Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 20:38:45 UTC

C2 Beacon Activity

Low False Positive
ALR-00117 · 2026-07-11T18:46:51Z

Description

Suspected C2 beacon detected from SRV-DC-01. Regular 60-second interval HTTPS POST to suspicious domain. EmilyAI Triage blocked outbound.

Alert Metadata

Alert ID
ALR-00117
Timestamp
2026-07-11T18:46:51Z
Severity
Low
Status
False Positive
Detection Source
EmilyAI Triage
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-DC-01
User Account
h.roberts
Source IP
91.151.195.63
Destination IP
10.2.216.132
Origin Country
US United States

MITRE ATT&CK Mapping

Tactic
Command and Control
Technique
T1071.001
Reference
attack.mitre.org/techniques/T1071.001

Investigation Timeline

18:46:51 Event ingested by SOC365 Engine
18:46:55 EmilyAI triage started — correlation enrichment
18:47:01 EmilyAI confidence: 84% — escalated to human analyst
18:47:09 Alert assigned to analyst: EmilyAI (auto)
18:49:46 Investigation started — querying SIEM and threat intelligence
18:51:46 Containment action taken — endpoint isolated
19:03:42 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00033 11h ago Ransomware Behaviour Detected High Investigating SRV-DC-01
ALR-00215 23h ago Pass-the-Hash Detected Low Open SRV-DC-01
ALR-00056 1d ago Suspicious PowerShell Execution Low Open SRV-DC-01
ALR-00182 1d ago Port Scan Detected Low Investigating SRV-DC-01
ALR-00477 1d ago Phishing Email Blocked Medium Investigating SRV-DC-01