// THREAT DETECTION AND DATA PRIVACY TERM
Priority
Priority is a ranking assigned to a security incident to determine how quickly it needs to be addressed. It's based on factors like the potential damage (impact) and the time-sensitivity (urgency) of the threat.
TECHNICAL DEFINITION
In cybersecurity incident response, priority is a classification assigned to a security event, alert, or vulnerability during triage that dictates the required speed and resource allocation for remediation. This ranking is calculated by assessing the threat's potential business impact, operational urgency, and the scope of affected assets, often to meet Service Level Agreements (SLAs).
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Severity
- Urgency
- Threat Level
- P-level
- Incident Classification
- Impact Rating
- Triage Level
USAGE NOTE
Priority is often confused with severity; severity measures the technical impact of an event, while priority dictates the business-driven order of response.
DEVELOPERS
Organizations developing technology related to Priority.
Develops vulnerability management solutions, including its proprietary Vulnerability Priority Rating (VPR), which uses data science and threat intelligence to help organizations prioritize the most critical security flaws to fix first.
Offers the Cortex XSOAR and XDR platforms, which use analytics and automation to triage and prioritize security alerts from multiple sources, enabling security teams to focus on the most significant threats.
A U.S. federal agency that develops and maintains the Known Exploited Vulnerabilities (KEV) Catalog, a critical data source used industry-wide to prioritize the patching of vulnerabilities actively exploited by adversaries.
Provides security solutions like InsightVM that focus on risk-based vulnerability management, helping teams prioritize vulnerabilities based on attacker analytics, exploitability, and asset criticality.
A cybersecurity technology company whose Falcon platform provides cloud-native endpoint protection (EDR/XDR) that uses artificial intelligence to automatically prioritize and contextualize threats in real-time.
Pioneered a risk-based vulnerability management platform, now integrated into Cisco Vulnerability Management, that uses machine learning to analyze vulnerability data and prioritize remediation efforts on the highest-risk issues.
A leader in Security Information and Event Management (SIEM), its platforms help organizations correlate massive volumes of machine data to identify, prioritize, and respond to the most critical security incidents.
A not-for-profit organization that develops the ATT&CK framework, a globally-accessible knowledge base of adversary tactics which helps defenders prioritize security controls and investments against real-world threats.