336:"ISO/IEC 27010:2015 [ISO/IEC 27010:2015] | Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications"
102:
There are initiatives to standardize the format of IoC descriptors for more efficient automated processing. Known indicators are usually exchanged within the industry, where the
314:
287:
151:
339:
392:
368:
343:
130:
388:
244:
252:
155:
423:
87:
103:
202:
16:
Artifact observed on a network or in an operating system that indicates a computer intrusion
8:
428:
91:
83:
39:
27:
79:
222:
35:
31:
276:
51:
308:"Development of Policies for Protection of Critical Information Infrastructures"
78:
command and control servers. After IoCs have been identified via a process of
417:
396:
335:
71:
307:
177:
115:
86:, they can be used for early detection of future attack attempts using
55:
120:
59:
125:
63:
75:
364:
223:"FIRST announces Traffic Light Protocol (TLP) version 1.0"
67:
315:
Organisation for
Economic Co-operation and Development
288:
152:"Understanding Indicators of Compromise (IoC) Part I"
365:"Traffic Light Protocol (TLP) Definitions and Usage"
277:"ISTLP - Information Sharing Traffic Light Protocol"
178:"The Incident Object Description Exchange Format"
415:
225:. Forum of Incident Response and Security Teams
340:International Organization for Standardization
242:
393:Centre for Critical Infrastructure Protection
369:United States Department of Homeland Security
243:Luiijf, Eric; Kernkamp, Allard (March 2015).
257:. Toegepast Natuurwetenschappelijk Onderzoek
344:International Electrotechnical Commission
274:
38:that, with high confidence, indicates a
149:
416:
45:
245:"Sharing Cyber Security Information"
131:Malware Information Sharing Platform
275:Stikvoort, Don (11 November 2009).
13:
14:
440:
150:Gragido, Will (October 3, 2012).
381:
253:Global Conference on CyberSpace
357:
328:
300:
268:
236:
215:
195:
170:
143:
1:
136:
97:
30:is an artifact observed on a
7:
109:
88:intrusion detection systems
10:
445:
389:"Traffic Light Protocol"
20:Indicator of compromise
203:"Introduction to STIX"
104:Traffic Light Protocol
184:. IETF. December 2007
158:on September 14, 2017
154:. RSA. Archived from
46:Types of indication
424:Computer forensics
284:Trusted Introducer
92:antivirus software
84:computer forensics
40:computer intrusion
28:computer forensics
80:incident response
50:Typical IoCs are
436:
408:
407:
405:
404:
395:. Archived from
385:
379:
378:
376:
375:
361:
355:
354:
352:
351:
332:
326:
325:
323:
322:
312:
304:
298:
297:
295:
294:
281:
272:
266:
265:
263:
262:
249:
240:
234:
233:
231:
230:
219:
213:
212:
210:
209:
199:
193:
192:
190:
189:
174:
168:
167:
165:
163:
147:
52:virus signatures
36:operating system
444:
443:
439:
438:
437:
435:
434:
433:
414:
413:
412:
411:
402:
400:
387:
386:
382:
373:
371:
363:
362:
358:
349:
347:
346:. November 2015
334:
333:
329:
320:
318:
310:
306:
305:
301:
292:
290:
279:
273:
269:
260:
258:
247:
241:
237:
228:
226:
221:
220:
216:
207:
205:
201:
200:
196:
187:
185:
176:
175:
171:
161:
159:
148:
144:
139:
112:
106:is being used.
100:
48:
17:
12:
11:
5:
442:
432:
431:
426:
410:
409:
380:
356:
327:
299:
267:
235:
214:
194:
169:
141:
140:
138:
135:
134:
133:
128:
123:
118:
111:
108:
99:
96:
47:
44:
15:
9:
6:
4:
3:
2:
441:
430:
427:
425:
422:
421:
419:
399:on 2013-02-05
398:
394:
390:
384:
370:
366:
360:
345:
341:
337:
331:
316:
309:
303:
289:
285:
278:
271:
256:
254:
246:
239:
224:
218:
204:
198:
183:
179:
173:
157:
153:
146:
142:
132:
129:
127:
124:
122:
119:
117:
114:
113:
107:
105:
95:
93:
89:
85:
81:
77:
73:
69:
65:
61:
57:
53:
43:
41:
37:
33:
29:
25:
21:
401:. Retrieved
397:the original
383:
372:. Retrieved
359:
348:. Retrieved
330:
319:. Retrieved
302:
291:. Retrieved
283:
270:
259:. Retrieved
251:
238:
227:. Retrieved
217:
206:. Retrieved
197:
186:. Retrieved
181:
172:
160:. Retrieved
156:the original
145:
101:
72:domain names
56:IP addresses
49:
23:
19:
18:
429:Indicators
418:Categories
403:2019-12-31
374:2019-12-31
350:2019-12-31
321:2019-12-31
293:2019-12-31
261:2019-12-31
229:2019-12-31
208:2019-06-05
188:2019-06-05
137:References
116:AlienVault
98:Automation
66:files, or
60:MD5 hashes
34:or in an
182:RFC 5070
121:Mandiant
110:See also
162:June 5,
126:Malware
64:malware
32:network
317:(OECD)
76:botnet
311:(PDF)
280:(PDF)
248:(PDF)
26:) in
255:2015
164:2019
90:and
82:and
68:URLs
54:and
74:of
70:or
62:of
24:IoC
420::
391:.
367:.
338:.
313:.
286:.
282:.
250:.
180:.
94:.
58:,
42:.
406:.
377:.
353:.
342:/
324:.
296:.
264:.
232:.
211:.
191:.
166:.
22:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.