CISA is proud to offer the cybersecurity awareness webinar, Understanding Indicators of Compromise.

Major cyber attacks have made headlines for years and the pace of threat activity faced by government and private sector organizations is accelerating. Often, the most damaging attacks reported are traced to Advanced Persistent Threats (APTs): groups of sophisticated hackers who gain entry into an unauthorized system and remain undetected for extended periods of time, allowing them to surveil and gather information, test security, or execute malicious activity without tripping network defenses.

Indicators of Compromise (IOCs) are the digital and informational "clues" that incident responders use to detect, diagnose, halt, and remediate malicious activity in their networks. This webinar provides an overview of IOCs for incident responders and those who work with them, introduces example scenarios and how IOCs can be used to trace activity and piece together a timeline of the threat, and discusses tools and frameworks to help incident responders use IOCs to detect, analyze, respond to, and report cyber threat activity.

Join us to learn the following information and more:

•  Define IOCs and why tracking, investigating, and reporting IOCs are 
   crucial to enterprise cybersecurity. 
•  Understand how IOCs are used for threat hunting and incident 
   response, different types of indicators, and how to collect different 
   categories of IOCs.
•  Learn about the MITRE ATT&CK Framework and how it supports 
   the analysis of IOCs, potential threat actors related to the activity 
   and their associated strategies and tactics.
•  Introduce free CISA cybersecurity tools, services, and resources to 
   help organizations further advance their cybersecurity capabilities.

This webinar is intended for a non-technical audience and beginning incident responders.

Event Logistics: 

• Date: Tuesday, March 29, 2022 
• Time: 11 a.m. - noon EDT
• Location: Online via Adobe Connect
• CPE Credit: Participants can earn 1 CPE credit for attending this 
  course.
• Note: Audio is through Adobe Connect, there is no external dial-in. 
  Closed captioning will be available during this training event.

If you require a reasonable accommodation to fully participate in this virtual event, please contact cyberinsights@cisa.dhs.gov at least five business days prior to the training with the type of support you need.