Managed Sentinel – Alert 163

Alert IDMS-A163
Alert NameHigh severity IPS Signatures from sources originating from internal network
DescriptionThis is an indicator that an internal host has been compromised and is attempting to connect to a command and control server or attack other resources.
Severity LevelMedium
Threat Indicator
MITRE ATT&CK TacticsExecution
CommandAndControl
DefensiveEvasion
Exfiltration
Log sourcesCommonSecurityLog
False Positives
Recommendations