There can be little doubt the world of NIDS/NIPS is a jargon rich world. At the risk of falling into the category of hyping a word, what’s ‘context’ got do with detection? Is ‘context’ about to become the next big buzzword in the vendor fight for even more money from organisations? Does it even mean anything in today’s ever increasing onslaught against infrastructure? Will it just become another despised hyberbole? The answer to all three questions, is probably! However many of us involved with looking after detection systems understand the importance on context. It’s not that we need more data, we need more meaning! We need better understanding of what happens before, during, and after strange and unusual behaviour happens on our networks. We need the ‘context’ of what and why nd alert was triggered. The reality of it is we’re about to enter a world of vendors now selling ‘context’ products, when security professionals need the word the most! This talk looks at the importance of context in detection however from a neutral, and sometimes cynical standpoint. Quite simply the aim of the talk is to highlight that if we don’t understand the importance of getting better context i detection, and we just let vendors use it as another sales pitch, we all lose out. In addition i intend to also discuss what organisations can do to obtain more meaning from the data they already have.