Browse Definitions :
Definition

security event

A security event is a change in the everyday operations of a network or information technology service indicating that a security policy may have been violated or a security safeguard may have failed. In a computing context, events include any identifiable occurrence that has significance for system hardware or software. Security events are those that may have significance to the security of systems or data.

The first indication of an event may come from a software-defined alert or by end users notifying a help desk that, for example, network services have slowed down. As a rule, an event is a relatively minor occurance or situation that can be resolved fairly easily and events that require an IT administrator to take action are classified as incidents. A help desk ticket from a single user reporting that they think they have contracted a virus is a security event, because it could indicate a security issue. If evidence of the virus is found on the user's computer, however, it can be considered a security incident

According to a report from threat detection vendor Damballa, organizations surveyed had an average of 10,000 security events a day. Security products such as antivirus software can reduce the number of security events and many incidence response processes can be automated to make the workload more manageable. Events that don't require action by an administrator may be handled automatically by security information and event management (SIEM) products.

This was last updated in November 2016

Next Steps

Learn how SIEM systems leverage security events to strengthen enterprise defenses.

Three enterprise use cases for SIEM tools and products.

Seven important criteria to consider when for your organization.

Continue Reading About security event

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I still find it amazing that a lot of companies have the wrong mentality when it comes to their security. They do little until something happens like a DOS attack and then it's panic, It's sad but this is the only real way to know just how secure your system is. View logs to see the attempts to breach your security.

Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • Port Scan

    A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services ...

  • DMZ (networking)

    In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a ...

  • quantum supremacy

    Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classic computers by ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close