Port Scan Detected
High
Investigating
ALR-00076 · 2026-07-07T23:35:23Z
Description
Sequential port scan (1-1024) detected targeting WS-LAP-012 from external IP. Network IDS identified SYN scan pattern.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
23:35:23
Event ingested by SOC365 Engine
23:35:26
EmilyAI triage started — correlation enrichment
23:35:28
EmilyAI confidence: 83% — escalated to human analyst
23:36:02
Alert assigned to analyst: James Okonkwo
23:37:18
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00081 | 14h ago | Malware Signature Match | Low | Open | WS-LAP-012 |
| ALR-00433 | 18h ago | Port Scan Detected | Informational | Open | SRV-FILE-01 |
| ALR-00341 | 21h ago | Brute Force SSH | Medium | Resolved | WS-LAP-012 |
| ALR-00217 | 21h ago | Unauthorised USB Device | Medium | Open | WS-LAP-012 |
| ALR-00258 | 1d ago | Port Scan Detected | Informational | Investigating | WS-LAP-012 |