Account Compromised followed by Exfiltration

Description

This threat is generated when an account or multiple accounts exhibit behavior outside of the normal baseline that indicates a compromise.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring

Category

Account Compromise

Alert Volume

Low

Journey

Stage 6

Data Sources

Audit Trail
DLP
Physical Security
Web Server
Endpoint Detection and Response
Authentication
Application Data
Windows Security
Network Communication
Email
Web Proxy