Navigation :
High Volume Email Activity to Non-corporate Domains by User
Description
Alerts on high volume email activity by a user to non-corporate domains.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Insider Threat
Category
Endpoint Compromise, Data Exfiltration, Insider Threat
Alert Volume
Alerts on high volume email activity by a user to non-corporate domains.
SPL Difficulty
Advanced
Journey
Stage 3
MITRE ATT&CK Tactics
Exfiltration
MITRE ATT&CK Techniques
Exfiltration
Data Sources
Email