Data Staging

Description

Triggered when an excessive amount of data is uploaded or stored onto an internal server or cloud storage system. This anomaly is often a pre-cursor to a flight risk threat or data exfiltration threat.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring, Insider Threat

Category

Insider Threat, Account Compromise, Adversary Tactics

Alert Volume

Low (?)

SPL Difficulty

None

Journey

Stage 6

MITRE ATT&CK Tactics

Exfiltration

MITRE ATT&CK Techniques

Exfiltration Over Other Network Medium
Exfiltration Over Alternative Protocol

Data Sources

Network Communication
Web Proxy