Context is the surrounding information that gives a message, log entry, alert, or report its meaning. In cyber security, the same event can be harmless or dangerous depending on who did it, when it happened, what system was involved, and what happened before and after. A failed login on a test machine is not the same as repeated failures against a privileged account at 3 a.m.
Analysts use context to reduce false positives, prioritize alerts, and understand attacker behavior. Good defenses add context from asset inventory, identity, network location, and normal baseline activity so that raw data becomes actionable intelligence. Attackers also exploit missing context, for example by blending malicious traffic into routine activity or by using vague messages that only look convincing when details are ignored. In short, context turns isolated facts into a usable security picture.