Glossary

event

A normalized log from an ingested source such like AWS CloudTrail, Osquery, or others

detection

A Python function to detect some suspicious or malicious activity

alert

A notification to the team when a policy has failed or a rule has triggered

policy

A Python function representing the desired secure state of a resource

resource

A cloud entity, such as an IAM user, virtual machine, or data bucket