Privilege Escalation after Powershell Activity
This threat is a simple rule to look for privilege escalation occurring after a suspicious powershell command. UBA has the ability to create simple correlation threat rules based on anomalies. This threat is one such rule.
This content is not mapped to any local saved search. Add mapping