Managed Sentinel – Alert 233

Alert IDMS-A233
Alert NameAzure SignInLogs activities from IP listed in the ThreatIntelligenceIndicator table
DescriptionThis alert indicates that one or more SignInLogs activities have been detected as having been performed from IPs listed in the ThreatIntelligenceIndicator table.
Severity LevelHigh
Threat Indicator
MITRE ATT&CK TacticsCredentialAccess
LateralMovement
PrivilegeEscalation
Log sourcesSignin Logs
False Positives
Recommendations