UEBA : Potentially Compromised Account
The QRadar® User Entity Behavior Analytics (UEBA) app supports use cases based on rules for certain behavioral anomalies.
UEBA : Potentially Compromised Account
Enabled by default
False
Default senseValue
25
Default senseValueSource
25
Default senseValueDestination
25
Description
Detects scenario of suspicious activity followed by exfiltration within 24 hours.
Support rules
Required configuration
See supported rules
Log source types
See supported rules