Unusual Outbound Traffic
Low
Open
ALR-00034 · 2026-07-05T05:31:29Z
Description
Unusual outbound traffic pattern from SRV-BACKUP-01 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Firewall.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
05:31:29
Event ingested by SOC365 Engine
05:31:33
EmilyAI triage started — correlation enrichment
05:31:40
EmilyAI confidence: 97% — escalated to human analyst
05:31:46
Alert assigned to analyst: EmilyAI (auto)
05:32:14
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00346 | 1h ago | Certificate Anomaly | Medium | Investigating | SRV-BACKUP-01 |
| ALR-00035 | 17h ago | Unusual Outbound Traffic | Medium | Escalated | SRV-APP-01 |
| ALR-00202 | 18h ago | Phishing Email Blocked | Low | Open | SRV-BACKUP-01 |
| ALR-00038 | 21h ago | Rogue DHCP Server | High | Open | SRV-BACKUP-01 |
| ALR-00465 | 1d ago | Phishing Email Blocked | Informational | Resolved | SRV-BACKUP-01 |