Certificate Anomaly
Informational
Open
ALR-00138 · 2026-05-26T01:23:59Z
Description
TLS certificate anomaly detected on WS-LAP-010. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
01:23:59
Event ingested by SOC365 Engine
01:24:01
EmilyAI triage started — correlation enrichment
01:24:04
EmilyAI confidence: 87% — escalated to human analyst
01:24:42
Alert assigned to analyst: EmilyAI (auto)
01:25:21
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00119 | 1h ago | Insider Threat Indicator | Medium | Escalated | WS-LAP-010 |
| ALR-00221 | 12h ago | Certificate Anomaly | Medium | Open | SRV-APP-01 |
| ALR-00274 | 14h ago | Certificate Anomaly | Low | Open | WS-PC-003 |
| ALR-00247 | 16h ago | Anomalous DNS Query | High | Investigating | WS-LAP-010 |
| ALR-00208 | 1d ago | Certificate Anomaly | High | Escalated | SW-CORE-01 |