This alert identifies antimalware activity detected by the Azure Security Center. The alert details are based on the type of antimalware installed on the host but typically includes the host name, the affected file, the action taken and some additional information related to the nature of the threat.
MITRE ATT&CK Tactics
Azure Security Center alerts
Benign applications identified as malicious by the antimalware software.
Malware detection testing.
1. Identify the system(s) that have been affected
2. Run a full antimalware scan
3. Contact the user for additional details such as any abnormal computer behavior, suspicious files, etc.
4. Search for additional alerts related to the affected computer
5. If available, use an EDR application for further investigation