Indicators of Compromise (IoCs) and Their Role in Attack Defence
RFC 9424
Revision differences
Document history
| Date | By | Action |
|---|---|---|
|
2026-05-20
|
(System) | Changed metadata: changed keywords to '['IOC', 'Attack Defence']' from '[]' |
|
2026-05-20
|
(System) | Metadata update from RFC Editor |
|
2026-05-20
|
(System) | Changed author "A. Shaw": changed name from "Andrew S" to "A. Shaw" |
|
2026-05-20
|
(System) | Changed author "J. Sellwood": changed name from "James Sellwood" to "J. Sellwood" |
|
2026-05-20
|
(System) | Changed author "O. Whitehouse": changed name from "Ollie Whitehouse" to "O. Whitehouse" |
|
2026-05-20
|
(System) | Changed author "K. Paine": changed name from "Kirsty Paine" to "K. Paine" |
|
2026-05-20
|
(System) | Metadata update from RFC Editor |
|
2024-06-05
|
(System) | Received changes through RFC Editor sync (added Verified Errata tag) |
|
2024-05-30
|
(System) | Received changes through RFC Editor sync (added Errata tag) |
|
2023-08-11
|
(System) | Received changes through RFC Editor sync (created alias RFC 9424, changed abstract to 'Cyber defenders frequently rely on Indicators of Compromise (IoCs) to identify, … Received changes through RFC Editor sync (created alias RFC 9424, changed abstract to 'Cyber defenders frequently rely on Indicators of Compromise (IoCs) to identify, trace, and block malicious activity in networks or on endpoints. This document reviews the fundamentals, opportunities, operational limitations, and recommendations for IoC use. It highlights the need for IoCs to be detectable in implementations of Internet protocols, tools, and technologies -- both for the IoCs' initial discovery and their use in detection -- and provides a foundation for approaches to operational challenges in network security.', changed pages to 24, changed standardization level to Informational, changed state to RFC, added RFC published event at 2023-08-11, changed IESG state to RFC Published) |
|
2023-08-11
|
(System) | RFC published |