Incident
Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
Definitions
According to the CyBOK (version 1),
- Incident. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
According to the ITIL Foundation 4e by Axelos,
- Incident. An unplanned interruption to a service or reduction in the quality of a service.
Management
- Main wikipage: Incident management