From the course: Microsoft Azure: Security Monitoring and Threat Detection
Join today to access over 24,900 courses taught by industry experts.
Examples of IOCs - Azure Tutorial
From the course: Microsoft Azure: Security Monitoring and Threat Detection
Examples of IOCs
- [Instructor] Here are some examples of indicators of compromise. One, we have a file-based indicator, so basically these are associated with a specific file, such as a hash or a file name. Then we have a network-based indicator. These are associated with network such as IP address or a domain name. It is essential for you to know the kind or type of indicator of compromise you work with as this would help you to do more operation or tracking with them. Then we have the behavioral indicators. These are associated with a user behavior, a system behavior, or a network behavior. Just like you working with some sort of anomaly alert, you are able to quickly dictate for any unusual network traffic system activity or logging in your environment. Then finally, the artifact-based indicators, which are associated with artifacts left behind by an attacker, like an attacker residual, such as a registry key or a configuration file. The benefits of indicator of compromise are early detection, it…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
