Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 21:56:45 UTC

Credential Stuffing Attempt

Low Resolved
ALR-00127 · 2026-07-10T05:47:25Z

Description

Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by SOC365 Engine.

Alert Metadata

Alert ID
ALR-00127
Timestamp
2026-07-10T05:47:25Z
Severity
Low
Status
Resolved
Detection Source
SOC365 Engine
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-BACKUP-01
User Account
system
Source IP
194.63.62.191
Destination IP
10.2.241.209
Origin Country
US United States

MITRE ATT&CK Mapping

Tactic
Credential Access
Technique
T1110.004
Reference
attack.mitre.org/techniques/T1110.004

Investigation Timeline

05:47:25 Event ingested by SOC365 Engine
05:47:28 EmilyAI triage started — correlation enrichment
05:47:40 EmilyAI confidence: 90% — escalated to human analyst
05:47:47 Alert assigned to analyst: EmilyAI (auto)
05:49:36 Investigation started — querying SIEM and threat intelligence
05:55:24 Containment action taken — endpoint isolated
06:07:09 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00486 6h ago Phishing Email Blocked Low Resolved SRV-BACKUP-01
ALR-00496 6h ago Ransomware Behaviour Detected Medium Escalated SRV-BACKUP-01
ALR-00284 7h ago Brute Force SSH Low Resolved SRV-BACKUP-01
ALR-00493 13h ago Credential Stuffing Attempt Medium Escalated SRV-SQL-01
ALR-00106 18h ago Credential Stuffing Attempt Medium Investigating SRV-BACKUP-01