Purpose The purpose of this post is to highlight the benefits of using SIGMA vs IOC based detections. Introduction Indicators of Compromise (IOCs) – ips, domains, hashes, filenames, etc as reported by security researchers are queried against systems and SIEMs to find intrusions. These indicators work against known attacks and have short useful lifespans and […]