Analytics behavioral indicators of compromise (ABIOCs) - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Cortex XSIAM
Creation date
Last date published
Administrator Guide

Analytics behavioral indicators of compromise (ABIOCs). In contrast to standard Analytics alerts, ABIOCs indicate a single event of suspicious behavior with an identified chain of causality. To identify the context and chain of causality, ABIOCs leverage user, endpoint, and network profiles. The profile is generated by the Analytics Engine and can be based on a simple statistical profile or a more complex machine-learning profile.