public sealed class Indicator : IMessage<Indicator>, IEquatable<Indicator>, IDeepCloneable<Indicator>, IBufferMessage, IMessage
Reference documentation and code samples for the Security Command Center v2 API class Indicator.
Represents what's commonly known as an indicator of compromise (IoC) in
computer forensics. This is an artifact observed on a network or in an
operating system that, with high confidence, indicates a computer intrusion.
For more information, see Indicator of
compromise.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThe \u003ccode\u003eIndicator\u003c/code\u003e class in the Security Command Center v2 API represents an indicator of compromise (IoC), which is an artifact that strongly suggests a computer intrusion.\u003c/p\u003e\n"],["\u003cp\u003eThis class implements several interfaces including \u003ccode\u003eIMessage\u003c/code\u003e, \u003ccode\u003eIEquatable\u003c/code\u003e, \u003ccode\u003eIDeepCloneable\u003c/code\u003e, and \u003ccode\u003eIBufferMessage\u003c/code\u003e, inheriting from the base \u003ccode\u003eobject\u003c/code\u003e class.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eIndicator\u003c/code\u003e class includes properties for domains, IP addresses, signatures, and URIs, each designed to hold lists of corresponding data related to potential security compromises.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eIndicator\u003c/code\u003e class offers two constructors: one default and another that duplicates another \u003ccode\u003eIndicator\u003c/code\u003e instance.\u003c/p\u003e\n"]]],[],null,["# Security Command Center v2 API - Class Indicator (1.2.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.2.0 (latest)](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/latest/Google.Cloud.SecurityCenter.V2.Indicator)\n- [1.1.0](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/1.1.0/Google.Cloud.SecurityCenter.V2.Indicator)\n- [1.0.0](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/1.0.0/Google.Cloud.SecurityCenter.V2.Indicator) \n\n public sealed class Indicator : IMessage\u003cIndicator\u003e, IEquatable\u003cIndicator\u003e, IDeepCloneable\u003cIndicator\u003e, IBufferMessage, IMessage\n\nReference documentation and code samples for the Security Command Center v2 API class Indicator.\n\nRepresents what's commonly known as an *indicator of compromise* (IoC) in\ncomputer forensics. This is an artifact observed on a network or in an\noperating system that, with high confidence, indicates a computer intrusion.\nFor more information, see [Indicator of\ncompromise](https://en.wikipedia.org/wiki/Indicator_of_compromise). \n\nInheritance\n-----------\n\n[object](https://learn.microsoft.com/dotnet/api/system.object) \\\u003e Indicator \n\nImplements\n----------\n\n[IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage-1.html)[Indicator](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/latest/Google.Cloud.SecurityCenter.V2.Indicator), [IEquatable](https://learn.microsoft.com/dotnet/api/system.iequatable-1)[Indicator](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/latest/Google.Cloud.SecurityCenter.V2.Indicator), [IDeepCloneable](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IDeepCloneable-1.html)[Indicator](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/latest/Google.Cloud.SecurityCenter.V2.Indicator), [IBufferMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IBufferMessage.html), [IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage.html) \n\nInherited Members\n-----------------\n\n[object.GetHashCode()](https://learn.microsoft.com/dotnet/api/system.object.gethashcode) \n[object.GetType()](https://learn.microsoft.com/dotnet/api/system.object.gettype) \n[object.ToString()](https://learn.microsoft.com/dotnet/api/system.object.tostring)\n\nNamespace\n---------\n\n[Google.Cloud.SecurityCenter.V2](/dotnet/docs/reference/Google.Cloud.SecurityCenter.V2/latest/Google.Cloud.SecurityCenter.V2)\n\nAssembly\n--------\n\nGoogle.Cloud.SecurityCenter.V2.dll\n\nConstructors\n------------\n\n### Indicator()\n\n public Indicator()\n\n### Indicator(Indicator)\n\n public Indicator(Indicator other)\n\nProperties\n----------\n\n### Domains\n\n public RepeatedField\u003cstring\u003e Domains { get; }\n\nList of domains associated to the Finding.\n\n### IpAddresses\n\n public RepeatedField\u003cstring\u003e IpAddresses { get; }\n\nThe list of IP addresses that are associated with the finding.\n\n### Signatures\n\n public RepeatedField\u003cIndicator.Types.ProcessSignature\u003e Signatures { get; }\n\nThe list of matched signatures indicating that the given\nprocess is present in the environment.\n\n### Uris\n\n public RepeatedField\u003cstring\u003e Uris { get; }\n\nThe list of URIs associated to the Findings."]]
