Managed Sentinel – Alert 209

Alert IDMS-A209
Alert NameAccess to phishing and peer-to-peer URLs
DescriptionThis alert identifies connections to phishing and peer-to-peer sites
Peer-to-peer (P2P) software allows connections from/to a corporate computer to a potential malicious Internet host. This poses a number of risks such as
- download malware, pirated or copyrighted material, or pornography
- permit external malicious users to access and share your organization files
Severity LevelMedium
Threat IndicatorImproper Usage
Initial Access
Log sourcesFirewalls
False PositiveSanctioned Cloud applications
Recommendations1. Block this outbound traffic on perimeter firewall
2. Perform an AV/AM scan on the internal machine accessing this URL
3. Investigate on the public Threat Intelligence sites (e.g. if the subject URL is indeed malicious