DLP Policy Violation
Medium
Resolved
ALR-00023 · 2026-07-11T10:56:04Z
Description
DLP policy violation: user 'r.davies' attempted to email 3 files classified as 'Confidential' to external address from WS-MAC-005.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
10:56:04
Event ingested by SOC365 Engine
10:56:05
EmilyAI triage started — correlation enrichment
10:56:17
EmilyAI confidence: 94% — escalated to human analyst
10:56:32
Alert assigned to analyst: Anika Patel
10:57:04
Investigation started — querying SIEM and threat intelligence
11:01:39
Containment action taken — endpoint isolated
11:07:57
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00158 | 1h ago | Malware Signature Match | Low | Escalated | WS-MAC-005 |
| ALR-00416 | 4h ago | Unusual Outbound Traffic | Informational | Escalated | WS-MAC-005 |
| ALR-00187 | 6h ago | DLP Policy Violation | Medium | Escalated | WS-PC-006 |
| ALR-00339 | 7h ago | Data Exfiltration Attempt | Low | Escalated | WS-MAC-005 |
| ALR-00228 | 14h ago | DLP Policy Violation | Medium | Investigating | WS-LAP-011 |