IoAs
refers to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack.
Senses
Sense 1Indicators of attack
refers to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack.
Indicators of attack are not so much a static description of the attacker, but a dynamic profile of how an attacker interacts with your technologies and users.
References
- NICCS (CISA) Cybersecurity VocabularyJan 06, 2026NICCS glossary export (CSV)https://niccs.cisa.gov/rest/vocab/export-csvNICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).