Credential Stuffing Attempt
Medium
Open
ALR-00098 · 2026-07-08T05:46:35Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by DLP Module.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
05:46:35
Event ingested by SOC365 Engine
05:46:39
EmilyAI triage started — correlation enrichment
05:46:41
EmilyAI confidence: 90% — escalated to human analyst
05:47:16
Alert assigned to analyst: Sarah Chen
05:49:26
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00391 | 33m ago | Suspicious PowerShell Execution | Medium | Escalated | SRV-WEB-01 |
| ALR-00127 | 57m ago | Credential Stuffing Attempt | Low | Investigating | SRV-MAIL-01 |
| ALR-00181 | 9h ago | Insider Threat Indicator | Low | False Positive | SRV-WEB-01 |
| ALR-00344 | 15h ago | Lateral Movement Detected | Informational | Escalated | SRV-WEB-01 |
| ALR-00282 | 15h ago | Credential Stuffing Attempt | Informational | Open | WS-MAC-005 |