Behavioral indicators of compromise (BIOCs)
—Identifying
threats based on their behaviors can be quite complex. As you identify
specific network, process, file, or registry activity that indicates
a threat, you create BIOCs that can alert you when the behavior
is detected. See
Working with BIOCs.