Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:02:37 UTC

Certificate Anomaly

Informational Escalated
ALR-00212 · 2026-05-26T08:21:54Z

Description

TLS certificate anomaly detected on WS-LAP-012. Self-signed certificate on port 443 does not match expected corporate CA chain.

Alert Metadata

Alert ID
ALR-00212
Timestamp
2026-05-26T08:21:54Z
Severity
Informational
Status
Escalated
Detection Source
DLP Module
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-LAP-012
User Account
system
Source IP
194.39.62.123
Destination IP
10.3.14.246
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Defence Evasion
Technique
T1553.004
Reference
attack.mitre.org/techniques/T1553.004

Investigation Timeline

08:21:54 Event ingested by SOC365 Engine
08:21:56 EmilyAI triage started — correlation enrichment
08:22:09 EmilyAI confidence: 90% — escalated to human analyst
08:22:37 Alert assigned to analyst: EmilyAI (auto)
08:23:47 Investigation started — querying SIEM and threat intelligence
08:31:07 Containment action taken — endpoint isolated
08:41:11 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00169 49m ago DecoyPulse Honeypot Triggered Medium Open WS-LAP-012
ALR-00293 3h ago Ransomware Behaviour Detected Low False Positive WS-LAP-012
ALR-00401 6h ago Lateral Movement Detected Informational Investigating WS-LAP-012
ALR-00414 10h ago Certificate Anomaly High Escalated FW-EDGE-01
ALR-00084 11h ago Suspicious Scheduled Task Medium Investigating WS-LAP-012