Credential Stuffing Attempt
Informational
Resolved
ALR-00022 · 2026-07-08T07:06:05Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by DecoyPulse.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
07:06:05
Event ingested by SOC365 Engine
07:06:06
EmilyAI triage started — correlation enrichment
07:06:13
EmilyAI confidence: 94% — escalated to human analyst
07:06:39
Alert assigned to analyst: EmilyAI (auto)
07:07:54
Investigation started — querying SIEM and threat intelligence
07:09:35
Containment action taken — endpoint isolated
07:23:33
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00454 | 39m ago | Credential Stuffing Attempt | High | Investigating | WS-LAP-010 |
| ALR-00247 | 1d ago | Shadow IT Discovery | Informational | Investigating | WS-MAC-005 |
| ALR-00151 | 1d ago | Suspicious Scheduled Task | Low | Open | WS-MAC-005 |
| ALR-00404 | 1d ago | Credential Stuffing Attempt | Critical | Open | WS-PC-001 |
| ALR-00055 | 2d ago | Credential Stuffing Attempt | Critical | Investigating | SW-CORE-01 |