Navigation :
Account Compromised followed by Exfiltration
Description
This threat is generated when an account or multiple accounts exhibit behavior outside of the normal baseline that indicates a compromise.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Security Monitoring
Category
Account Compromise
Alert Volume
Low
(?)SPL Difficulty
None
Journey
Stage 6
Data Sources
Windows Security
Application Data
Audit Trail
Network Communication
Web Server
Authentication
DLP
Physical Security
Email
Endpoint Detection and Response
Web Proxy