tag:blogger.com,1999:blog-9518042.post557217338661481462..comments2024-03-19T07:46:20.437-05:00Comments on Windows Incident Response: A Little Something on IOCs...Unknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-9518042.post-29838215014131537542012-02-22T22:29:49.644-05:002012-02-22T22:29:49.644-05:00Hi Harlan,
Thanks for the mention in this great p...Hi Harlan,<br /><br />Thanks for the mention in this great post. Feedback such as this, and the comments you left on my post, are of great assistance when considering how I'll approach an analysis in the future.<br /><br />Specifically, your note regarding keeping others in mind is important. I initially only reported the indicators I had used in my specific environment at that specific time. However, it wouldn't have taken too much longer to include indicators that would have been applicable to other types of analysts as well. I hope this is one aspect that continues in the future. As practitioners do share data, if there's something that would be useful but isn't initially provided, ask for it!<br /><br />Additionally, your note on being precise is something that I will be paying more attention to, even when in a rush. The last thing I want to accomplish by sharing incident data is sending an analyst off in the wrong direction.<br /><br />Thanks again.Keithhttp://www.digital4rensics.comnoreply@blogger.comtag:blogger.com,1999:blog-9518042.post-23546602061643358762012-02-21T03:09:04.449-05:002012-02-21T03:09:04.449-05:00An explanation of the acronym IOC would be useful ...An explanation of the acronym IOC would be useful to any reader who is not familiar with the term.Anonymousnoreply@blogger.com