Unusual Outbound Traffic
Medium
Open
ALR-00289 · 2026-07-06T18:36:11Z
Description
Unusual outbound traffic pattern from WS-LAP-011 to IP in Eastern Europe. 450MB transferred over non-standard port. Flagged by EmilyAI Triage.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
18:36:11
Event ingested by SOC365 Engine
18:36:14
EmilyAI triage started — correlation enrichment
18:36:24
EmilyAI confidence: 85% — escalated to human analyst
18:36:27
Alert assigned to analyst: Marcus Webb
18:38:32
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00068 | 2h ago | Phishing Email Blocked | Low | Escalated | WS-LAP-011 |
| ALR-00157 | 2h ago | Anomalous DNS Query | Low | Investigating | WS-LAP-011 |
| ALR-00388 | 4h ago | Unusual Outbound Traffic | Informational | False Positive | SRV-MAIL-01 |
| ALR-00202 | 5h ago | C2 Beacon Activity | Informational | False Positive | WS-LAP-011 |
| ALR-00089 | 5h ago | Ransomware Behaviour Detected | Medium | False Positive | WS-LAP-011 |