Threat != Compliance != Vulnerability

Hi all,

I’m currently stuck in the dilemma where our team were tasked to treat compliance and vulnerabilities alerts and threat alerts as the same.

From my understanding, shouldn’t we draw a line between threat, compliance and vulnerabilities alert ?

My definition of the alerts:
- Threat alerts: an incident occur in the environment, requires immediate response to investigate, contain and recover
- Compliance alerts: best practices based on certain framework. I.e. GDPR, CIS, etc. it’s good to have as …

alert alerts compliance cybersecurity definition dilemma environment incident team threat understanding vulnerabilities vulnerability