[OPSEC] RFC 9424 on Indicators of Compromise (IoCs) and Their Role in Attack Defence

Fri, 11 Aug 2023 21:03:57 -0700 

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9424

        Title:      Indicators of Compromise (IoCs) and 
                    Their Role in Attack Defence 
        Author:     K. Paine,
                    O. Whitehouse,
                    J. Sellwood,
                    A. Shaw
        Status:     Informational
        Stream:     IETF
        Date:       August 2023
        Mailbox:    [email protected],
                    [email protected],
                    [email protected],
                    [email protected]
        Pages:      24
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-opsec-indicators-of-compromise-04.txt

        URL:        https://www.rfc-editor.org/info/rfc9424

        DOI:        10.17487/RFC9424

Cyber defenders frequently rely on Indicators of Compromise (IoCs) to
identify, trace, and block malicious activity in networks or on
endpoints. This document reviews the fundamentals, opportunities,
operational limitations, and recommendations for IoC use. It
highlights the need for IoCs to be detectable in implementations of
Internet protocols, tools, and technologies -- both for the IoCs'
initial discovery and their use in detection -- and provides a
foundation for approaches to operational challenges in network
security.

This document is a product of the Operational Security Capabilities for IP 
Network Infrastructure Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to [email protected].  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
OPSEC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsec

Reply via email to