Tag
The rule detects suspicious access to LDAP attributes in Active Directory by identifying read access to a high number of Active Directory object attributes, which can help adversaries find vulnerabilities, elevate privileges, or collect sensitive information.