Unusual Outbound Traffic
High
Open
ALR-00243 · 2026-07-10T17:52:37Z
Description
Unusual outbound traffic pattern from SRV-WEB-01 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by SOC365 Engine.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
17:52:37
Event ingested by SOC365 Engine
17:52:38
EmilyAI triage started — correlation enrichment
17:52:45
EmilyAI confidence: 83% — escalated to human analyst
17:53:02
Alert assigned to analyst: James Okonkwo
17:53:58
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00135 | 4m ago | Anomalous DNS Query | Medium | Open | SRV-WEB-01 |
| ALR-00009 | 5h ago | Phishing Email Blocked | Medium | Escalated | SRV-WEB-01 |
| ALR-00338 | 9h ago | Rogue DHCP Server | Informational | False Positive | SRV-WEB-01 |
| ALR-00170 | 9h ago | Malware Signature Match | Low | Escalated | SRV-WEB-01 |
| ALR-00165 | 9h ago | Unusual Outbound Traffic | Informational | Resolved | WS-PC-003 |