Software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.
Sources:
NIST SP 800-137
under Intrusion Detection and Prevention System (IDPS)
NIST SP 800-61 Rev. 2
under Intrusion Detection and Prevention System (IDPS)
NISTIR 7621 Rev. 1
under Intrusion Detection / Prevention System
from
NIST SP 800-61 Rev. 2