Difference between revisions of "Incident"

From CNM Wiki
Jump to: navigation, search
(Created page with "Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (althoug...")
 
(Definitions)
Line 4: Line 4:
 
According to the [[CyBOK (version 1)]],
 
According to the [[CyBOK (version 1)]],
 
:[[Incident]]. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
 
:[[Incident]]. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
 +
According to the [[ITIL Foundation 4e by Axelos]],
 +
:[[Incident]]. An unplanned interruption to a service or reduction in the quality of a service.
  
[[Category: Cyber-security]][[Category: Articles]]
+
[[Category: Information Technology]][[Category: Cyber-security]][[Category: Articles]]

Revision as of 16:30, 11 December 2020

Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.

Definitions

According to the CyBOK (version 1),

Incident. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.

According to the ITIL Foundation 4e by Axelos,

Incident. An unplanned interruption to a service or reduction in the quality of a service.