Certificate Anomaly
Low
Investigating
ALR-00185 · 2026-07-08T10:03:36Z
Description
TLS certificate anomaly detected on WS-LAP-010. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
10:03:36
Event ingested by SOC365 Engine
10:03:39
EmilyAI triage started — correlation enrichment
10:03:49
EmilyAI confidence: 87% — escalated to human analyst
10:03:59
Alert assigned to analyst: EmilyAI (auto)
10:04:52
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00464 | 1h ago | Certificate Anomaly | Low | Escalated | WS-LAP-012 |
| ALR-00125 | 1h ago | Certificate Anomaly | Low | Open | WS-PC-004 |
| ALR-00046 | 9h ago | Port Scan Detected | Medium | False Positive | WS-LAP-010 |
| ALR-00373 | 10h ago | Certificate Anomaly | Medium | Open | FW-EDGE-01 |
| ALR-00182 | 12h ago | Ransomware Behaviour Detected | Low | Open | WS-LAP-010 |