Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:39:06 UTC

C2 Beacon Activity

Medium Escalated
ALR-00076 · 2026-07-05T20:40:08Z

Description

Suspected C2 beacon detected from SRV-WEB-01. Regular 60-second interval HTTPS POST to suspicious domain. SOC365 Engine blocked outbound.

Alert Metadata

Alert ID
ALR-00076
Timestamp
2026-07-05T20:40:08Z
Severity
Medium
Status
Escalated
Detection Source
SOC365 Engine
Assigned Analyst
Anika Patel

Endpoint Information

Hostname
SRV-WEB-01
User Account
a.wilson
Source IP
103.115.216.135
Destination IP
10.1.127.232
Origin Country
NG Nigeria

MITRE ATT&CK Mapping

Tactic
Command and Control
Technique
T1071.001
Reference
attack.mitre.org/techniques/T1071.001

Investigation Timeline

20:40:08 Event ingested by SOC365 Engine
20:40:10 EmilyAI triage started — correlation enrichment
20:40:20 EmilyAI confidence: 91% — escalated to human analyst
20:40:40 Alert assigned to analyst: Anika Patel
20:42:44 Investigation started — querying SIEM and threat intelligence
20:48:55 Containment action taken — endpoint isolated
20:55:30 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00369 5h ago C2 Beacon Activity Informational Resolved WS-PC-003
ALR-00199 7h ago C2 Beacon Activity Low Resolved SRV-BACKUP-01
ALR-00025 14h ago Unusual Outbound Traffic Low Investigating SRV-WEB-01
ALR-00186 1d ago Port Scan Detected Low Resolved SRV-WEB-01
ALR-00109 1d ago Credential Stuffing Attempt High Investigating SRV-WEB-01