Credential Stuffing Attempt
Low
Escalated
ALR-00028 · 2026-07-08T07:06:19Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by EmilyAI Triage.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
07:06:19
Event ingested by SOC365 Engine
07:06:22
EmilyAI triage started — correlation enrichment
07:06:28
EmilyAI confidence: 81% — escalated to human analyst
07:06:48
Alert assigned to analyst: EmilyAI (auto)
07:09:01
Investigation started — querying SIEM and threat intelligence
07:16:06
Containment action taken — endpoint isolated
07:23:58
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00283 | 13m ago | Credential Stuffing Attempt | Low | Resolved | WS-PC-003 |
| ALR-00186 | 4h ago | Privilege Escalation Attempt | Low | Resolved | SRV-WEB-01 |
| ALR-00111 | 6h ago | Certificate Anomaly | High | Escalated | SRV-WEB-01 |
| ALR-00004 | 7h ago | Port Scan Detected | Informational | Resolved | SRV-WEB-01 |
| ALR-00276 | 13h ago | Credential Stuffing Attempt | High | Investigating | WS-PC-004 |