What is Security Monitoring?
Security monitoring is the automated process of collecting and analyzing indicators of potential security threats, then triaging these threats with appropriate action.
Security monitoring definition
Security monitoring, sometimes referred to as "security information monitoring (SIM)" or "security event monitoring (SEM)," involves collecting and analyzing information to detect suspicious behavior or unauthorized system changes on your network, defining which types of behavior should trigger alerts, and taking action on alerts as needed.
Why security monitoring?
From hackers and malware, to disgruntled or careless employees, to outdated or otherwise vulnerable devices and operating systems, to mobile and public cloud computing, to third-party service providers, most companies are routinely exposed to security threats of varying severity in the normal course of conducting business. Given the ubiquitous, unavoidable nature of security risks, quick response time is essential to maintaining system security, and automated, continuous security monitoring is key to quick threat detection and response.