Tag

IOC enrichment

8 articles on ioc enrichment.

← All blog posts
Agentic AI Threat Mapping: MITRE ATT&CK Needs Evidence-Rich Workflows
AI & MLJul 8, 2026

Agentic AI Threat Mapping: MITRE ATT&CK Needs Evidence-Rich Workflows

Anthropic mapped AI-enabled cyber activity to MITRE ATT&CK and found gaps around autonomous orchestration. SOC teams need AI summaries tied to evidence, not unsupported verdicts.

4 min read
AMOS macOS Infostealer: ClickFix Shows Why Hash Reputation Must Cover Developer Macs
MalwareJul 5, 2026

AMOS macOS Infostealer: ClickFix Shows Why Hash Reputation Must Cover Developer Macs

AMOS and related macOS infostealers are turning social engineering into credential theft. File hash reputation, URL scanning, and domain intelligence help teams respond before stolen tokens spread.

3 min read
Arch AUR Rootkit And Infostealer Campaign: Supply Chain Defense Starts With Hash Intelligence
Supply ChainJun 15, 2026

Arch AUR Rootkit And Infostealer Campaign: Supply Chain Defense Starts With Hash Intelligence

The June 2026 Arch User Repository compromise shows why supply chain security needs package review, file hash reputation, developer credential protection, and fast IOC enrichment.

6 min read
Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment
VulnerabilitiesJun 15, 2026

Oracle PeopleSoft Zero-Day: CVE-2026-35273 Shows Why CVE Watch Needs IOC Enrichment

The PeopleSoft CVE-2026-35273 exploitation reports show how vulnerability response, ransomware intelligence, IP enrichment, and incident response must work together.

6 min read
AI-Enabled Cyberattacks and MITRE ATT&CK: Turning New Threat Maps Into SOC Action
SOCJun 4, 2026

AI-Enabled Cyberattacks and MITRE ATT&CK: Turning New Threat Maps Into SOC Action

AI-enabled threats are being mapped into ATT&CK language, but mapping is only useful when it drives enrichment, detection, triage, and response workflows.

8 min read
Cyber Extortion Now Includes Physical Threats: What Incident Response Teams Must Change
RansomwareJun 4, 2026

Cyber Extortion Now Includes Physical Threats: What Incident Response Teams Must Change

Cyber incidents are no longer always contained to systems and data. As extortion crews add physical threats, responders need ransomware intelligence, safety escalation, IOC enrichment, and executive-ready evidence.

8 min read
IOC Enrichment APIs: A Security Operations Guide to Faster Triage, Fewer False Positives, and Measurable ROI
APIApr 26, 2026

IOC Enrichment APIs: A Security Operations Guide to Faster Triage, Fewer False Positives, and Measurable ROI

An indicator without context is a ticket without an owner. Learn how IOC enrichment APIs work, which fields SOC teams need at each tier, and how to wire them into case management without building a data swamp.

6 min read
File Hash Reputation Lookups: Accelerating Incident Response With IOC Enrichment
Incident ResponseApr 22, 2026

File Hash Reputation Lookups: Accelerating Incident Response With IOC Enrichment

A practitioner's guide to file hash reputation lookups—how they work, which data sources power them, how to build automated IOC enrichment pipelines, and how to integrate hash intelligence into SOC, SOAR, and incident response workflows.

10 min read