Reference document

Title
CIS Security Detection Process
Description

The CIS Security Detection Process enables to detect malicious activities and faults by analyzing sensor data to identify malicious and suspicious actions and activities, and determine the meaning and importances of these activities by looking at their local and global impact. ‘Initial state ‘ A new Security Event is received. ‘End state ‘ The action and activity behind the new Security Event is identified. The level of danger (benign, suspicious, malicious) from these are defined. If there is a danger, a report about a suspicious/malicious activity is created.

Level
8
emUUID
213bed98-184e-48e1-923a-b558a945aa6e
Parent
CIS Security Defence Processes