Tag Archives: IOC

The Role of IOCs in Threat Intelligence

The Role of Indicators of Compromise in Threat Intelligence


“Not everything that can be counted counts, and not everything that counts can be counted.”

Albert Einstein

The application of traditional threat intelligence to the field of information security is a relatively young one. As the ability of the community to collect and share intelligence grows, the techniques we use to analyse it become more sophisticated. Assuming we have access to a “firehose” of big data, how can we model and analyse security threats most effectively? This question has led to many organisations attempting to standardise the process and provide a consistent way of distributing threat data. How effective are they at doing this, and how could they be better? How can we better use these imperfect sources of intelligence to inform our analyses?

Continue reading