The metrics that describe normal network activity are known as what?

The metrics that describe normal network activity are known as Key Risk Indicators (KRIs). KRIs are used by organizations to monitor and assess the level of risk in various operational areas, including network security. They provide insight into the performance and security posture of a network by establishing benchmarks for what constitutes typical behavior. By analyzing these metrics, organizations can detect anomalies that may indicate potential security threats or breaches.

In contrast, Key Performance Indicators (KPIs) focus on measuring the effectiveness and efficiency of processes and services rather than encapsulating risk-related metrics. Security Information and Event Management (SIEM) systems aggregate and analyze security data from across the network but are not specifically defined as metrics describing normal activity. The Open Web Application Security Project (OWASP) is an organization focused on improving the security of software applications and does not relate directly to metrics of network activity.