Field of the Invention
The present invention relates in general to the field of computers and similar technologies, and in particular to software utilized in this field. Still more particularly, it relates to a method, system and computer-usable medium for identifying risk within an information technology (IT) environment.
Description of the Related Art
Organizations today are exposed to a greater volume and variety of attacks than in the past. Advanced attackers are clever and patient, leaving just a whisper of their presence. Accordingly, it is desirable to provide security functionality which helps to detect and defend against threats by applying sophisticated analytics to more types of data. It is also desirable to provide such security functionality which identifies high-priority incidents that might otherwise get lost in the noise of the overall operation of a large scale information processing environment.
It is known to provide security functionality to IT environments via security intelligence platforms which integrate security information and event management (SIEM), log management, anomaly detection, vulnerability management, risk management and incident forensics into a unified solution. Many known security intelligence platforms which include SIEM monitor user activity on the network to efficiently react in real time to suspicious user activity.