Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:09:15 UTC

Certificate Anomaly

Low Investigating
ALR-00169 · 2026-05-22T02:33:24Z

Description

TLS certificate anomaly detected on SRV-FILE-01. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00169
Timestamp
2026-05-22T02:33:24Z
Severity
Low
Status
Investigating
Detection Source
Network IDS
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-FILE-01
User Account
c.williams
Source IP
185.77.220.234
Destination IP
10.0.64.164
Origin Country
RO Romania

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

02:33:24 Event ingested by SOC365 Engine
02:33:28 EmilyAI triage started — correlation enrichment
02:33:33 EmilyAI confidence: 92% — escalated to human analyst
02:34:00 Alert assigned to analyst: EmilyAI (auto)
02:35:18 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00426 5h ago Malware Signature Match Low Escalated SRV-FILE-01
ALR-00463 7h ago Privilege Escalation Attempt Informational Investigating SRV-FILE-01
ALR-00427 11h ago Privilege Escalation Attempt Low Open SRV-FILE-01
ALR-00221 12h ago Certificate Anomaly Medium Open SRV-APP-01
ALR-00274 14h ago Certificate Anomaly Low Open WS-PC-003