There's another interesting approach from Mandiant:
Combat the APT by Sharing Indicators of Compromise (IOC)
"At DoD CyberCrime 2010 MANDIANT will formally release this format and tools to leverage it in your investigations today. We’ll have full coverage of the release on M-unition – stay tuned."
There's also a Google Group about IOC. But are there any tools available yet, or any IOC's?
I'll update when I find out.
Post a Comment