Suspicious Scheduled Task
High
Investigating
ALR-00011 · 2026-07-06T17:52:28Z
Description
New scheduled task created on WS-MAC-005 by 'r.davies' running encoded batch script at 02:00 daily. No change request on file.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
17:52:28
Event ingested by SOC365 Engine
17:52:32
EmilyAI triage started — correlation enrichment
17:52:39
EmilyAI confidence: 83% — escalated to human analyst
17:52:58
Alert assigned to analyst: James Okonkwo
17:54:47
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00158 | 1h ago | Malware Signature Match | Low | Escalated | WS-MAC-005 |
| ALR-00416 | 4h ago | Unusual Outbound Traffic | Informational | Escalated | WS-MAC-005 |
| ALR-00339 | 7h ago | Data Exfiltration Attempt | Low | Escalated | WS-MAC-005 |
| ALR-00023 | 8h ago | DLP Policy Violation | Medium | Resolved | WS-MAC-005 |
| ALR-00243 | 20h ago | Suspicious Scheduled Task | High | Open | AP-WIFI-03 |