Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
The Pyramid of Pain ranks indicators of compromise by how costly detecting them is for attackers, from hash values up to TTPs.
Pyramid of Pain Definition: The Pyramid of Pain ranks indicators of compromise by how costly detecting them is for attackers, from hash values up to TTPs.
The Pyramid of Pain is a threat-detection model, created by David Bianco, that ranks indicators of compromise by how much difficulty their detection imposes on an adversary. From bottom to top it lists hash values, IP addresses, domain names, network and host artifacts, tools, and finally TTPs (tactics, techniques, and procedures). Defenders are encouraged to detect higher-tier indicators because forcing attackers to change their TTPs is far more costly than blocking an easily swapped hash or IP.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →