Tech »  Topic »  The Human IOC: Why Security Professionals Struggle with Social Vetting

The Human IOC: Why Security Professionals Struggle with Social Vetting

7 hours ago   securityweek

During my years working in Security Operations, we were very careful to vet anything that came our way. We vetted sources, intelligence, IOCs, TTPs (tactics, techniques, and procedures), and other information as well. The reason for this was straightforward. Leveraging anything that was not properly vetted could result in serious consequences.

What are these consequences you ask? There are many, of course, but a few of them include:

  • Drowning in false positives (and thus potentially missing true positives)
  • Wasting resources chasing ghosts
  • Causing unnecessary downtime by responding to faux incidents
  • Damaging trust and relationships (sometimes irreparably) with stakeholders
  • Harming the reputation and political capital of the security team

As you can see, some of these consequences are worse than others, but none of them are great. Thus, it is not surprising that the vast majority of security teams vet information properly before introducing it into the security workflow. It is ...


Copyright of this story solely belongs to securityweek . To see the full text click HERE