Indicadores de Compromiso - IoC: Structured Threat Intelligence Indicators for APT Groups

Indicadores de Compromiso (IoCs) is a structured repository of cybersecurity threat indicators associated with Advanced Persistent Threat (APT) groups. The dataset includes indicators such as IP addresses, domains, URLs, and file hashes, collected from technical analysis, security event correlation, and threat intelligence sources. It is hosted on the DetecTIC platform and was last updated on 2026-04-14.

Use Cases

• Correlating threat actor activity using the 'adversaries' and 'type' columns to identify APT group patterns.
• Filtering and prioritizing threat indicators based on 'expires_at' and 'touched_at' timestamps for alert triage.
• Enriching security logs by matching observed 'value' fields (e.g., IPs, hashes) against this IoC database.
• Categorizing and searching threat data using the 'tags' and 'sources' columns for intelligence reporting.

Strengths

• Includes multiple indicator categories such as IPs, domains, URLs, and file hashes as described.
• Provides temporal metadata columns like 'created_at', 'expires_at', and 'touched_at' for lifecycle management.
• Available in multiple structured formats including CSV, JSON, XML, and RDF for interoperability.

Limitations

• Row count is unknown, which may limit suitability assessment.
• Description metadata is limited; actual data quality requires manual inspection after download.

Provenance

Source

DetecTIC platform (https://detectic.colcert.gov.co/) via datos.gov.co.

Collection Method

Collected from technical analysis, security event correlation, and threat intelligence sources (CTI).

Time Range

Temporal coverage is not specified in the input.

Freshness

Last updated 2026-04-14 19:46:14; freshness should be verified.

Geography

Spatial coverage is not specified in the input.