Abstract: The present invention concerns a method and a system configured for analyzing computer events in the context of cybersecurity. In particular, the present invention relates to collecting events, normalizing elements specific to these events and calculating an overall criticality score based on a similarity analysis with a database of reference events.