C2 Beacon Activity
High
Escalated
ALR-00239 · 2026-07-05T02:56:57Z
Description
Suspected C2 beacon detected from SRV-WEB-01. Regular 60-second interval HTTPS POST to suspicious domain. DLP Module blocked outbound.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
02:56:57
Event ingested by SOC365 Engine
02:57:00
EmilyAI triage started — correlation enrichment
02:57:11
EmilyAI confidence: 91% — escalated to human analyst
02:57:17
Alert assigned to analyst: Emma Richardson
02:59:51
Investigation started — querying SIEM and threat intelligence
03:04:44
Containment action taken — endpoint isolated
03:16:56
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00337 | 52m ago | Malware Signature Match | Informational | Investigating | SRV-WEB-01 |
| ALR-00349 | 10h ago | Credential Stuffing Attempt | Low | Resolved | SRV-WEB-01 |
| ALR-00499 | 16h ago | Port Scan Detected | Medium | Open | SRV-WEB-01 |
| ALR-00458 | 19h ago | Lateral Movement Detected | High | Open | SRV-WEB-01 |
| ALR-00438 | 22h ago | Unauthorised USB Device | Informational | Open | SRV-WEB-01 |