Unusual Outbound Traffic
Low
Open
ALR-00118 · 2026-07-08T22:57:22Z
Description
Unusual outbound traffic pattern from WS-LAP-012 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Attack Surface Scanner.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
22:57:22
Event ingested by SOC365 Engine
22:57:27
EmilyAI triage started — correlation enrichment
22:57:36
EmilyAI confidence: 79% — escalated to human analyst
22:57:59
Alert assigned to analyst: EmilyAI (auto)
22:59:42
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00273 | 6h ago | Lateral Movement Detected | Medium | Resolved | WS-LAP-012 |
| ALR-00192 | 7h ago | DLP Policy Violation | Low | False Positive | WS-LAP-012 |
| ALR-00231 | 9h ago | Data Exfiltration Attempt | High | Investigating | WS-LAP-012 |
| ALR-00355 | 13h ago | DecoyPulse Honeypot Triggered | Medium | Escalated | WS-LAP-012 |
| ALR-00091 | 15h ago | Privilege Escalation Attempt | Informational | False Positive | WS-LAP-012 |