Indicators of Compromise (IOCs) is evidence left behind by cyber threats or security breaches that can be used to detect and identify potential security incidents within computer systems, networks, or applications. These indicators serve as telltale signs that unauthorized or malicious activities may have occurred or are currently taking place.
IOCs help security analysts, incident responders, and cybersecurity tools identify and respond to security incidents promptly. IOCs can take various forms, such as file hashes, IP addresses, domain names, URLs, email addresses, registry keys, specific patterns in log files, or even patterns of behavior exhibited by malicious software.