IOCs Are Dead -- Long Live IOCs!

  • Thursday, 21 July, 2016 | 11.15 – 12.00 hrs | Orchid Room 4305

View all Sessions

Indicators of Compromise were meant to solve the failures of signature-based detection. Despite all of the IOC standards, feeds and tools, attackers remain successful, and most threat data is shared in flat lists of hashes and addresses. This session will explore why IOCs haven't raised the bar, how to better utilize brittle IOCs and how to use the data intrinsic to your own endpoints to craft better IOCs.


This document was retrieved from on Sun, 18 Aug 2019 00:53:59 -0400.