Certificate Anomaly
Medium
Investigating
ALR-00249 · 2026-07-08T01:04:58Z
Description
TLS certificate anomaly detected on SRV-BACKUP-01. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
01:04:58
Event ingested by SOC365 Engine
01:05:02
EmilyAI triage started — correlation enrichment
01:05:07
EmilyAI confidence: 84% — escalated to human analyst
01:05:27
Alert assigned to analyst: Marcus Webb
01:05:51
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00481 | 4h ago | Anomalous DNS Query | High | Investigating | SRV-BACKUP-01 |
| ALR-00360 | 20h ago | DecoyPulse Honeypot Triggered | Low | Resolved | SRV-BACKUP-01 |
| ALR-00259 | 23h ago | Shadow IT Discovery | Medium | Escalated | SRV-BACKUP-01 |
| ALR-00167 | 1d ago | Certificate Anomaly | Low | Escalated | SRV-BACKUP-01 |
| ALR-00304 | 1d ago | Certificate Anomaly | Informational | Escalated | AP-WIFI-03 |