Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 20:46:57 UTC

Certificate Anomaly

Low Open
ALR-00153 · 2026-07-07T16:43:09Z

Description

TLS certificate anomaly detected on WS-PC-002. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00153
Timestamp
2026-07-07T16:43:09Z
Severity
Low
Status
Open
Detection Source
Attack Surface Scanner
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-002
User Account
h.roberts
Source IP
103.34.216.243
Destination IP
10.0.18.66
Origin Country
GB United Kingdom

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

16:43:09 Event ingested by SOC365 Engine
16:43:13 EmilyAI triage started — correlation enrichment
16:43:14 EmilyAI confidence: 92% — escalated to human analyst
16:43:47 Alert assigned to analyst: EmilyAI (auto)
16:44:38 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00149 1h ago Certificate Anomaly Informational Open VM-DEV-01
ALR-00070 3h ago Privilege Escalation Attempt Medium Open WS-PC-002
ALR-00447 7h ago Credential Stuffing Attempt Critical Investigating WS-PC-002
ALR-00448 15h ago Unusual Outbound Traffic Medium Resolved WS-PC-002
ALR-00258 16h ago Anomalous DNS Query Low Investigating WS-PC-002