Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:43:44 UTC

C2 Beacon Activity

Informational False Positive
ALR-00021 · 2026-07-05T06:56:22Z

Description

Suspected C2 beacon detected from WS-PC-004. Regular 60-second interval HTTPS POST to suspicious domain. Network IDS blocked outbound.

Alert Metadata

Alert ID
ALR-00021
Timestamp
2026-07-05T06:56:22Z
Severity
Informational
Status
False Positive
Detection Source
Network IDS
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-004
User Account
a.wilson
Source IP
91.246.195.228
Destination IP
10.3.93.140
Origin Country
GB United Kingdom

MITRE ATT&CK Mapping

Tactic
Command and Control
Technique
T1071.001
Reference
attack.mitre.org/techniques/T1071.001

Investigation Timeline

06:56:22 Event ingested by SOC365 Engine
06:56:23 EmilyAI triage started — correlation enrichment
06:56:27 EmilyAI confidence: 95% — escalated to human analyst
06:56:43 Alert assigned to analyst: EmilyAI (auto)
06:59:21 Investigation started — querying SIEM and threat intelligence
07:03:06 Containment action taken — endpoint isolated
07:13:04 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00471 1h ago Unauthorised USB Device High Open WS-PC-004
ALR-00030 9h ago Insider Threat Indicator Informational False Positive WS-PC-004
ALR-00363 15h ago Brute Force SSH High Investigating WS-PC-004
ALR-00481 15h ago C2 Beacon Activity High Escalated WS-LAP-010
ALR-00265 16h ago C2 Beacon Activity Low Investigating AP-WIFI-03