New Device Detected
A new device was discovered in the network. it can be because an existing device is trying to initiate communication with this address or the new address is initiating the communication.
ID Number
9000001
Signature
-
MITRE ATT&CK Technique
-
Severity
medium
Recommendations/Investigative actions
Identify the asset call the POC (Point of Contact) at the site and ask if some kind of activity was performed or he is aware for a network bug. In addition, look for a relevant cyber attack rules at the same time, it can be an attampt of the attacker to create a c&c station in the network