What are indicators of compromise (IoCs) in cyber threats?

Indicators of compromise (IoCs) are forensic artifacts that suggest a potential breach or malicious activity on a system or network. They serve as critical signals to help organizations detect and respond to cyber threats.

Unusual outbound network traffic and known malicious IPs are classic examples of IoCs. Unusual outbound network traffic can indicate that an internal system has been compromised and is attempting to communicate with an external server controlled by an attacker. Known malicious IPs are addresses that have been recognized as being associated with harmful activities, such as data exfiltration or command and control servers. Detecting these indicators helps security teams take appropriate action to mitigate threats and secure their environments.

The other options do not represent indicators of compromise. Confirmed security patches, standard operating procedures, and regular software updates focus on maintaining security hygiene and operational stability rather than directly identifying potential threats or breaches.