Unusual Outbound Traffic
Low
False Positive
ALR-00212 · 2026-07-09T23:20:07Z
Description
Unusual outbound traffic pattern from WS-PC-004 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by Network IDS.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
23:20:07
Event ingested by SOC365 Engine
23:20:11
EmilyAI triage started — correlation enrichment
23:20:14
EmilyAI confidence: 96% — escalated to human analyst
23:20:37
Alert assigned to analyst: EmilyAI (auto)
23:22:30
Investigation started — querying SIEM and threat intelligence
23:29:20
Containment action taken — endpoint isolated
23:34:26
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00260 | 3h ago | Ransomware Behaviour Detected | Informational | Escalated | WS-PC-004 |
| ALR-00134 | 6h ago | Unusual Outbound Traffic | Informational | Resolved | SRV-BACKUP-01 |
| ALR-00370 | 7h ago | Unusual Outbound Traffic | Medium | Escalated | SRV-WEB-01 |
| ALR-00010 | 8h ago | Failed MFA Challenge | Informational | Open | WS-PC-004 |
| ALR-00190 | 13h ago | Unusual Outbound Traffic | Informational | Escalated | SRV-DC-01 |