evaluate kernel system events at runtime. 
+