Certificate Anomaly
Medium
Escalated
ALR-00100 · 2026-04-11T16:41:13Z
Description
TLS certificate anomaly detected on WS-PC-002. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
16:41:13
Event ingested by SOC365 Engine
16:41:16
EmilyAI triage started — correlation enrichment
16:41:20
EmilyAI confidence: 82% — escalated to human analyst
16:41:42
Alert assigned to analyst: Emma Richardson
16:42:05
Investigation started — querying SIEM and threat intelligence
16:47:12
Containment action taken — endpoint isolated
16:51:25
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00342 | 14m ago | Certificate Anomaly | Informational | Investigating | SRV-DC-01 |
| ALR-00429 | 1h ago | Certificate Anomaly | Informational | Escalated | FW-EDGE-01 |
| ALR-00081 | 5h ago | Certificate Anomaly | Medium | Open | AP-WIFI-03 |
| ALR-00072 | 16h ago | Rogue DHCP Server | Informational | Open | WS-PC-002 |
| ALR-00439 | 1d ago | Certificate Anomaly | Critical | Escalated | WS-PC-006 |