Managed Sentinel – Alert 256
| Alert ID | MS-A256 |
| Alert Name | VPN connections from IP addresses matching Firegen Threat Intelligence feed - SonicWall |
| Description | This alert identifies successful VPN authentications from IP addresses listed in the Firegen Threat Intelligence feed. |
| Severity Level | Medium |
| Threat Indicator | |
| MITRE ATT&CK Tactics | CredentialAccess LateralMovement PrivilegeEscalation |
| Log sources | Common Security Logs |
| False Positives | |
| Recommendations |