Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 13:55:01 UTC

Port Scan Detected

Low Resolved
ALR-00066 · 2026-04-10T14:40:58Z

Description

Sequential port scan (1-1024) detected targeting WS-PC-002 from external IP. Attack Surface Scanner identified SYN scan pattern.

Alert Metadata

Alert ID
ALR-00066
Timestamp
2026-04-10T14:40:58Z
Severity
Low
Status
Resolved
Detection Source
Attack Surface Scanner
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-002
User Account
p.thomas
Source IP
45.237.148.143
Destination IP
10.3.41.179
Origin Country
FR France

MITRE ATT&CK Mapping

Tactic
Reconnaissance
Technique
T1046
Reference
attack.mitre.org/techniques/T1046

Investigation Timeline

14:40:58 Event ingested by SOC365 Engine
14:41:01 EmilyAI triage started — correlation enrichment
14:41:07 EmilyAI confidence: 78% — escalated to human analyst
14:41:30 Alert assigned to analyst: EmilyAI (auto)
14:42:55 Investigation started — querying SIEM and threat intelligence
14:50:41 Containment action taken — endpoint isolated
14:55:57 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00070 4h ago C2 Beacon Activity Medium False Positive WS-PC-002
ALR-00165 10h ago Lateral Movement Detected Informational False Positive WS-PC-002
ALR-00264 11h ago Port Scan Detected Critical Investigating WS-LAP-011
ALR-00108 19h ago Anomalous DNS Query Low Open WS-PC-002
ALR-00052 1d ago Port Scan Detected Informational Open SW-CORE-01