Adversary-Aware IOC Retention: Analyzing Time-to-Live Patterns by Threat Actor Attribution
It is well established that not all threat actors operate similarly.Still, security teams continue to waste storage, processing, and opportunity costs on bloated threat intelligence feeds containing stale IOCs. Early research into this topic compared the price of retaining IOCs over a set time...
