Managed Sentinel – Alert 256

Alert IDMS-A256
Alert NameVPN connections from IP addresses matching Firegen Threat Intelligence feed - SonicWall
DescriptionThis alert identifies successful VPN authentications from IP addresses listed in the Firegen Threat Intelligence feed.
Severity LevelMedium
Threat Indicator
MITRE ATT&CK TacticsCredentialAccess
LateralMovement
PrivilegeEscalation
Log sourcesCommon Security Logs
False Positives
Recommendations