Unusual Outbound Traffic
Low
False Positive
ALR-00043 · 2026-05-25T01:24:04Z
Description
Unusual outbound traffic pattern from SRV-APP-01 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Endpoint Agent.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
01:24:04
Event ingested by SOC365 Engine
01:24:05
EmilyAI triage started — correlation enrichment
01:24:15
EmilyAI confidence: 86% — escalated to human analyst
01:24:36
Alert assigned to analyst: EmilyAI (auto)
01:26:05
Investigation started — querying SIEM and threat intelligence
01:31:17
Containment action taken — endpoint isolated
01:37:47
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00191 | 6h ago | Unusual Outbound Traffic | Low | False Positive | SRV-WEB-01 |
| ALR-00078 | 7h ago | Unusual Outbound Traffic | Low | Investigating | WS-PC-001 |
| ALR-00263 | 12h ago | Malware Signature Match | Medium | False Positive | SRV-APP-01 |
| ALR-00170 | 1d ago | Pass-the-Hash Detected | Low | False Positive | SRV-APP-01 |
| ALR-00325 | 1d ago | Port Scan Detected | Medium | Investigating | SRV-APP-01 |