Most Common True Positive Alerts

Hi All,

Curious to get everyone's feedback. What are the most common True Positive security alerts everyone is receiving during your day to day (aside for phishing / malicious URL click from phishing)?

I'm looking to add create new detection rules or fine tune what we currently have going. I've already gone through a lot of GitHub pages. I'm more curious what's actively alerting everyone.

Looking forward to hearing what everyone says.