Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:44:06 UTC

Certificate Anomaly

Low Investigating
ALR-00185 · 2026-07-08T10:03:36Z

Description

TLS certificate anomaly detected on WS-LAP-010. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00185
Timestamp
2026-07-08T10:03:36Z
Severity
Low
Status
Investigating
Detection Source
Cloud Connector
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-LAP-010
User Account
j.smith
Source IP
185.115.220.227
Destination IP
10.3.196.8
Origin Country
BR Brazil

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

10:03:36 Event ingested by SOC365 Engine
10:03:39 EmilyAI triage started — correlation enrichment
10:03:49 EmilyAI confidence: 87% — escalated to human analyst
10:03:59 Alert assigned to analyst: EmilyAI (auto)
10:04:52 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00464 1h ago Certificate Anomaly Low Escalated WS-LAP-012
ALR-00125 1h ago Certificate Anomaly Low Open WS-PC-004
ALR-00046 9h ago Port Scan Detected Medium False Positive WS-LAP-010
ALR-00373 10h ago Certificate Anomaly Medium Open FW-EDGE-01
ALR-00182 12h ago Ransomware Behaviour Detected Low Open WS-LAP-010