Detects the modification of an EC2 snapshot's permissions to enable access from another account

An attempt to export an AWS EC2 instance has been detected. A VM Export might indicate an attempt to extract information from an instance.

Detects when a user tampers with S3 data management in Amazon Web Services.

Detects when a Microsoft Cloud App Security reported when a user or IP address uses an app that is not sanctioned to perform an activity that resembles an attempt to exfiltrate information from your organization.