PROBLEM TO BE SOLVED: To easily introduce security even in a medium-sized enterprise or a small and medium-sized enterprise without incurring a high cost, imposing a load on an endpoint, and requiring specialized human resources. Provide an incident detection system. SOLUTION: In a security incident detection system 1 provided with a user terminal 20 provided in a company, a server device 10 capable of communicating with the user terminal 20 via a network, and the user terminal 20 regularly. The log information 211 is collected and transmitted to the server device 10, and when the server device 10 receives the log information 211, the log information 211 is analyzed, an analysis report 115P is created for each company, and the created analysis report is created. Send to the administrator of the 115P company. [Selection diagram] Fig. 1
展开▼