Built on our revolutionary Cloud Agent technology, Qualys Indication of Compromise (IOC) helps you continuously monitor endpoints for suspicious activity. IOC captures system activity to find indicators of compromise relating to malware and indicators of activity relating to threat actors to support investigation and response. We'll help you get started quickly!
Our tutorials will help you start investigating IOC incidents and events in minutes.
Install Cloud Agents (using the CA app)
Enable IOC in a CA Configuration Profile (using the CA app)
The IOC UI gives you the power and flexibility to search and filter incidents detected by IOC, and system events and details provided by the cloud agent.
Investigation and response
How to Search
Create rules to get alerts for events that you want to monitor closely.
Configure Rule Based Alerts for Events
Dynamic dashboards help you visualize your IOC incidents and events and get up to date views on your assets in real time. Add widgets with your own search queries to easily track exactly what you're interested in.
Get Started Now!