UNDERSTANDING INDICATOR OF COMPROMISE (IoC)
THESECMASTER
In this post, we’re going to be describing and getting an understanding of indicators of compromise. As the name suggests, an indicator of compromise, or an IoC, gives you an indication of when an attack or some kind of malicious activity has taken place. IoC is the technical data that is used in a tactical threat intelligence situation.
1. Source Of Indicator Of Compromise (IoC):
1.1. External Agencies:
1.2. Internal Sources:
2. How To Collect, Build, Share, And Manage IoCs?
3. Types Of Indicators Of Compromise:
3.1. Network-Based Indicators
3.2. Host-Based Indicators
3.3. Account-Based Indicators
Table of Contents :
1. URL
2. Website
3. Domain
4. IP address
1. File Name
2. Path
3. File Fingerprint or Hash
4. File Extension
5. File Location
1. Account Name
2. Login Time
3. Account Privileges
4. Account Activity Logs
5. Account Location
Account-Based Indicators
Host-Based Indicators
Network-Based Indicators
Tumblr
Telegram
Medium
Twitter
LinkedIn
Facebook
FOLLOW US:
THESECMASTER