Some IOC writers use alternate versions of standard IndicatorItems names to address elements on the system. For example, you would find Network/DNS instead of DnsEntryItem/RecordData/Host.
The idea is to implement a system of aliases linked to a canonical item name in the OpenIOC standard, upon scan.
Some IOC writers use alternate versions of standard IndicatorItems names to address elements on the system. For example, you would find
Network/DNSinstead ofDnsEntryItem/RecordData/Host.The idea is to implement a system of aliases linked to a canonical item name in the OpenIOC standard, upon scan.