The detection rule 'LOLBAS With Network Traffic' identifies the misuse of Living Off the Land Binaries and Scripts (LOLBAS) in conjunction with network activities. This analytic specifically targets native Windows binaries that can be exploited by malicious actors to establish unauthorized network connections. By utilizing the Network Traffic data model, the rule detects attempts by these binaries to communicate over the network, which is critical due to the potential for downloading malicious payloads and executing other harmful tasks. Common threats recognized by this detection include lateral movement, command-and-control operations, and data exfiltration, underscoring the risk of privilege escalation and persistence strategies employed by attackers. Implementing this rule requires integration of events into the relevant data models, focusing on the source, destination, and process information to effectively identify and analyze potentially harmful behavior.