Credential Stuffing Attempt
Critical
Open
ALR-00189 · 2026-07-08T01:21:15Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Endpoint Agent.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
01:21:15
Event ingested by SOC365 Engine
01:21:18
EmilyAI triage started — correlation enrichment
01:21:25
EmilyAI confidence: 81% — escalated to human analyst
01:21:53
Alert assigned to analyst: James Okonkwo
01:23:46
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00113 | 45m ago | Credential Stuffing Attempt | Medium | Open | SRV-DC-01 |
| ALR-00090 | 2h ago | Credential Stuffing Attempt | Informational | Escalated | WS-PC-002 |
| ALR-00110 | 3h ago | DLP Policy Violation | Critical | Open | VM-DEV-01 |
| ALR-00444 | 9h ago | Credential Stuffing Attempt | Low | Investigating | SRV-BACKUP-01 |
| ALR-00021 | 14h ago | Credential Stuffing Attempt | Low | Investigating | VM-DEV-01 |