Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:07:29 UTC

Lateral Movement Detected

Medium Resolved
ALR-00154 · 2026-05-21T04:57:10Z

Description

EmilyAI Triage detected lateral movement from SRV-MAIL-01 to SRV-DC-01 using user 's.jones' credentials. SMB admin shares accessed.

Alert Metadata

Alert ID
ALR-00154
Timestamp
2026-05-21T04:57:10Z
Severity
Medium
Status
Resolved
Detection Source
EmilyAI Triage
Assigned Analyst
Emma Richardson

Endpoint Information

Hostname
SRV-MAIL-01
User Account
s.jones
Source IP
45.176.148.180
Destination IP
10.2.181.49
Origin Country
FR France

MITRE ATT&CK Mapping

Tactic
Lateral Movement
Technique
T1021.002
Reference
attack.mitre.org/techniques/T1021.002

Investigation Timeline

04:57:10 Event ingested by SOC365 Engine
04:57:12 EmilyAI triage started — correlation enrichment
04:57:22 EmilyAI confidence: 84% — escalated to human analyst
04:57:28 Alert assigned to analyst: Emma Richardson
04:59:54 Investigation started — querying SIEM and threat intelligence
05:01:51 Containment action taken — endpoint isolated
05:12:13 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00478 16h ago Certificate Anomaly Medium Resolved SRV-MAIL-01
ALR-00467 19h ago Lateral Movement Detected Medium Investigating WS-LAP-010
ALR-00128 20h ago Lateral Movement Detected Informational Resolved SRV-MAIL-01
ALR-00061 1d ago Kerberoasting Attempt Medium False Positive SRV-MAIL-01
ALR-00320 1d ago C2 Beacon Activity High Escalated SRV-MAIL-01