Indicators of Compromise (IoC) are observable technical artifacts suggesting that a system has been compromised. Typical examples include suspicious IP addresses, hash values of known malware, unusual registry entries, or conspicuous DNS queries. IoCs are shared through threat intelligence feeds, CERTs, and industry-specific ISACs. In your ISMS, you use IoCs to keep detection rules in your SIEM and IDS up to date. Matching your own log data against current IoC lists is a foundation of effective monitoring. Ingest IoCs promptly, as they lose relevance quickly.