Credential Stuffing Attempt
Medium
Escalated
ALR-00083 · 2026-07-09T09:01:32Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Endpoint Agent.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
09:01:32
Event ingested by SOC365 Engine
09:01:34
EmilyAI triage started — correlation enrichment
09:01:45
EmilyAI confidence: 94% — escalated to human analyst
09:02:05
Alert assigned to analyst: Marcus Webb
09:03:25
Investigation started — querying SIEM and threat intelligence
09:09:30
Containment action taken — endpoint isolated
09:13:08
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00170 | 2h ago | Credential Stuffing Attempt | Low | Investigating | VM-DEV-01 |
| ALR-00275 | 11h ago | Kerberoasting Attempt | Medium | Open | WS-PC-002 |
| ALR-00056 | 12h ago | Credential Stuffing Attempt | Low | Resolved | WS-PC-006 |
| ALR-00133 | 14h ago | Tor Exit Node Connection | Low | False Positive | WS-PC-002 |
| ALR-00294 | 17h ago | Credential Stuffing Attempt | Low | Escalated | WS-PC-006 |