© Morey J. Haber, Darran Rolls 2020Morey J. Haber and Darran RollsIdentity Attack Vectorshttps://doi.org/10.1007/978-1-4842-5165-2_9
9. Indicators of Compromise
Morey J. Haber1 and Darran Rolls2
ORLANDO, FL, USA
AUSTIN, TX, USA
There are plenty of solutions that can help provide indicators of compromise (IoC). Some will highlight the IP address of an asset, the malware detected, or even unusual patterns in user behavior. All of these can be mapped back to the three pillars of cybersecurity discussed earlier in the book. The goal of IoC is to identify when something is inappropriate in an environment, what evidence supports the anomaly, and potentially the root cause from malware to insider threat. With this in mind, there are four aspects ...