Certificate Anomaly
High
Open
ALR-00095 · 2026-07-11T00:28:32Z
Description
TLS certificate anomaly detected on FW-EDGE-01. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
00:28:32
Event ingested by SOC365 Engine
00:28:35
EmilyAI triage started — correlation enrichment
00:28:47
EmilyAI confidence: 83% — escalated to human analyst
00:29:11
Alert assigned to analyst: Marcus Webb
00:29:46
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00207 | 47m ago | Suspicious Scheduled Task | Medium | Resolved | FW-EDGE-01 |
| ALR-00369 | 1h ago | Lateral Movement Detected | Low | Investigating | FW-EDGE-01 |
| ALR-00270 | 3h ago | Lateral Movement Detected | Medium | Open | FW-EDGE-01 |
| ALR-00460 | 4h ago | Suspicious Scheduled Task | Low | Escalated | FW-EDGE-01 |
| ALR-00031 | 8h ago | Privilege Escalation Attempt | Low | Investigating | FW-EDGE-01 |