Credential Stuffing Attempt
Medium
Open
ALR-00174 · 2026-05-21T14:41:38Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by DLP Module.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
14:41:38
Event ingested by SOC365 Engine
14:41:41
EmilyAI triage started — correlation enrichment
14:41:53
EmilyAI confidence: 88% — escalated to human analyst
14:42:19
Alert assigned to analyst: Anika Patel
14:43:14
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00168 | 3h ago | Credential Stuffing Attempt | Medium | Escalated | SRV-MAIL-01 |
| ALR-00472 | 4h ago | Certificate Anomaly | Low | False Positive | WS-PC-006 |
| ALR-00474 | 7h ago | Privilege Escalation Attempt | Medium | Investigating | WS-PC-006 |
| ALR-00341 | 16h ago | Rogue DHCP Server | Medium | Escalated | WS-PC-006 |
| ALR-00095 | 23h ago | Port Scan Detected | Medium | Resolved | WS-PC-006 |