Credential Stuffing Attempt
Low
Investigating
ALR-00125 · 2026-07-11T03:05:42Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Endpoint Agent.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
03:05:42
Event ingested by SOC365 Engine
03:05:43
EmilyAI triage started — correlation enrichment
03:05:47
EmilyAI confidence: 89% — escalated to human analyst
03:06:10
Alert assigned to analyst: EmilyAI (auto)
03:06:32
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00464 | 8h ago | Credential Stuffing Attempt | Medium | Escalated | SRV-DC-01 |
| ALR-00437 | 18h ago | Shadow IT Discovery | Medium | Resolved | WS-MAC-005 |
| ALR-00053 | 1d ago | Credential Stuffing Attempt | Low | False Positive | SW-CORE-01 |
| ALR-00151 | 1d ago | Brute Force SSH | Low | False Positive | WS-MAC-005 |
| ALR-00097 | 1d ago | Data Exfiltration Attempt | Low | Investigating | WS-MAC-005 |