How TTP Mapping Moves Beyond Simple Indicators of Compromise
When I first began writing about cybersecurity, corporate network defense was rooted primarily in identifying and studying Indicators of Compromise (IOCs). Security teams injected their firewalls and endpoint detection systems with static lists of known data points: malicious file hashes, rogue domains, malicious IP addresses, etc. Keeping out bad actors with simple blocking techniques was … Read more