Most large organizations have a SIEM (Security Information and Event Management) these days. They collect events from across systems and networks to detect threats. If you are fortunate enough, your SIEM will have a good correlation engine that will alert…