Managed Sentinel – Alert 074

Alert IDMS-A074
Alert NamePeer-to-peer traffic detected in perimeter firewall
DescriptionPeer-to-peer (P2P) software allows connections from/to a corporate computer to a potential malicious Internet host. This poses a number of risks such as
- download malware, pirated or copyrighted material, or pornography
- permit external malicious users to access and share your organization files
Severity LevelMedium
Threat IndicatorImproper Usage
MITRE ATT&CK TacticsDefense Evasion
Lateral Movement
Command and Control
Exfiltration
Log sourcesFirewalls
False PositiveSanctioned Cloud applications
RecommendationsBlock this specific traffic in perimeter firewall