Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What defines an attack, an event, and an incident?

Attack defines event incident
0
Posted

What defines an attack, an event, and an incident?

0 CommentsAdd a Comment

1 Answer

0

A. Symantec takes each attack description that comes out of each firewall and IDS system, and correlates those all to a central attack description or firewall diagnostic or security event description of our own creation. Then, for each of those, we make a judgment call on whether it is something that should be reported or not. The majority of reports we get are classified as events or probes, things you should not report on. They are not attacks in and of themselves. There are other attempts that, were the victim vulnerable to what was being checked for, they would just have been penetrated. These attempts we classify as incidents.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123