What is indicators?

In cybersecurity, 'indicators' or 'indicators of compromise (IOCs)' are forensic artifacts of an intrusion that, when detected, identify a potentially malicious or unauthorized activity on a network or system. Common examples of IOCs include malware signatures, IP addresses, domain names, URLs, email addresses, file hashes, unusual network traffic patterns, and changes to system files. Security professionals use IOCs to proactively identify and respond to security threats. Threat intelligence platforms and security information and event management (SIEM) systems often ingest and correlate IOC data to provide alerts and assist in incident response.