Managed Sentinel – Alert 223

Alert IDMS-A223
Alert NameCarbon Black Query Hit Events
DescriptionThis alert identifies Carbon Black query hit events (process path, source IPs, source hosts, feed name).
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsDefenseEvasion
Execution
Collection
Log sourcesCarbon Black
False Positives
Recommendations