The following are the list of out-of-the-box supported Use Cases
- 3rd Party Security Alerts
- Abnormal Account Management Activity
- Abnormal Application Access
- Abnormal Authentication & Access
- Abnormal Database Access
- Abnormal Directory Services Activity
- Abnormal File Access
- Abnormal Network Connections
- Abnormal Remote Access
- Abnormal User Activity
- Abnormal VPN Access
- Abnormal Web Access
- Access to Application Data
- Access to File Data
- Access to Physical Space
- Account Creation Activity
- Account Deletion Activity
- Account Manipulation
- Account Switch
- Activity on Domain Controllers
- Audit Log Manipulation
- Audit Tampering
- Brute Force Attack
- Bypass Access Controls
- Cloud Data Protection
- Compromised Asset
- Compromised Service Account
- Credential Theft
- Cryptomining
- DLL Hijacking and Side Loading
- Data Exfiltration
- Data Exfiltration via DNS
- Data Exfiltration via Web
- Data Leak
- Data Leak via Email
- Data Leak via Printer
- Data Leak via Removable Device
- Data Leak via Web
- Database Activity Monitoring
- Disabled Account Abuse
- Disabled Account Activity
- Discovery
- Evasion
- Executive Account Abuse
- Executive Account Activity
- Malware
- Membership and Permission Modifications
- Pass the Hash
- Pass the Ticket
- Permission Changes
- Phishing
- Privilege Abuse
- Privileged Account Abuse
- Privileged Asset Abuse
- Privileged Asset Activity
- Privileged Process Execution
- Ransomware
- Remote Workforce
- Risk of Attrition
- Service Account Abuse
- Spam
- System Account Activity