Unusual Cloud Storage Downloads

Description

Triggered on a large number of file/directory downloads from a cloud file storage system. This is specifically the number of downloads not the size of the downloads. This anomaly looks at the enterprise afverage for a historical baseline.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Insider Threat, Security Monitoring, Advanced Threat Detection

Category

Account Compromise, Insider Threat, Lateral Movement, Zero Trust

Alert Volume

Medium

Journey

Stage 4

MITRE ATT&CK Tactics

Exfiltration

MITRE ATT&CK Techniques

Exfiltration Over Other Network Medium

Data Sources

Audit Trail