As before, this section is split into network indications and payload indications. This should assist in matching technologies to the elements that a cybersecurity operator may be looking to identify. Again, you'll notice that significant amounts of crossover exist between technologies; cross-referencing network and payload indicators, along with other contextual information, will always be the most effective means of identifying threats.