UNDERSTANDING INDICATOR OF COMPROMISE (IoC)

THESECMASTER

In this post, we’re going to be describing and getting an understanding of indicators of compromise. As the name suggests, an indicator of compromise, or an IoC, gives you an indication of when an attack or some kind of malicious activity has taken place. IoC is the technical data that is used in a tactical threat intelligence situation.

1. Source Of Indicator Of Compromise (IoC):
  1.1. External Agencies:
  1.2. Internal Sources:
2. How To Collect, Build, Share, And Manage IoCs?
3. Types Of Indicators Of Compromise:
  3.1. Network-Based Indicators
  3.2. Host-Based Indicators
  3.3. Account-Based Indicators

Table of Contents :

1. URL
2. Website
3. Domain
4. IP address

1. File Name
2. Path
3. File Fingerprint or Hash
4. File Extension
5. File Location

1. Account Name
2. Login Time
3. Account Privileges
4. Account Activity Logs
5. Account Location

Account-Based Indicators

Host-Based Indicators

Network-Based Indicators

Tumblr

Telegram

Medium

Twitter

LinkedIn

Facebook

FOLLOW US:

THESECMASTER