Shadow IT Discovery
Critical
Open
ALR-00041 · 2026-07-09T14:45:15Z
Description
Firewall discovered unauthorised SaaS application (file sharing) used by 'm.taylor'. 14GB of company data synced to unapproved cloud storage.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
14:45:15
Event ingested by SOC365 Engine
14:45:17
EmilyAI triage started — correlation enrichment
14:45:27
EmilyAI confidence: 95% — escalated to human analyst
14:45:31
Alert assigned to analyst: Sarah Chen
14:47:19
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00235 | 2h ago | Shadow IT Discovery | Low | Open | WS-PC-006 |
| ALR-00007 | 7h ago | C2 Beacon Activity | High | Escalated | WS-LAP-012 |
| ALR-00387 | 11h ago | Data Exfiltration Attempt | Low | Resolved | WS-LAP-012 |
| ALR-00165 | 15h ago | DecoyPulse Honeypot Triggered | Medium | Open | WS-LAP-012 |
| ALR-00005 | 17h ago | C2 Beacon Activity | Critical | Escalated | WS-LAP-012 |