incident-response

Indicators of Compromise (IOC)

Observable artifacts or evidence that indicate a system has been compromised or is under attack. IOCs include unusual network traffic, suspicious file hashes, unexpected registry changes, and anomalous login patterns.

Related Terms

Malware Analysis

incident-response

The process of studying malware to understand its functionality, origin, and impact. Static analysis examines code witho...

Security Information and Event Management (SIEM)

incident-response

A solution that aggregates and analyzes security log data from across an organization's IT infrastructure to detect thre...

Threat Hunting

incident-response

The proactive process of searching for cyber threats that have evaded existing security controls. Threat hunters use hyp...

Back to Glossary