Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:37:25 UTC

Port Scan Detected

High Investigating
ALR-00076 · 2026-07-07T23:35:23Z

Description

Sequential port scan (1-1024) detected targeting WS-LAP-012 from external IP. Network IDS identified SYN scan pattern.

Alert Metadata

Alert ID
ALR-00076
Timestamp
2026-07-07T23:35:23Z
Severity
High
Status
Investigating
Detection Source
Network IDS
Assigned Analyst
James Okonkwo

Endpoint Information

Hostname
WS-LAP-012
User Account
a.wilson
Source IP
45.36.148.34
Destination IP
10.3.214.46
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Reconnaissance
Technique
T1046
Reference
attack.mitre.org/techniques/T1046

Investigation Timeline

23:35:23 Event ingested by SOC365 Engine
23:35:26 EmilyAI triage started — correlation enrichment
23:35:28 EmilyAI confidence: 83% — escalated to human analyst
23:36:02 Alert assigned to analyst: James Okonkwo
23:37:18 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00081 14h ago Malware Signature Match Low Open WS-LAP-012
ALR-00433 18h ago Port Scan Detected Informational Open SRV-FILE-01
ALR-00341 21h ago Brute Force SSH Medium Resolved WS-LAP-012
ALR-00217 21h ago Unauthorised USB Device Medium Open WS-LAP-012
ALR-00258 1d ago Port Scan Detected Informational Investigating WS-LAP-012