Alert

From CNM Wiki
Revision as of 15:42, 18 July 2020 by QiratH (talk | contribs) (Created page with "Alert in the SOIM context, an alert should refer to an event, or group of events, of interest from a security perspective, representing either an attack symptom or consequ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Alert in the SOIM context, an alert should refer to an event, or group of events, of interest from a security perspective, representing either an attack symptom or consequence. An alert is necessarily the outcome of an analysis process performed by an Intrusion Detection System sensor on event traces.

Definitions

According to the CyBOK (version 1),

Alert. In the SOIM context, an alert should refer to an event, or group of events, of interest from a security perspective, representing either an attack symptom or consequence. An alert is necessarily the outcome of an analysis process performed by an Intrusion Detection System sensor on event traces.
Retrieved from "https://pravka.bskol.com/w/index.php?title=Alert&oldid=54342"