Managed Sentinel – Alert 224

Alert IDMS-A224
Alert NameCarbon Black Ingress Hit Events
DescriptionThis alert identifies Carbon Black ingress hit events (process path, source IPs, source hosts, feed name).
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsDefenseEvasion
Execution
Collection
Log sourcesCarbon Black
False Positives
Recommendations