This threat is generated when a single account or multiple accounts have repeated login failures followed by malicious activity such as data movement or scanning activity.
This content is not mapped to any local saved search. Add mapping
Account Compromise, IAM Analytics
Data Availability Bad
IDS or IPS
Endpoint Detection and Response
Anti-Virus or Anti-Malware