back to agenda
on this page
Shifting Threat Hunting Paradigms: Unleashing Innovative IOCs
- 13:40
- Tue
- 14 Nov
Stage:
Briefing Stage 4
Format:
Session
Presenter:
Senior Penetration Testing Consultant, TCC
Indicators of compromise or IOCs, are pieces of evidence or artifacts that can be used to identify and detect security incidents, such as cyberattacks or data breaches. They are essentially signs or patterns that suggest a system or network has been compromised or is under a threat, but these indicators are relatively easy to change by the attackers, and that's why we need more robust methods of indicators that are hard for an attacker to change. In this session we will talk about things like memory pages and protection status like read, write and execute flags. We will talk about stack encryption, suspended threads and more artifacts that could be available in the system and would be hard for an attacker to change.
Presenter:
Senior Penetration Testing Consultant, TCC