Managed Sentinel – Alert 206
| Alert ID | MS-A206 |
| Alert Name | Microsoft Cloud App Security alert |
| Description | This alert indicates that the Microsoft Cloud App Security (MCAS) has raised an alert based on the configured policies. |
| Severity Level | Medium |
| Threat Indicator | Various indicators, depending on the user activity that triggered the MCAS alert. |
| MITRE ATT&CK Tactics | Various tactics, depending on the user activity that triggered the MCAS alert. |
| Log sources | Microsoft Cloud App Security |
| Recommendations | 1. Review the suspicious activity identified by MCAS 2. Contact the user if applicable 3. Look for additional indicators of compromise related to the user or the system identified in the alert. |