Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:40:20 UTC

Port Scan Detected

Medium Resolved
ALR-00063 · 2026-07-06T05:06:37Z

Description

Sequential port scan (1-1024) detected targeting AP-WIFI-03 from external IP. Firewall identified SYN scan pattern.

Alert Metadata

Alert ID
ALR-00063
Timestamp
2026-07-06T05:06:37Z
Severity
Medium
Status
Resolved
Detection Source
Firewall
Assigned Analyst
Anika Patel

Endpoint Information

Hostname
AP-WIFI-03
User Account
j.smith
Source IP
45.161.148.140
Destination IP
10.0.161.51
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Reconnaissance
Technique
T1046
Reference
attack.mitre.org/techniques/T1046

Investigation Timeline

05:06:37 Event ingested by SOC365 Engine
05:06:41 EmilyAI triage started — correlation enrichment
05:06:44 EmilyAI confidence: 85% — escalated to human analyst
05:07:04 Alert assigned to analyst: Anika Patel
05:08:12 Investigation started — querying SIEM and threat intelligence
05:09:42 Containment action taken — endpoint isolated
05:17:24 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00210 1h ago Port Scan Detected Informational Escalated SRV-FILE-01
ALR-00175 1h ago Port Scan Detected Critical Investigating SRV-FILE-01
ALR-00445 6h ago Port Scan Detected Medium Open AP-WIFI-03
ALR-00342 6h ago Phishing Email Blocked Critical Open AP-WIFI-03
ALR-00443 12h ago Port Scan Detected Medium Escalated AP-WIFI-03