Anomaly Detection: A technique used in security to identify unusual patterns or behaviors that may indicate a potential threat. This could involve statistical methods, machine learning algorithms, or other techniques to establish a ‘normal’ baseline and then identify deviations from this baseline. Anomaly detection can be used in many areas of security, from network monitoring to fraud detection to user behavior analytics. It’s an essential component of many intrusion detection or protection systems (IDS/IPS) and security information and event management (SIEM) solutions.
Categories: CC D5: Security Operations | CCSP D5: Cloud Security Operations | CISM D3: Information Security Program | CISSP D7: Security Operations | Security+ D2: Threats Vulnerabilities and Mitigations | SSCP D3: Risk Identification Monitoring and Analysis
« Back to Glossary Index