Managed Sentinel – Alert 163
| Alert ID | MS-A163 |
| Alert Name | High severity IPS Signatures from sources originating from internal network |
| Description | This is an indicator that an internal host has been compromised and is attempting to connect to a command and control server or attack other resources. |
| Severity Level | Medium |
| Threat Indicator | |
| MITRE ATT&CK Tactics | Execution CommandAndControl DefensiveEvasion Exfiltration |
| Log sources | CommonSecurityLog |
| False Positives | |
| Recommendations |