Lateral Movement Detected
High
Investigating
ALR-00101 · 2026-07-09T13:34:35Z
Description
Email Gateway detected lateral movement from WS-PC-006 to SRV-DC-01 using user 'e.evans' credentials. SMB admin shares accessed.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
13:34:35
Event ingested by SOC365 Engine
13:34:37
EmilyAI triage started — correlation enrichment
13:34:43
EmilyAI confidence: 82% — escalated to human analyst
13:35:11
Alert assigned to analyst: Marcus Webb
13:35:26
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00095 | 3h ago | Failed MFA Challenge | Low | Escalated | WS-PC-006 |
| ALR-00480 | 5h ago | Lateral Movement Detected | Medium | False Positive | WS-PC-001 |
| ALR-00261 | 5h ago | Lateral Movement Detected | Medium | Resolved | SRV-APP-01 |
| ALR-00075 | 7h ago | Unusual Outbound Traffic | Low | Investigating | WS-PC-006 |
| ALR-00442 | 11h ago | Pass-the-Hash Detected | Low | Open | WS-PC-006 |