LinkedInX (ex-Twitter)

INDICATOR OF COMPROMISE

Your attackers have been identified. Take this opportunity to check the known indicators of compromise (IoCs) for these groups, using:

  • Public lists (available on GitHub, for example): Potentially low confidence, but low costs and potentially large quantities.

  • Paid feeds (e.g., AlienVault, Unit42, etc.): Relatively high confidence, moderate quantity, but the price can quickly become a barrier.

  • Governmental feeds / ISACs: High confidence, but potential difficulties in accessing the data.

For more information on the lifecycle of IoCs, refer to RFC9424.

PreviousMITRE ATT&CKNextATTACK FLOW PROJECT: CREATING THE ATTACK DIAGRAM

Last updated