Browse Definitions :
Definition

security event

A security event is a change in the everyday operations of a network or information technology service indicating that a security policy may have been violated or a security safeguard may have failed. In a computing context, events include any identifiable occurrence that has significance for system hardware or software. Security events are those that may have significance to the security of systems or data.

The first indication of an event may come from a software-defined alert or by end users notifying a help desk that, for example, network services have slowed down. As a rule, an event is a relatively minor occurance or situation that can be resolved fairly easily and events that require an IT administrator to take action are classified as incidents. A help desk ticket from a single user reporting that they think they have contracted a virus is a security event, because it could indicate a security issue. If evidence of the virus is found on the user's computer, however, it can be considered a security incident

According to a report from threat detection vendor Damballa, organizations surveyed had an average of 10,000 security events a day. Security products such as antivirus software can reduce the number of security events and many incidence response processes can be automated to make the workload more manageable. Events that don't require action by an administrator may be handled automatically by security information and event management (SIEM) products.

This was last updated in November 2016

Next Steps

Learn how SIEM systems leverage security events to strengthen enterprise defenses.

Three enterprise use cases for SIEM tools and products.

Seven important criteria to consider when for your organization.

Continue Reading About security event

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system ...

  • NIST Cybersecurity Framework

    The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.

  • Advanced Encryption Standard (AES)

    The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • secondary storage

    Secondary storage is persistent storage for noncritical data that doesn't need to be accessed as frequently as data in primary ...

  • optical storage

    Optical storage is any storage type in which data is written and read with a laser.

  • JBOD (just a bunch of disks)

    JBOD, which stands for 'just a bunch of disks,' is a type of multilevel configuration for disks.

Close