Managed Sentinel – Alert 233
| Alert ID | MS-A233 |
| Alert Name | Azure SignInLogs activities from IP listed in the ThreatIntelligenceIndicator table |
| Description | This alert indicates that one or more SignInLogs activities have been detected as having been performed from IPs listed in the ThreatIntelligenceIndicator table. |
| Severity Level | High |
| Threat Indicator | |
| MITRE ATT&CK Tactics | CredentialAccess LateralMovement PrivilegeEscalation |
| Log sources | Signin Logs |
| False Positives | |
| Recommendations |