An Indicator of Compromise (IOC) is a piece of evidence that indicates that a system or network may have been breached or compromised.
Some examples of IOCs are:
IOCs also serve as actionable threat intelligence items that can be shared with the broader community and help others improve their incident detection, response and remediation strategies.
It is a common and best practice to disarm or defang IOCs before sharing them with others to prevent users from accidentally clicking on links and therefore interacting with potenitally malicious websites and resources. Read more about defanging on this page.
defang.me has been developed to make defanging IOCs easy.
Copyright © 2025 · All Rights Reserved