Security professionals also often become involved in the ongoing
               monitoring of websites for performance management,

               troubleshooting, and the identification of potential security issues.
               This type of monitoring comes in two different forms.

                    Passive monitoring analyzes actual network traffic sent to a
                    website by capturing it as it travels over the network or reaches the
                    server. This provides real-world monitoring data that provides
                    administrators with insight into what is actually happening on a

                    network. Real user monitoring (RUM) is a variant of passive
                    monitoring where the monitoring tool reassembles the activity of
                    individual users to track their interaction with a website.

                    Synthetic monitoring (or active monitoring) performs artificial
                    transactions against a website to assess performance. This may be
                    as simple as requesting a page from the site to determine the
                    response time, or it may execute a complex script designed to

                    identify the results of a transaction.

               These two techniques are often used in conjunction with each other
               because they achieve different results. Passive monitoring is only able
               to detect issues after they occur for a real user because it is monitoring
               real user activity. Passive monitoring is particularly useful for
               troubleshooting issues identified by users because it allows the capture
               of traffic related to that issue. Synthetic monitoring may miss issues

               experienced by real users if they are not included in the testing scripts,
               but it is capable of detecting issues before they actually occur.