Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:04:11 UTC

Certificate Anomaly

Informational Open
ALR-00169 · 2026-05-23T05:47:21Z

Description

TLS certificate anomaly detected on AP-WIFI-03. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00169
Timestamp
2026-05-23T05:47:21Z
Severity
Informational
Status
Open
Detection Source
Firewall
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
AP-WIFI-03
User Account
d.walker
Source IP
45.230.148.120
Destination IP
10.2.89.198
Origin Country
UA Ukraine

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

05:47:21 Event ingested by SOC365 Engine
05:47:24 EmilyAI triage started — correlation enrichment
05:47:36 EmilyAI confidence: 98% — escalated to human analyst
05:48:05 Alert assigned to analyst: EmilyAI (auto)
05:49:44 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00296 3h ago Certificate Anomaly Low False Positive FW-EDGE-01
ALR-00174 14h ago Certificate Anomaly Informational False Positive SRV-WEB-01
ALR-00132 15h ago Certificate Anomaly Low False Positive WS-LAP-011
ALR-00449 1d ago Certificate Anomaly Medium Escalated SRV-DC-01
ALR-00023 1d ago DecoyPulse Honeypot Triggered High Escalated AP-WIFI-03