Certificate Anomaly
Medium
Open
ALR-00077 · 2026-07-06T10:33:30Z
Description
TLS certificate anomaly detected on SRV-BACKUP-01. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
10:33:30
Event ingested by SOC365 Engine
10:33:31
EmilyAI triage started — correlation enrichment
10:33:37
EmilyAI confidence: 96% — escalated to human analyst
10:34:01
Alert assigned to analyst: Marcus Webb
10:35:47
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00128 | 13h ago | Unusual Outbound Traffic | Low | Investigating | SRV-BACKUP-01 |
| ALR-00073 | 23h ago | Certificate Anomaly | Informational | Open | SRV-WEB-01 |
| ALR-00272 | 1d ago | Brute Force SSH | Medium | Open | SRV-BACKUP-01 |
| ALR-00139 | 1d ago | Certificate Anomaly | Medium | False Positive | WS-PC-003 |
| ALR-00340 | 1d ago | Shadow IT Discovery | Low | Open | SRV-BACKUP-01 |