The detection rule titled 'PowerShell Get Clipboard' is designed to monitor the execution of the 'Get-Clipboard' command in PowerShell logs on Windows systems. This command allows access to the clipboard contents, making it a potential point of attack for adversaries looking to exfiltrate sensitive information. The rule identifies instances where the command is invoked by analyzing the payload of executed PowerShell commands. Given that attackers often utilize clipboard commands as part of information-gathering tactics (Attack technique T1115), this detection aims to provide visibility into such activities to enable prompt response and investigation. The detection rule is currently in a testing phase and categorized as medium-level threat detection. It relies on monitoring logs specifically categorized under Windows PowerShell modules.