Definitions
We know that lingo in cybersecurity can differ based on company. See a list of commonly used words and phrases that will appear throughout our doc site.
Alerting
The process of generating and sending notifications when a security event is detected.
Learning
The process of taking information from previous alerts and applying them to the next
Threat Scoring
Assigning a numerical value to proxy for risk level for a security alert. This helps analysts prioritize which alerts to address first based on their potential impact.
Integrations
The connections between Salem Cyber's platform and other security tools/ data sources (e.g., SIEMs, ticketing systems, threat intelligence products) to create a unified workflow.
Auditability
Ensures actions, configurations, and events are logged for compliance, forensic analysis, or operational review
Enrichment
The adding of generally searchable information to alerts by querying additional data sources (threat intelligence, logs) to aid investigation
Contextualization
Individually providing situational awareness by correlating alert data with environmental factors (user behavior, network activity)
Triage
To prioritize and categorize alerts to determine which require immediate investigation
Threat Notification
Salem’s way of escalating alerts in enterprise chat or via Salem’s Browser Extension
Investigation
The analysis of alerts or incidents to determine their cause, scope, and impact
Last updated