Certificate Anomaly
Informational
Escalated
ALR-00056 · 2026-07-08T03:36:05Z
Description
TLS certificate anomaly detected on WS-LAP-011. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
03:36:05
Event ingested by SOC365 Engine
03:36:09
EmilyAI triage started — correlation enrichment
03:36:14
EmilyAI confidence: 78% — escalated to human analyst
03:36:35
Alert assigned to analyst: EmilyAI (auto)
03:37:07
Investigation started — querying SIEM and threat intelligence
03:40:53
Containment action taken — endpoint isolated
03:46:53
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00346 | 1h ago | Certificate Anomaly | Medium | Investigating | SRV-BACKUP-01 |
| ALR-00170 | 2h ago | Data Exfiltration Attempt | Medium | Open | WS-LAP-011 |
| ALR-00220 | 19h ago | Certificate Anomaly | Medium | Open | WS-PC-001 |
| ALR-00051 | 1d ago | Certificate Anomaly | Low | Investigating | WS-PC-002 |
| ALR-00411 | 1d ago | Certificate Anomaly | Low | False Positive | WS-LAP-012 |