Managed Sentinel – Alert 221
| Alert ID | MS-A221 |
| Alert Name | Carbon Black Storage Hit Events |
| Description | This alert identifies Carbon Black query hit events (process path, source IPs, source hosts, feed name). |
| Severity Level | Low |
| Threat Indicator | |
| MITRE ATT&CK Tactics | DefenseEvasion Execution Collection |
| Log sources | Carbon Black |
| False Positives | |
| Recommendations |