Exfiltration after Account Compromise
Description
This threat is generated when an account (or multiple accounts) exhibit behavior outside of the normal baseline that indicates a compromise. It further differentiates itself by including data exfiltration associated with that account.
Content Mapping
This content is not mapped to any local saved search. Add mapping