Source |
SANS Institute |
Identifiant |
7925090 |
Date de publication |
2022-11-10 10:48:11 (vue: 2022-11-10 13:05:51) |
Titre |
Do you collect "Observables" or "IOCs"?, (Thu, Nov 10th) |
Texte |
Indicators of Compromise, or IOCs,&#;x26;#;xc2;&#;x26;#;xa0;are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities&#;x26;#;xc2;&#;x26;#;xa0;or malware analysis. About the last example, the&#;x26;#;xc2;&#;x26;#;xa0;malware analyst&#;x26;#;39;s goal is&#;x26;#;xc2;&#;x26;#;xa0;identify how the malware is behaving and how to indentify it.
|
Envoyé |
Oui |
Condensat |
&#;x26;#;xc2;&#;x26;#;xa0;are 10th about activities activities&#;x26;#;xc2;&#;x26;#;xa0;or analysis analyst&#;x26;#;39;s are been behaving blue collect collected compromise during elements example goal have how hunting indentify indicators information investigations iocs is&#;x26;#;xc2;&#;x26;#;xa0;identify key last mainly malware nov observables pieces small team technical the&#;x26;#;xc2;&#;x26;#;xa0;malware threat thu |
Tags |
Malware
Threat
|
Stories |
|
Notes |
|
Move |
|