Indicators of Compromise <<<<UNDER CONSTRUCTION>>>>
Common and More Unusual
Acivities
- Suspicious Configuration Items
- Activity Involving Incorrect Geographic Location(s)
- Privileged Account Activities
- Computing Operations Levels
- File Access Activity
- Outbound Network Traffic and DDOS Activity
Detection Methods
Responses
More Unusual Activities
Specialist Detection Methods
Robust Responses
Advanced Activities, Their Detection and Range of Response(s)