Do you collect "Observables" or "IOCs"?, (Thu, Nov 10th)

This post was originally published on this site

Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware analyst's goal is identify how the malware is behaving and how to indentify it.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.