DecoyPulse Honeypot Triggered
Medium
Resolved
ALR-00241 · 2026-07-05T05:29:53Z
Description
DecoyPulse honeypot on AP-WIFI-03 triggered by internal IP. Credentials for decoy admin account used. Zero false positive — investigating.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
05:29:53
Event ingested by SOC365 Engine
05:29:56
EmilyAI triage started — correlation enrichment
05:30:06
EmilyAI confidence: 78% — escalated to human analyst
05:30:11
Alert assigned to analyst: Emma Richardson
05:31:21
Investigation started — querying SIEM and threat intelligence
05:34:02
Containment action taken — endpoint isolated
05:46:19
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00366 | 2h ago | DecoyPulse Honeypot Triggered | Medium | False Positive | WS-PC-004 |
| ALR-00162 | 3h ago | Anomalous DNS Query | Informational | Escalated | AP-WIFI-03 |
| ALR-00313 | 18h ago | DecoyPulse Honeypot Triggered | Informational | Resolved | WS-MAC-005 |
| ALR-00346 | 1d ago | Data Exfiltration Attempt | Medium | Resolved | AP-WIFI-03 |
| ALR-00376 | 1d ago | Unusual Outbound Traffic | High | Investigating | AP-WIFI-03 |