IOCs are a well understood and applied element of technical cyber threat intelligence (CTI) that the cyber security industry is familiar with… or are they really? Poor understanding of CTI, incident response and digital forensics have led to very poor applications of IOCs within cyber programs in the past. Vendors have sold customers Threat Intelligence feeds with the promise that they would help security analysts prioritise detection, only to have more alerts to deal with due to poor applications of technical threat intelligence. Because of this, IOCs have been devalued or undermined.

However, what if we went back to the future to change that perception and explained the value, correct application and opportunities of technical threat Intelligence to help protect and bring insights to the threats relevant to your organisation?