Port Scan Detected
Low
Open
ALR-00004 · 2026-07-08T20:35:27Z
Description
Sequential port scan (1-1024) detected targeting SRV-FILE-01 from external IP. DLP Module identified SYN scan pattern.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
20:35:27
Event ingested by SOC365 Engine
20:35:31
EmilyAI triage started — correlation enrichment
20:35:35
EmilyAI confidence: 93% — escalated to human analyst
20:35:51
Alert assigned to analyst: EmilyAI (auto)
20:36:30
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00013 | 9m ago | Port Scan Detected | Low | False Positive | WS-PC-002 |
| ALR-00489 | 1h ago | Port Scan Detected | Informational | False Positive | WS-PC-004 |
| ALR-00300 | 1h ago | Privilege Escalation Attempt | Informational | False Positive | SRV-FILE-01 |
| ALR-00288 | 8h ago | C2 Beacon Activity | Medium | Escalated | SRV-FILE-01 |
| ALR-00108 | 16h ago | Unusual Outbound Traffic | Medium | Resolved | SRV-FILE-01 |