Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:26:20 UTC

C2 Beacon Activity

Medium Escalated
ALR-00184 · 2026-04-10T01:38:44Z

Description

Suspected C2 beacon detected from AP-WIFI-03. Regular 60-second interval HTTPS POST to suspicious domain. EmilyAI Triage blocked outbound.

Alert Metadata

Alert ID
ALR-00184
Timestamp
2026-04-10T01:38:44Z
Severity
Medium
Status
Escalated
Detection Source
EmilyAI Triage
Assigned Analyst
Marcus Webb

Endpoint Information

Hostname
AP-WIFI-03
User Account
p.thomas
Source IP
185.121.220.204
Destination IP
10.0.202.130
Origin Country
CN China

MITRE ATT&CK Mapping

Tactic
Command and Control
Technique
T1071.001
Reference
attack.mitre.org/techniques/T1071.001

Investigation Timeline

01:38:44 Event ingested by SOC365 Engine
01:38:48 EmilyAI triage started — correlation enrichment
01:38:53 EmilyAI confidence: 87% — escalated to human analyst
01:39:05 Alert assigned to analyst: Marcus Webb
01:41:09 Investigation started — querying SIEM and threat intelligence
01:43:31 Containment action taken — endpoint isolated
01:54:40 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00012 2h ago C2 Beacon Activity Low Open SRV-DC-01
ALR-00447 4h ago Shadow IT Discovery Medium False Positive AP-WIFI-03
ALR-00286 8h ago C2 Beacon Activity Low Investigating SRV-APP-01
ALR-00420 10h ago C2 Beacon Activity Medium Investigating FW-EDGE-01
ALR-00014 13h ago C2 Beacon Activity Low Resolved WS-PC-006