Free Phone Consultation For New Clients | CONTACT NOW

Indicator of Compromise

What is an Indicator of Compromise?

An indicator of compromise is a method for finding last-known locations of computers that have been compromised with malware.

The indicators of compromise, or IOCs, that are found will be stored in the database and can be used to identify when a computer has been infected by malicious software and its location. The database, which is hosted on the cloud, will allow users to identify a specific computer by comparing the IOCs to other known computers that have already been identified.

In today’s digital era, it’s not uncommon for individuals and organizations alike to become victims of sophisticated cyberattacks.

An indicator can be an email address, a password, a computer IP address — anything. It could also refer to an archive file or any other form of personal data that might help to identify someone who committed a crime. Indicators are collected by private sector organizations like law enforcement and spy agencies, which can share them with the public at large. An indicator may point to very specific information, like the URL of a webpage that contains personal information about someone in your cell phone's contact list or the name and address from where you receive your daily mail.

A useful IOC can be anything that can identify if a computer has been hacked or not. It’s possible to detect if a computer is infected by malware by looking at specific activities on it such as: how many times it connects to the Internet in one day; how many malicious processes are running on it; or how many registry entries were modified on it.

Need secure managed IT services in the Greenville, SC, area?