Add drift to glossary

docs/glossary.mdx

@@ -65,6 +65,10 @@ A [control](/platform/compliance/monitor/frameworks/#controls-and-checks) is a g
 
 A [CVE](/platform/security/posture/vulnerabilities/) (common vulnerability and exposure) is a weakness in a computer system that an attacker can exploit to gain access or extract information.
 
+### drift
+
+See [security drift](#security-drift).
+
 ### integration
 
 An [integration](/platform/infra/overview/) is Mondoo's connection and communication with an external system. Most integrations are with [assets](#asset). They allow Mondoo to gather inventory details, assess the security of an asset, and measure compliance.
@@ -115,6 +119,10 @@ Mondoo assigns a [risk score](/platform/security/posture/findings/#risk-score) o
 
 Mondoo gives each asset and space a security [score] that represents their ability to withstand attack. Scores are based on the security [policies](#policy) you choose. To learn how Mondoo calculates scores, read [How Mondoo scores policies](/platform/security/posture/monitor/#how-mondoo-scores-policies).
 
+### security drift
+
+Security drift (also known as "security posture drift" or just "drift") occurs when your infrastructure becomes more vulnerable to attack. Security practices and controls can deteriorate over time as your system configurations deviate from your established baselines. It's important to catch drift before it becomes a big problem. You can configure Mondoo to [automatically create a ticket](/platform/cases/manage/#automatically-create-cases-on-drift) in your tracking system (such as Jira or ServiceNow) when it detects drift.
+
 ### security posture
 
 Your [security posture](/platform/security/posture/overview/) is your organization's ability to identify, respond to, and recover from security threats and risks.