Difference between revisions of "Incident"
(Created page with "Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (althoug...") |
(→Definitions) |
||
| Line 4: | Line 4: | ||
According to the [[CyBOK (version 1)]], | According to the [[CyBOK (version 1)]], | ||
:[[Incident]]. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents. | :[[Incident]]. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents. | ||
| + | According to the [[ITIL Foundation 4e by Axelos]], | ||
| + | :[[Incident]]. An unplanned interruption to a service or reduction in the quality of a service. | ||
| − | [[Category: Cyber-security]][[Category: Articles]] | + | [[Category: Information Technology]][[Category: Cyber-security]][[Category: Articles]] |
Revision as of 16:30, 11 December 2020
Incident is in the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
Definitions
According to the CyBOK (version 1),
- Incident. In the SOIM context, an incident is described as a set of alerts that are considered evidence of a cybersecurity breach, generally a successful attack (although serious attempts, or attempts against critical systems, may also be considered incidents.
According to the ITIL Foundation 4e by Axelos,
- Incident. An unplanned interruption to a service or reduction in the quality of a service.
