Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 13:54:02 UTC

Port Scan Detected

Informational Investigating
ALR-00030 · 2026-04-12T03:32:27Z

Description

Sequential port scan (1-1024) detected targeting SRV-APP-01 from external IP. EmilyAI Triage identified SYN scan pattern.

Alert Metadata

Alert ID
ALR-00030
Timestamp
2026-04-12T03:32:27Z
Severity
Informational
Status
Investigating
Detection Source
EmilyAI Triage
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-APP-01
User Account
s.jones
Source IP
185.254.220.20
Destination IP
10.2.68.218
Origin Country
RU Russia

MITRE ATT&CK Mapping

Tactic
Reconnaissance
Technique
T1046
Reference
attack.mitre.org/techniques/T1046

Investigation Timeline

03:32:27 Event ingested by SOC365 Engine
03:32:29 EmilyAI triage started — correlation enrichment
03:32:40 EmilyAI confidence: 82% — escalated to human analyst
03:32:50 Alert assigned to analyst: EmilyAI (auto)
03:34:10 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00140 16m ago Lateral Movement Detected Low False Positive SRV-APP-01
ALR-00053 5h ago Unauthorised USB Device Informational Investigating SRV-APP-01
ALR-00392 10h ago DLP Policy Violation Informational Open SRV-APP-01
ALR-00108 12h ago DecoyPulse Honeypot Triggered Informational Open SRV-APP-01
ALR-00388 13h ago Port Scan Detected Medium False Positive WS-LAP-011