Browse Definitions:
Definition

security event

A security event is a change in the everyday operations of a network or information technology service indicating that a security policy may have been violated or a security safeguard may have failed. In a computing context, events include any identifiable occurrence that has significance for system hardware or software. Security events are those that may have significance to the security of systems or data.

The first indication of an event may come from a software-defined alert or by end users notifying a help desk that, for example, network services have slowed down. As a rule, an event is a relatively minor occurance or situation that can be resolved fairly easily and events that require an IT administrator to take action are classified as incidents. A help desk ticket from a single user reporting that they think they have contracted a virus is a security event, because it could indicate a security issue. If evidence of the virus is found on the user's computer, however, it can be considered a security incident

According to a report from threat detection vendor Damballa, organizations surveyed had an average of 10,000 security events a day. Security products such as antivirus software can reduce the number of security events and many incidence response processes can be automated to make the workload more manageable. Events that don't require action by an administrator may be handled automatically by security information and event management (SIEM) products.

This was last updated in November 2016

Next Steps

Learn how SIEM systems leverage security events to strengthen enterprise defenses.

Three enterprise use cases for SIEM tools and products.

Seven important criteria to consider when for your organization.

Continue Reading About security event

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I still find it amazing that a lot of companies have the wrong mentality when it comes to their security. They do little until something happens like a DOS attack and then it's panic, It's sad but this is the only real way to know just how secure your system is. View logs to see the attempts to breach your security.

Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such...

  • security information and event management (SIEM)

    Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of ...

  • polymorphic virus

    A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to ...

SearchHealthIT

  • accountable care organization (ACO)

    An accountable care organization (ACO) is an association of hospitals, healthcare providers and insurers in which all parties ...

  • patient engagement

    Patient engagement is an ideal healthcare situation in which people are well-informed about -- and motivated to be involved -- in...

  • personal health record (PHR)

    A personal health record (PHR) is a collection of health-related information that is documented and maintained by the individual ...

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close