Indicator of Compromise (IoC)

An Indicator of Compromise (IOC) is cybersecurity's reactive forensic-driven response to a cyber attack. It is the clue on a computer that indicates that there has been a breach - either on the device itself, or across the whole network.

These clues may include:
- network communication breach
- new or changed files on disk, those files' hashes and file paths
- system changes (such as registry keys changes, scheduled tasks, users)
- disruption of processes and / or services

Security investigators will gather this data:
- if a suspicious incident has been detected
- as a result of a scheduled scan
- after the discovery of unusual call-outs from the network

The information gathered is then used to detect and quarantine suspicious files in the future.

Related Topics

    Other Topics

    More information on Indicator of Compromise (IoC):

    Go To Blog