Quick Links

Frequent detections

Below are some examples of the frequently seen detections across our customers that you might see once you get started. Keep in mind that detections vary based on the integrations that are sending logs. Blumira has hundreds of pre-tuned detections, and our Incident Detection Engineering team adds more every week.

  • Service Execution with Lateral Movement Tools
  • 500GB+ Outbound Connection via Generic Network Protocol
  • Pass the Hash Behavior
  • Impossible Travel
  • M365 Email Forwarding Enabled
  • Potentially Malicious PowerShell Command
  • Clear-Text Password on Local System