What is an Indicator of Compromise?

An Indicator of Compromise (or IOC) is found normally in the context of a threat feed as an item shared that might lead to discovery of an exploit or malware. An IOC is the result of research by third parties or investigators who are observing and documenting rogue behavior of attackers and malware. IOCs typically produce high false positives (i.e. alarms that aren’t real). Related terms include IOA (q.v.) and Tactics, Techniques and Practices" (TTP).

Related Resources

Omnis Network Security Solution
Solution

Omnis Security

Omnis Security is an advanced threat analytics and response platform that provides the scale, scope, and consistency required to secure today’s digital infrastructure.
Learn more
ATLAS Security Engineering & Response Team
Overview

ASERT

NETSCOUT’s network security experts provide world-class cyber security research and threat analysis for the benefit of today’s enterprise and network operators.
Learn more