Managed Sentinel – Alert 221

Alert IDMS-A221
Alert NameCarbon Black Storage Hit Events
DescriptionThis alert identifies Carbon Black query hit events (process path, source IPs, source hosts, feed name).
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsDefenseEvasion
Execution
Collection
Log sourcesCarbon Black
False Positives
Recommendations