The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.
Adapted from: CNSSI 4009, ISO/IEC 27039 (draft).
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Security service that monitors and analyzes system events for the purpose of finding, and providing realtime or near real-time warning of, attempts to access system resources in an unauthorized manner
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard