Don’t chase the IOCs

What are IOCs?
Indicators of compromise (IOC) are a quick and easy way for your incident reponse/security team to check if similar activity occured (reactive) or preventing future attacks by means of blocking (Pro-active). These often come in the form of file hashes, IPs or domains and recently bitcoin addresses.

There are many feeds to gain IOCs, and most people have their preference. For me, It’s…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ash Moran

Ash Moran

InfoSec, life and all things random…. 🚀 contact@xstag0.com