Credential Stuffing Attempt
Critical
Investigating
ALR-00055 · 2026-07-09T16:38:59Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Cloud Connector.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
16:38:59
Event ingested by SOC365 Engine
16:39:03
EmilyAI triage started — correlation enrichment
16:39:05
EmilyAI confidence: 81% — escalated to human analyst
16:39:44
Alert assigned to analyst: Sarah Chen
16:41:01
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00454 | 39m ago | Credential Stuffing Attempt | High | Investigating | WS-LAP-010 |
| ALR-00449 | 15h ago | Port Scan Detected | Low | Open | SW-CORE-01 |
| ALR-00375 | 15h ago | DLP Policy Violation | Informational | Investigating | SW-CORE-01 |
| ALR-00155 | 17h ago | Tor Exit Node Connection | Low | Investigating | SW-CORE-01 |
| ALR-00434 | 20h ago | DecoyPulse Honeypot Triggered | Low | Resolved | SW-CORE-01 |