Unusual Outbound Traffic
High
Open
ALR-00176 · 2026-07-08T02:23:18Z
Description
Unusual outbound traffic pattern from WS-MAC-005 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by DecoyPulse.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
02:23:18
Event ingested by SOC365 Engine
02:23:22
EmilyAI triage started — correlation enrichment
02:23:27
EmilyAI confidence: 88% — escalated to human analyst
02:23:52
Alert assigned to analyst: Sarah Chen
02:25:33
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00014 | 6h ago | Unusual Outbound Traffic | Medium | Investigating | SRV-BACKUP-01 |
| ALR-00414 | 9h ago | Unusual Outbound Traffic | High | Investigating | WS-PC-001 |
| ALR-00052 | 13h ago | Unusual Outbound Traffic | Medium | Investigating | WS-PC-001 |
| ALR-00149 | 15h ago | Unusual Outbound Traffic | Informational | Resolved | SRV-APP-01 |
| ALR-00336 | 20h ago | Unusual Outbound Traffic | High | Investigating | SRV-WEB-01 |