Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:41:27 UTC

Lateral Movement Detected

Informational Open
ALR-00088 · 2026-07-05T11:16:33Z

Description

SOC365 Engine detected lateral movement from SRV-FILE-01 to SRV-DC-01 using user 'k.brown' credentials. SMB admin shares accessed.

Alert Metadata

Alert ID
ALR-00088
Timestamp
2026-07-05T11:16:33Z
Severity
Informational
Status
Open
Detection Source
SOC365 Engine
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-FILE-01
User Account
k.brown
Source IP
194.201.62.53
Destination IP
10.3.62.192
Origin Country
DE Germany

MITRE ATT&CK Mapping

Tactic
Lateral Movement
Technique
T1021.002
Reference
attack.mitre.org/techniques/T1021.002

Investigation Timeline

11:16:33 Event ingested by SOC365 Engine
11:16:35 EmilyAI triage started — correlation enrichment
11:16:42 EmilyAI confidence: 87% — escalated to human analyst
11:17:01 Alert assigned to analyst: EmilyAI (auto)
11:19:06 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00179 1h ago Phishing Email Blocked Informational Open SRV-FILE-01
ALR-00452 3h ago Lateral Movement Detected Low Investigating SRV-APP-01
ALR-00409 9h ago Lateral Movement Detected Informational Escalated FW-EDGE-01
ALR-00151 20h ago Lateral Movement Detected Medium Resolved SRV-WEB-01
ALR-00484 21h ago Lateral Movement Detected Informational Resolved SRV-MAIL-01