Certificate Anomaly
Medium
Investigating
ALR-00286 · 2026-07-10T00:21:26Z
Description
TLS certificate anomaly detected on WS-LAP-010. Self-signed certificate on port 443 does not match expected corporate CA chain.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
00:21:26
Event ingested by SOC365 Engine
00:21:27
EmilyAI triage started — correlation enrichment
00:21:35
EmilyAI confidence: 83% — escalated to human analyst
00:22:10
Alert assigned to analyst: Emma Richardson
00:23:43
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00065 | 3h ago | Shadow IT Discovery | Low | Open | WS-LAP-010 |
| ALR-00085 | 15h ago | DecoyPulse Honeypot Triggered | Medium | Resolved | WS-LAP-010 |
| ALR-00422 | 17h ago | Tor Exit Node Connection | Critical | Escalated | WS-LAP-010 |
| ALR-00456 | 21h ago | Pass-the-Hash Detected | Medium | Investigating | WS-LAP-010 |
| ALR-00445 | 1d ago | Kerberoasting Attempt | Low | Open | WS-LAP-010 |