Saturday 04 July 2026 22:35:56 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Baseline

the normal pattern used to compare behavior before and after a change.

A baseline is the normal, expected pattern of a system, user, or network before a change happens. Security teams use it as a reference point: typical CPU use, login times, network traffic, running services, file activity, and error rates. Without a baseline, it is hard to tell whether a change is harmless, a misconfiguration, or an intrusion.

Baselines matter in cyber security because attackers often stand out by changing behavior. Unusual outbound connections, new startup items, sudden privilege changes, or extra authentication failures can be detected by comparing current activity with the baseline. Defenders also use baselines after updates, new policies, or software rollouts to confirm that systems still behave normally. A baseline is not a fixed rule; it should be refreshed as business needs and system conditions change, otherwise security tools may miss real threats or flag normal activity as suspicious.

← WIKICROOK index