Credential Stuffing Attempt
Informational
Escalated
ALR-00229 · 2026-07-06T09:12:15Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Attack Surface Scanner.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
09:12:15
Event ingested by SOC365 Engine
09:12:16
EmilyAI triage started — correlation enrichment
09:12:26
EmilyAI confidence: 79% — escalated to human analyst
09:12:40
Alert assigned to analyst: EmilyAI (auto)
09:15:11
Investigation started — querying SIEM and threat intelligence
09:21:41
Containment action taken — endpoint isolated
09:22:33
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00384 | 4h ago | Port Scan Detected | Informational | Resolved | SRV-FILE-01 |
| ALR-00043 | 8h ago | Pass-the-Hash Detected | Low | Resolved | SRV-FILE-01 |
| ALR-00077 | 9h ago | Phishing Email Blocked | High | Escalated | SRV-FILE-01 |
| ALR-00312 | 9h ago | Failed MFA Challenge | Low | Escalated | SRV-FILE-01 |
| ALR-00286 | 9h ago | Credential Stuffing Attempt | Low | Investigating | SRV-WEB-01 |