Unusual Outbound Traffic
Critical
Escalated
ALR-00088 · 2026-05-26T17:09:59Z
Description
Unusual outbound traffic pattern from WS-LAP-012 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Network IDS.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
17:09:59
Event ingested by SOC365 Engine
17:10:01
EmilyAI triage started — correlation enrichment
17:10:12
EmilyAI confidence: 90% — escalated to human analyst
17:10:42
Alert assigned to analyst: Anika Patel
17:11:26
Investigation started — querying SIEM and threat intelligence
17:13:22
Containment action taken — endpoint isolated
17:20:08
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00476 | 21m ago | Unusual Outbound Traffic | Medium | False Positive | VM-DEV-01 |
| ALR-00175 | 4h ago | Unusual Outbound Traffic | Low | False Positive | WS-LAP-012 |
| ALR-00328 | 6h ago | Unusual Outbound Traffic | High | Open | SRV-MAIL-01 |
| ALR-00003 | 6h ago | Privilege Escalation Attempt | Low | Investigating | WS-LAP-012 |
| ALR-00470 | 17h ago | Rogue DHCP Server | Low | False Positive | WS-LAP-012 |