Certificate Anomaly
Informational
Resolved
ALR-00240 · 2026-07-09T16:19:07Z
Description
TLS certificate anomaly detected on SRV-BACKUP-01. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
16:19:07
Event ingested by SOC365 Engine
16:19:12
EmilyAI triage started — correlation enrichment
16:19:16
EmilyAI confidence: 80% — escalated to human analyst
16:19:23
Alert assigned to analyst: EmilyAI (auto)
16:21:02
Investigation started — querying SIEM and threat intelligence
16:25:26
Containment action taken — endpoint isolated
16:34:34
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00237 | 2h ago | Ransomware Behaviour Detected | Informational | Resolved | SRV-BACKUP-01 |
| ALR-00260 | 3h ago | Certificate Anomaly | Low | Escalated | SRV-MAIL-01 |
| ALR-00039 | 4h ago | Data Exfiltration Attempt | Low | False Positive | SRV-BACKUP-01 |
| ALR-00298 | 4h ago | Certificate Anomaly | Medium | Escalated | SRV-BACKUP-01 |
| ALR-00289 | 11h ago | Certificate Anomaly | Informational | False Positive | FW-EDGE-01 |