Tor Exit Node Connection
Informational
False Positive
ALR-00155 · 2026-07-10T03:39:53Z
Description
Connection from FW-EDGE-01 to known Tor exit node detected by EmilyAI Triage. User 'h.roberts' was active at the time.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
03:39:53
Event ingested by SOC365 Engine
03:39:56
EmilyAI triage started — correlation enrichment
03:40:08
EmilyAI confidence: 95% — escalated to human analyst
03:40:12
Alert assigned to analyst: EmilyAI (auto)
03:41:12
Investigation started — querying SIEM and threat intelligence
03:43:22
Containment action taken — endpoint isolated
03:59:04
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00431 | 56m ago | Port Scan Detected | Informational | Resolved | FW-EDGE-01 |
| ALR-00143 | 57m ago | Tor Exit Node Connection | Low | Open | SW-CORE-01 |
| ALR-00498 | 59m ago | Tor Exit Node Connection | Low | Escalated | WS-PC-003 |
| ALR-00387 | 11h ago | Ransomware Behaviour Detected | Medium | Escalated | FW-EDGE-01 |
| ALR-00410 | 13h ago | Tor Exit Node Connection | Low | False Positive | SRV-SQL-01 |