Unusual Outbound Traffic
High
Investigating
ALR-00068 · 2026-07-09T07:33:08Z
Description
Unusual outbound traffic pattern from SRV-MAIL-01 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by SOC365 Engine.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
07:33:08
Event ingested by SOC365 Engine
07:33:10
EmilyAI triage started — correlation enrichment
07:33:18
EmilyAI confidence: 79% — escalated to human analyst
07:33:46
Alert assigned to analyst: James Okonkwo
07:35:35
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00044 | 6h ago | Pass-the-Hash Detected | Low | Resolved | SRV-MAIL-01 |
| ALR-00167 | 8h ago | Unusual Outbound Traffic | Informational | Investigating | WS-PC-002 |
| ALR-00384 | 17h ago | Unusual Outbound Traffic | Informational | Escalated | SRV-FILE-01 |
| ALR-00034 | 18h ago | Unusual Outbound Traffic | Medium | Investigating | FW-EDGE-01 |
| ALR-00402 | 19h ago | Unusual Outbound Traffic | Low | Resolved | SRV-MAIL-01 |